From f8984e25823aa7e49665297ba11bc7bf0e525bac Mon Sep 17 00:00:00 2001 From: Kevin McKee Date: Wed, 16 Jul 2025 15:20:49 -0700 Subject: [PATCH] Removing the ill conceived OAuth.URLProtocol --- Sources/OAuthKit/OAuth+Provider.swift | 10 +- Sources/OAuthKit/OAuth+URLProtocol.swift | 158 ------------------ Sources/OAuthKit/OAuth.swift | 10 -- .../OAuthKit.docc/Extensions/OAuth.md | 3 - .../OAuthKit.docc/Extensions/URLProtocol.md | 20 --- .../url-protocol-step-1.swift | 4 - .../url-protocol-step-2.swift | 14 -- .../url-protocol-step-3.swift | 13 -- .../url-protocol-step-4.swift | 7 - .../OAuthKit.docc/Tutorials/Contents.tutorial | 10 +- .../Tutorials/FlowsStates.tutorial | 2 - .../Tutorials/URLProtocol.tutorial | 40 ----- Tests/OAuthKitTests/CodableTests.swift | 3 +- Tests/OAuthKitTests/OAuthTests.swift | 100 ----------- Tests/OAuthKitTests/Resources/oauth.json | 3 +- 15 files changed, 4 insertions(+), 393 deletions(-) delete mode 100644 Sources/OAuthKit/OAuth+URLProtocol.swift delete mode 100644 Sources/OAuthKit/OAuthKit.docc/Extensions/URLProtocol.md delete mode 100644 Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-1.swift delete mode 100644 Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-2.swift delete mode 100644 Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-3.swift delete mode 100644 Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-4.swift delete mode 100644 Sources/OAuthKit/OAuthKit.docc/Tutorials/URLProtocol.tutorial diff --git a/Sources/OAuthKit/OAuth+Provider.swift b/Sources/OAuthKit/OAuth+Provider.swift index 9aff6b2..286e2c2 100644 --- a/Sources/OAuthKit/OAuth+Provider.swift +++ b/Sources/OAuthKit/OAuth+Provider.swift @@ -40,9 +40,6 @@ extension OAuth { public var customUserAgent: String? /// Enables provider debugging. Off by default. public var debug: Bool - /// An optional regex that can be used in conjuction with the ``OAuth/URLProtocol`` class to intercept outbound requests - /// and inject an `Authorization: Bearer <>` header into a request. - public var authorizationPattern: String? /// The coding keys. enum CodingKeys: String, CodingKey { @@ -58,7 +55,6 @@ extension OAuth { case encodeHttpBody case customUserAgent case debug - case authorizationPattern } /// Public initializer. @@ -75,7 +71,6 @@ extension OAuth { /// - encodeHttpBody: If the provider should encode the access token parameters into the http body (true by default) /// - customUserAgent: The custom user agent to send with browser requests. /// - debug: Boolean to pass debugging into to the standard output (false by default) - /// - authorizationPattern: a regex pattern used to automatically match outbound url requests that should have authorization headers added public init(id: String, icon: URL? = nil, authorizationURL: URL, @@ -87,8 +82,7 @@ extension OAuth { scope: [String]? = nil, encodeHttpBody: Bool = true, customUserAgent: String? = nil, - debug: Bool = false, - authorizationPattern: String? = nil) { + debug: Bool = false) { self.id = id self.icon = icon self.authorizationURL = authorizationURL @@ -101,7 +95,6 @@ extension OAuth { self.encodeHttpBody = encodeHttpBody self.customUserAgent = customUserAgent self.debug = debug - self.authorizationPattern = authorizationPattern } /// Custom decoder initializer. @@ -121,7 +114,6 @@ extension OAuth { encodeHttpBody = try container.decodeIfPresent(Bool.self, forKey: .encodeHttpBody) ?? true customUserAgent = try container.decodeIfPresent(String.self, forKey: .customUserAgent) debug = try container.decodeIfPresent(Bool.self, forKey: .debug) ?? false - authorizationPattern = try container.decodeIfPresent(String.self, forKey: .authorizationPattern) } } } diff --git a/Sources/OAuthKit/OAuth+URLProtocol.swift b/Sources/OAuthKit/OAuth+URLProtocol.swift deleted file mode 100644 index 70ea7a6..0000000 --- a/Sources/OAuthKit/OAuth+URLProtocol.swift +++ /dev/null @@ -1,158 +0,0 @@ -// -// OAuth+URLProtocol.swift -// OAuthKit -// -// Created by Kevin McKee -// - -import Foundation - -extension OAuth { - - /// A custom `URLProtocol` that can be registered with any `URLSessionConfiguration` that will automatically inject - /// `Authorization: Bearer <>` headers into outbound HTTP URLRequests based on ``Provider/authorizationPattern``. - public class URLProtocol: Foundation.URLProtocol, URLSessionDataDelegate, @unchecked Sendable { - - private var session: URLSession? - private var sessionDataTask: URLSessionDataTask? - - /// The lock that provides manual synchronization around access to authorization tokens. - private static let lock: NSLock = .init() - nonisolated(unsafe) private static var _authorizations: [OAuth.Provider: OAuth.Authorization] = .init() - - static var authorizations: [OAuth.Provider: OAuth.Authorization] { - get { lock.withLock { _authorizations } } - set { lock.withLock { _authorizations = newValue } } - } - - /// Common Initializer. - /// - Parameters: - /// - request: the url requesy - /// - cachedResponse: the cached response - /// - client: the client - override public init(request: URLRequest, cachedResponse: CachedURLResponse?, client: (any URLProtocolClient)?) { - super.init(request: request, cachedResponse: cachedResponse, client: client) - if session == nil { - session = .init(configuration: .default, delegate: self, delegateQueue: nil) - } - } - - /// Adds an authorization for the given provider that can be used inject `Authorization: Bearer <>` headers into a request. - /// - Parameters: - /// - authorization: the authorization issued by the provider - /// - provider: the provider - @MainActor - public class func addAuthorization(_ authorization: OAuth.Authorization, for provider: OAuth.Provider) { - guard let _ = provider.authorizationPattern else { return } - authorizations[provider] = authorization - } - - /// Removes authorizations for the specified provider. - /// - Parameter provider: the provider to remove authorization for - @MainActor - public class func removeAuthorization(for provider: OAuth.Provider) { - authorizations.removeValue(forKey: provider) - } - - /// Clears all authorizations out of the protocol. - @MainActor - public class func clear() { - authorizations.removeAll() - } - - /// Determines whether this protocol can handle the given request. - /// - Parameter request: the request to handle - /// - Returns: true if this protocl can handle the given request. - override public class func canInit(with request: URLRequest) -> Bool { - // Remove any expired authorizations - let expiredEntries = authorizations.filter{ $0.value.isExpired } - for expired in expiredEntries { - authorizations.removeValue(forKey: expired.key) - } - guard let url = request.url, authorizations.isNotEmpty else { return false } - for (provider, _) in authorizations { - guard let pattern = provider.authorizationPattern else { continue } - if url.absoluteString.range(of: pattern, options: .regularExpression) != nil { - return true - } - } - return false - } - - /// Determines whether this protocol can handle the given task. - /// - Parameter task: the task to handle - /// - Returns: true if this protocl can handle the given task. - override public class func canInit(with task: URLSessionTask) -> Bool { - guard let request = task.originalRequest else { return false } - return canInit(with: request) - } - - /// If an authorized provider matches the given request, then this method returns a canonical version - /// of the given request with an additional `Authorization: Bearer <>` header field. - /// - Parameter request: the request - /// - Returns: the canonical version of the given request. - override public class func canonicalRequest(for request: URLRequest) -> URLRequest { - guard let url = request.url, authorizations.isNotEmpty else { return request } - for (provider, auth) in authorizations { - guard let pattern = provider.authorizationPattern else { continue } - if url.absoluteString.range(of: pattern, options: .regularExpression) != nil { - var canonicalRequest = request - canonicalRequest.addAuthorization(auth: auth) - return canonicalRequest - } - } - return request - } - - /// Starts the loading of the current request. - override public func startLoading() { - sessionDataTask = session?.dataTask(with: request) - sessionDataTask?.resume() - } - - /// Stops the loading of the current request. - override public func stopLoading() { - sessionDataTask?.cancel() - } - - /// Called when data is available to consume. - /// - Parameters: - /// - session: the url session - /// - dataTask: the data task - /// - data: the data to consume - public func urlSession(_ session: URLSession, dataTask: URLSessionDataTask, didReceive data: Data) { - guard let response = dataTask.response else { return } - client?.urlProtocol(self, didReceive: response, cacheStoragePolicy: .notAllowed) - client?.urlProtocol(self, didLoad: data) - } - - /// Called when task is done loading data. - /// - Parameters: - /// - session: the url session - /// - task: the session task - /// - error: any error that may have occurred - public func urlSession(_ session: URLSession, task: URLSessionTask, didCompleteWithError error: (any Error)?) { - if let error { - client?.urlProtocol(self, didFailWithError: error) - } else { - client?.urlProtocolDidFinishLoading(self) - } - } - - public func urlSession(_ session: URLSession, task: URLSessionTask, willPerformHTTPRedirection response: HTTPURLResponse, newRequest request: URLRequest, completionHandler: @escaping (URLRequest?) -> Void) { - client?.urlProtocol(self, wasRedirectedTo: request, redirectResponse: response) - completionHandler(request) - } - - public func urlSession(_ session: URLSession, didBecomeInvalidWithError error: (any Error)?) { - guard let error = error else { return } - client?.urlProtocol(self, didFailWithError: error) - } - - public func urlSessionDidFinishEvents(forBackgroundURLSession session: URLSession) { - client?.urlProtocolDidFinishLoading(self) - } - } -} - - diff --git a/Sources/OAuthKit/OAuth.swift b/Sources/OAuthKit/OAuth.swift index 526b18e..2b6bd12 100644 --- a/Sources/OAuthKit/OAuth.swift +++ b/Sources/OAuthKit/OAuth.swift @@ -157,7 +157,6 @@ public extension OAuth { func clear() { debugPrint("⚠️ [Clearing oauth state]") keychain.clear() - URLProtocol.clear() state = .empty } } @@ -278,7 +277,6 @@ private extension OAuth { func publish(state: State) { switch state { case .authorized(let provider, let auth): - addAuthorization(provider: provider, authorization: auth) schedule(provider: provider, auth: auth) case .receivedDeviceCode(let provider, let deviceCode): schedule(provider: provider, deviceCode: deviceCode) @@ -288,14 +286,6 @@ private extension OAuth { self.state = state } - /// Adds a received authorization to the ``OAuth/URLProtocol`` class. - /// - Parameters: - /// - provider: the provider - /// - authorization: the authorization issued by the provider - func addAuthorization(provider: Provider, authorization: Authorization) { - URLProtocol.addAuthorization(authorization, for: provider) - } - /// Schedules the provider to be polled for authorization with the specified device token. /// - Parameters: /// - provider: the oauth provider diff --git a/Sources/OAuthKit/OAuthKit.docc/Extensions/OAuth.md b/Sources/OAuthKit/OAuthKit.docc/Extensions/OAuth.md index 4884944..c83e108 100644 --- a/Sources/OAuthKit/OAuthKit.docc/Extensions/OAuth.md +++ b/Sources/OAuthKit/OAuthKit.docc/Extensions/OAuth.md @@ -48,6 +48,3 @@ let oauth: OAuth = .init(.module, options: options) - ``state`` - ``providers`` - -### OAuth Authorization Headers -- ``OAuthKit/OAuth/URLProtocol`` diff --git a/Sources/OAuthKit/OAuthKit.docc/Extensions/URLProtocol.md b/Sources/OAuthKit/OAuthKit.docc/Extensions/URLProtocol.md deleted file mode 100644 index f138831..0000000 --- a/Sources/OAuthKit/OAuthKit.docc/Extensions/URLProtocol.md +++ /dev/null @@ -1,20 +0,0 @@ -# ``OAuthKit/OAuth/URLProtocol`` -@Metadata { - @Available(iOS, introduced: "18.0") - @Available(macOS, introduced: "15.0") - @Available(tvOS, introduced: "18.0") - @Available(visionOS, introduced: "2.0") - @Available(watchOS, introduced: "11.0") -} - -## Overview -The URLProtocol can be registered with any `URLSessionConfiguration` and will automatically inject `Authorization` headers into outbound HTTP URLRequests if patterns are matched. - -### Tutorials - -@Links(visualStyle: list) { - - -} - -- SeeAlso: -[Making Authenticated Requests](https://www.oauth.com/oauth2-servers/making-authenticated-requests/) diff --git a/Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-1.swift b/Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-1.swift deleted file mode 100644 index 0742905..0000000 --- a/Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-1.swift +++ /dev/null @@ -1,4 +0,0 @@ -// 1) Configure the URLSession that your app will use to make API requests with Github -let configuration: URLSessionConfiguration = .ephemeral -configuration.protocolClasses = [OAuth.URLProtocol.self] -let urlSession: URLSession = .init(configuration: configuration) diff --git a/Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-2.swift b/Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-2.swift deleted file mode 100644 index 4af5912..0000000 --- a/Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-2.swift +++ /dev/null @@ -1,14 +0,0 @@ -// 1) Configure the URLSession that your app will use to make API requests with Github -let configuration: URLSessionConfiguration = .ephemeral -configuration.protocolClasses = [OAuth.URLProtocol.self] -let urlSession: URLSession = .init(configuration: configuration) - -// 2) Configure a Provider that matches all patterns of `api.github.com` -let provider: OAuth.Provider = .init( - id: "GitHub", - authorizationURL: URL(string: "https://github.com/login/oauth/authorize"), - accessTokenURL: URL(string: "https://github.com/login/oauth/access_token"), - clientID: "CLIENT_ID", - clientSecret: "CLIENT_SECRET", - authorizationPattern: "api.github.com" -) diff --git a/Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-3.swift b/Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-3.swift deleted file mode 100644 index 04d9e90..0000000 --- a/Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-3.swift +++ /dev/null @@ -1,13 +0,0 @@ -// 2) Configure a Provider that matches all patterns of `api.github.com` -let provider: OAuth.Provider = .init( - id: "GitHub", - authorizationURL: URL(string: "https://github.com/login/oauth/authorize"), - accessTokenURL: URL(string: "https://github.com/login/oauth/access_token"), - clientID: "CLIENT_ID", - clientSecret: "CLIENT_SECRET", - authorizationPattern: "api.github.com" -) - -// 3) Authorize the GitHub Provider to start an OAuth flow -let oauth: OAuth = .init(providers: [provider]) -oauth.authorize(provider: provider) diff --git a/Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-4.swift b/Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-4.swift deleted file mode 100644 index a29f858..0000000 --- a/Sources/OAuthKit/OAuthKit.docc/Resources/tutorial-code-files/url-protocol-step-4.swift +++ /dev/null @@ -1,7 +0,0 @@ -// Once the OAuth has been authorized -// send a REST request to GitHub's API for a list of org repos -// The Authorization header will automatically get included -// in the request since it matches `api.github.com` -let url: URL = .init(string: "https://api.github.com/users/codefiesta/repos") -let request = URLRequest(url: url) -let (data, response) = try await urlSession.data(for: request) diff --git a/Sources/OAuthKit/OAuthKit.docc/Tutorials/Contents.tutorial b/Sources/OAuthKit/OAuthKit.docc/Tutorials/Contents.tutorial index 69f320b..60a7c68 100644 --- a/Sources/OAuthKit/OAuthKit.docc/Tutorials/Contents.tutorial +++ b/Sources/OAuthKit/OAuthKit.docc/Tutorials/Contents.tutorial @@ -7,7 +7,7 @@ @Tutorials(name: "Tutorials") { @Intro(title: "OAuthKit Tutorials") { - Learn how to start OAuth flows, observe state changes, and use authorization tokens in API requests using URLProtocols. + Learn how to start OAuth flows and observe state changes. @Image(source: tutorial-card.jpg, alt: "tutorial") } @@ -19,12 +19,4 @@ Learn the basics of how to create observable ``OAuth`` instances and start authorization flows. @TutorialReference(tutorial: "doc:FlowsStates") } - - @Chapter(name: "URLProtocols with OAuthKit") { - - @Image(source: blueprint-card.jpg, alt: "OAuthKit") - - Leverage the ``OAuth/URLProtocol`` class to automatically have `Authorization` header values injected into matching outbound `URLRequest`. - @TutorialReference(tutorial: "doc:URLProtocol") - } } diff --git a/Sources/OAuthKit/OAuthKit.docc/Tutorials/FlowsStates.tutorial b/Sources/OAuthKit/OAuthKit.docc/Tutorials/FlowsStates.tutorial index a45e8b5..54c42a2 100644 --- a/Sources/OAuthKit/OAuthKit.docc/Tutorials/FlowsStates.tutorial +++ b/Sources/OAuthKit/OAuthKit.docc/Tutorials/FlowsStates.tutorial @@ -37,8 +37,6 @@ @Step { Once the ``OAuth/Provider`` has been authorized, the ``OAuth/state`` will reach an ``OAuth/State/authorized(_:_:)`` state can you can dismiss the authorization window. - - > Tip: See using the received authorization token in subsequent API requests in the tutorial. @Code(name: "ContentView.swift", file: flows-states-step-4.swift) } } diff --git a/Sources/OAuthKit/OAuthKit.docc/Tutorials/URLProtocol.tutorial b/Sources/OAuthKit/OAuthKit.docc/Tutorials/URLProtocol.tutorial deleted file mode 100644 index ac22f74..0000000 --- a/Sources/OAuthKit/OAuthKit.docc/Tutorials/URLProtocol.tutorial +++ /dev/null @@ -1,40 +0,0 @@ -@Tutorial(time: 5) { - @Intro(title: "Using URLProtocols with OAuthKit") { - This tutorial guides you through using the ``OAuth/URLProtocol`` for automatically injecting `Authorization` headers into matching outbound HTTP URLRequests using the ``OAuth/Provider/authorizationPattern``. - - @Image(source: blueprint-card.jpg, alt: "OAuthKit") - } - - @Section(title: "Leverage the OAuth.URLProtocol with an URLSession.") { - @ContentAndMedia { - - This section walks you through an example of configuring an ``OAuth/Provider`` with [GitHub](https://docs.github.com/en/rest) and using the ``OAuth/URLProtocol`` for authorized URL requests with GitHub's REST endpoints. - } - - @Steps { - @Step { - Register the ``OAuth/URLProtocol`` class with an URLSession you'll use to communicate with an ``OAuth/Provider`` for API requests. - @Code(name: "Configuration/URLSession.swift", file: url-protocol-step-1.swift) - } - - @Step { - Create a GitHub Provider that matches all REST endpoint patterns of `api.github.com`. - @Code(name: "Configuration/Provider.swift", file: url-protocol-step-2.swift) - } - - @Step { - Start an ``OAuth/authorize(provider:grantType:)`` flow with the GitHub ``OAuth/Provider``. - - > Important: You'll need to wait until you've been authorized by GitHub and your ``OAuth/State`` has moved to ``OAuth/State/authorized(_:_:)`` - - > See: - @Code(name: "Configuration/AuthFlow.swift", file: url-protocol-step-3.swift) - } - - @Step { - Once the GitHub ``OAuth/Provider`` has been authorized, your app can begin to send authorized requests to any endpoints that match `api.github.com`. The ``OAuth/URLProtocol`` will automatically intercept every outbound request that matches `api.github.com` and inject the `Authorization: Bearer <>` header for you. - @Code(name: "Configuration/Request.swift", file: url-protocol-step-4.swift) - } - } - } -} diff --git a/Tests/OAuthKitTests/CodableTests.swift b/Tests/OAuthKitTests/CodableTests.swift index b8ea222..a0b5403 100644 --- a/Tests/OAuthKitTests/CodableTests.swift +++ b/Tests/OAuthKitTests/CodableTests.swift @@ -25,8 +25,7 @@ struct CodableTests { clientSecret: "CLIENT_SECRET", scope: ["email"], customUserAgent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.5 Safari/605.1.15", - debug: true, - authorizationPattern: "github.com") + debug: true) let data = try encoder.encode(provider) let decoded: OAuth.Provider = try decoder.decode(OAuth.Provider.self, from: data) diff --git a/Tests/OAuthKitTests/OAuthTests.swift b/Tests/OAuthKitTests/OAuthTests.swift index 3ea01ac..28a5cd7 100644 --- a/Tests/OAuthKitTests/OAuthTests.swift +++ b/Tests/OAuthKitTests/OAuthTests.swift @@ -421,106 +421,6 @@ final class OAuthTests { #expect(random.count >= 43) } - /// Tests the OAuth URLProtocol Authorization Request Matches - @Test("OAuth Provider Authorization Request Matches") - func whenMatchingAuthorizationRequests() async throws { - - // Provider that matches patterns for adding authorization headers - let provider: OAuth.Provider = - .init(id: .secureRandom(), - authorizationURL: URL(string: "https://example.com/auth")!, - accessTokenURL: URL(string: "https://example.com/token")!, - clientID: .secureRandom(), - clientSecret: .secureRandom(), - authorizationPattern: "(example.com|example.org)" - ) - - let token: OAuth.Token = .init(accessToken: .secureRandom(), - refreshToken: nil, - expiresIn: 3600, - scope: nil, - type: "Bearer") - let auth: OAuth.Authorization = .init(issuer: provider.id, token: token) - OAuth.URLProtocol.addAuthorization(auth, for: provider) - - var urls: [String] = [ - "https://api.example.com/endpoint", - "https://api.example.org/endpoint", - "https://www.example.com/secure", - ] - - // 1) Success handling - for urlString in urls { - let request: URLRequest = .init(url: URL(string: urlString)!) - let canHandle = OAuth.URLProtocol.canInit(with: request) - #expect(canHandle == true) - - let canonicalRequest = OAuth.URLProtocol.canonicalRequest(for: request) - let authorizationHeader = canonicalRequest.value(forHTTPHeaderField: "Authorization") - #expect(authorizationHeader == "\(token.type) \(token.accessToken)") - } - - // 2) Expired authorization - let expiredToken: OAuth.Token = .init(accessToken: .secureRandom(), - refreshToken: nil, - expiresIn: 0, - scope: nil, - type: "Bearer") - let expiredAuth: OAuth.Authorization = .init(issuer: provider.id, token: expiredToken) - OAuth.URLProtocol.addAuthorization(expiredAuth, for: provider) - - for urlString in urls { - let request: URLRequest = .init(url: URL(string: urlString)!) - let canHandle = OAuth.URLProtocol.canInit(with: request) - #expect(canHandle == false) - - let canonicalRequest = OAuth.URLProtocol.canonicalRequest(for: request) - let authorizationHeader = canonicalRequest.value(forHTTPHeaderField: "Authorization") - #expect(authorizationHeader == nil) - } - - // 3) Removed authorization - OAuth.URLProtocol.removeAuthorization(for: provider) - - for urlString in urls { - let request: URLRequest = .init(url: URL(string: urlString)!) - let canHandle = OAuth.URLProtocol.canInit(with: request) - #expect(canHandle == false) - - let canonicalRequest = OAuth.URLProtocol.canonicalRequest(for: request) - let authorizationHeader = canonicalRequest.value(forHTTPHeaderField: "Authorization") - #expect(authorizationHeader == nil) - } - - - // 4) No pattern matching - let provider2: OAuth.Provider = - .init(id: .secureRandom(), - authorizationURL: URL(string: "https://example.com/auth")!, - accessTokenURL: URL(string: "https://example.com/token")!, - clientID: .secureRandom(), - clientSecret: .secureRandom() - ) - OAuth.URLProtocol.addAuthorization(auth, for: provider2) - - urls = [ - "https://api.codefiesta.com/endpoint", - "https://codefiesta.com/codefiesta", - ] - - for urlString in urls { - let request: URLRequest = .init(url: URL(string: urlString)!) - let canHandle = OAuth.URLProtocol.canInit(with: request) - #expect(canHandle == false) - - let canonicalRequest = OAuth.URLProtocol.canonicalRequest(for: request) - let authorizationHeader = canonicalRequest.value(forHTTPHeaderField: "Authorization") - #expect(authorizationHeader == nil) - } - - OAuth.URLProtocol.clear() - } - /// Streams the oauth status until we receive an authorization. /// This should only be used on test methods that expect an authorization to be inserted into the keychain. private func waitForAuthorization(_ oauth: OAuth) async -> Bool { diff --git a/Tests/OAuthKitTests/Resources/oauth.json b/Tests/OAuthKitTests/Resources/oauth.json index 207c455..dbfd0f3 100644 --- a/Tests/OAuthKitTests/Resources/oauth.json +++ b/Tests/OAuthKitTests/Resources/oauth.json @@ -54,8 +54,7 @@ "user", "repo" ], - "debug": true, - "authorizationPattern": "api.github.com" + "debug": true }, { "id": "Google",