diff --git a/AppAuth.podspec b/AppAuth.podspec index 46cb8cafa..7ad140d0b 100644 --- a/AppAuth.podspec +++ b/AppAuth.podspec @@ -31,7 +31,7 @@ It follows the OAuth 2.0 for Native Apps best current practice # classes of AppAuth with tokens on watchOS and tvOS, but currently the # library won't help you obtain authorization grants on those platforms. - ios_deployment_target = "10.0" + ios_deployment_target = "12.0" osx_deployment_target = "10.12" s.ios.deployment_target = ios_deployment_target s.osx.deployment_target = osx_deployment_target diff --git a/AppAuth.xcodeproj/project.pbxproj b/AppAuth.xcodeproj/project.pbxproj index 2d945920a..e17b22d34 100644 --- a/AppAuth.xcodeproj/project.pbxproj +++ b/AppAuth.xcodeproj/project.pbxproj @@ -2815,7 +2815,7 @@ GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; GCC_WARN_UNUSED_FUNCTION = YES; GCC_WARN_UNUSED_VARIABLE = YES; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; + IPHONEOS_DEPLOYMENT_TARGET = 12.0; MACOSX_DEPLOYMENT_TARGET = 10.12; MTL_ENABLE_DEBUG_INFO = YES; ONLY_ACTIVE_ARCH = YES; @@ -2873,7 +2873,7 @@ GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; GCC_WARN_UNUSED_FUNCTION = YES; GCC_WARN_UNUSED_VARIABLE = YES; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; + IPHONEOS_DEPLOYMENT_TARGET = 12.0; MACOSX_DEPLOYMENT_TARGET = 10.12; MTL_ENABLE_DEBUG_INFO = NO; SDKROOT = iphoneos; @@ -2909,7 +2909,7 @@ CLANG_ENABLE_MODULES = YES; HEADER_SEARCH_PATHS = "$(PROJECT_DIR)/"; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 10.0; + IPHONEOS_DEPLOYMENT_TARGET = 12.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = net.openid.appauth.AppAuthTests; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -2926,7 +2926,7 @@ CLANG_ENABLE_MODULES = YES; HEADER_SEARCH_PATHS = "$(PROJECT_DIR)/"; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 10.0; + IPHONEOS_DEPLOYMENT_TARGET = 12.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = net.openid.appauth.AppAuthTests; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3040,7 +3040,7 @@ DYLIB_INSTALL_NAME_BASE = "@rpath"; INFOPLIST_FILE = Sources/CoreFramework/Info.plist; INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks"; - IPHONEOS_DEPLOYMENT_TARGET = 10.0; + IPHONEOS_DEPLOYMENT_TARGET = 12.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = net.openid.AppAuthCore; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3066,7 +3066,7 @@ DYLIB_INSTALL_NAME_BASE = "@rpath"; INFOPLIST_FILE = Sources/CoreFramework/Info.plist; INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks"; - IPHONEOS_DEPLOYMENT_TARGET = 10.0; + IPHONEOS_DEPLOYMENT_TARGET = 12.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = net.openid.AppAuthCore; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3091,7 +3091,7 @@ DYLIB_INSTALL_NAME_BASE = "@rpath"; INFOPLIST_FILE = Sources/Framework/Info.plist; INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks"; - IPHONEOS_DEPLOYMENT_TARGET = 10.0; + IPHONEOS_DEPLOYMENT_TARGET = 12.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-iOS"; PRODUCT_NAME = AppAuth; @@ -3116,7 +3116,7 @@ DYLIB_INSTALL_NAME_BASE = "@rpath"; INFOPLIST_FILE = Sources/Framework/Info.plist; INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks"; - IPHONEOS_DEPLOYMENT_TARGET = 10.0; + IPHONEOS_DEPLOYMENT_TARGET = 12.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-iOS"; PRODUCT_NAME = AppAuth; @@ -3135,7 +3135,7 @@ CLANG_WARN_DOCUMENTATION_COMMENTS = YES; HEADER_SEARCH_PATHS = .; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 10.0; + IPHONEOS_DEPLOYMENT_TARGET = 12.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-iOSTests"; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3149,7 +3149,7 @@ CLANG_WARN_DOCUMENTATION_COMMENTS = YES; HEADER_SEARCH_PATHS = .; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 10.0; + IPHONEOS_DEPLOYMENT_TARGET = 12.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-iOSTests"; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3403,7 +3403,7 @@ CLANG_WARN_DOCUMENTATION_COMMENTS = YES; HEADER_SEARCH_PATHS = .; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 10.0; + IPHONEOS_DEPLOYMENT_TARGET = 12.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-ExtensionTests"; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3417,7 +3417,7 @@ CLANG_WARN_DOCUMENTATION_COMMENTS = YES; HEADER_SEARCH_PATHS = .; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 10.0; + IPHONEOS_DEPLOYMENT_TARGET = 12.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-ExtensionTests"; PRODUCT_NAME = "$(TARGET_NAME)"; diff --git a/Package.swift b/Package.swift index baac5cb31..208eaf467 100644 --- a/Package.swift +++ b/Package.swift @@ -24,7 +24,7 @@ let package = Package( name: "AppAuth", platforms: [ .macOS(.v10_12), - .iOS(.v10), + .iOS(.v12), .tvOS(.v9), .watchOS(.v2) ], diff --git a/README.md b/README.md index 8b55c6417..540feda72 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ For tvOS, AppAuth implements [OAuth 2.0 Device Authorization Grant #### Supported Versions -AppAuth supports iOS 10 and above. +AppAuth supports iOS 12 and above. iOS 9+ uses the in-app browser tab pattern (via `SFSafariViewController`), and falls back to the system browser (mobile diff --git a/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.h b/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.h index 12abc203c..4ab6c7452 100644 --- a/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.h +++ b/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.h @@ -41,10 +41,8 @@ API_UNAVAILABLE(macCatalyst) /*! @brief The designated initializer. @param presentingViewController The view controller from which to present the authentication UI. @discussion The specific authentication UI used depends on the iOS version and accessibility - options. iOS 8 uses the system browser, iOS 9-10 use @c SFSafariViewController, iOS 11 uses - @c SFAuthenticationSession - (unless Guided Access is on which does not work) or uses @c SFSafariViewController, and iOS - 12+ uses @c ASWebAuthenticationSession (unless Guided Access is on). + options. iOS 12+ uses @c ASWebAuthenticationSession (unless Guided Access is on), + otherwise local browser is used. */ - (nullable instancetype)initWithPresentingViewController: (UIViewController *)presentingViewController diff --git a/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m b/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m index 41d5fa1c0..7a3fa2278 100644 --- a/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m +++ b/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m @@ -50,7 +50,6 @@ @implementation OIDExternalUserAgentIOS { #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wpartial-availability" __weak SFSafariViewController *_safariVC; - SFAuthenticationSession *_authenticationVC; ASWebAuthenticationSession *_webAuthenticationVC; #pragma clang diagnostic pop } @@ -134,47 +133,6 @@ - (BOOL)presentExternalUserAgentRequest:(id)request openedUserAgent = [authenticationVC start]; } } - // iOS 11, use SFAuthenticationSession - if (@available(iOS 11.0, *)) { - // SFAuthenticationSession doesn't work with guided access (rdar://40809553) - if (!openedUserAgent && !UIAccessibilityIsGuidedAccessEnabled()) { - __weak OIDExternalUserAgentIOS *weakSelf = self; - NSString *redirectScheme = request.redirectScheme; - SFAuthenticationSession *authenticationVC = - [[SFAuthenticationSession alloc] initWithURL:requestURL - callbackURLScheme:redirectScheme - completionHandler:^(NSURL * _Nullable callbackURL, - NSError * _Nullable error) { - __strong OIDExternalUserAgentIOS *strongSelf = weakSelf; - if (!strongSelf) { - return; - } - strongSelf->_authenticationVC = nil; - if (callbackURL) { - [strongSelf->_session resumeExternalUserAgentFlowWithURL:callbackURL]; - } else { - NSError *safariError = - [OIDErrorUtilities errorWithCode:OIDErrorCodeUserCanceledAuthorizationFlow - underlyingError:error - description:@"User cancelled."]; - [strongSelf->_session failExternalUserAgentFlowWithError:safariError]; - } - }]; - _authenticationVC = authenticationVC; - openedUserAgent = [authenticationVC start]; - } - } - // iOS 9 and 10, use SFSafariViewController - if (@available(iOS 9.0, *)) { - if (!openedUserAgent && _presentingViewController) { - SFSafariViewController *safariVC = - [[SFSafariViewController alloc] initWithURL:requestURL]; - safariVC.delegate = self; - _safariVC = safariVC; - [_presentingViewController presentViewController:safariVC animated:YES completion:nil]; - openedUserAgent = YES; - } - } // If all else failed use the local browser. if (!openedUserAgent){ [[UIApplication sharedApplication] openURL:requestURL @@ -196,7 +154,6 @@ - (void)dismissExternalUserAgentAnimated:(BOOL)animated completion:(void (^)(voi #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wpartial-availability" SFSafariViewController *safariVC = _safariVC; - SFAuthenticationSession *authenticationVC = _authenticationVC; ASWebAuthenticationSession *webAuthenticationVC = _webAuthenticationVC; #pragma clang diagnostic pop @@ -206,10 +163,6 @@ - (void)dismissExternalUserAgentAnimated:(BOOL)animated completion:(void (^)(voi // dismiss the ASWebAuthenticationSession [webAuthenticationVC cancel]; if (completion) completion(); - } else if (authenticationVC) { - // dismiss the SFAuthenticationSession - [authenticationVC cancel]; - if (completion) completion(); } else if (safariVC) { // dismiss the SFSafariViewController [safariVC dismissViewControllerAnimated:YES completion:completion]; @@ -222,7 +175,6 @@ - (void)cleanUp { // The weak references to |_safariVC| and |_session| are set to nil to avoid accidentally using // them while not in an authorization flow. _safariVC = nil; - _authenticationVC = nil; _webAuthenticationVC = nil; _session = nil; _externalUserAgentFlowInProgress = NO; diff --git a/Sources/AppAuthCore/OIDRegistrationRequest.m b/Sources/AppAuthCore/OIDRegistrationRequest.m index 9efd18fdd..2b3435f85 100644 --- a/Sources/AppAuthCore/OIDRegistrationRequest.m +++ b/Sources/AppAuthCore/OIDRegistrationRequest.m @@ -130,12 +130,15 @@ - (instancetype)initWithCoder:(NSCoder *)aDecoder { forKey:kConfigurationKey]; NSString *initialAccessToken = [aDecoder decodeObjectOfClass:[NSString class] forKey:kInitialAccessToken]; - NSArray *redirectURIs = [aDecoder decodeObjectOfClass:[NSArray class] - forKey:kRedirectURIsKey]; - NSArray *responseTypes = [aDecoder decodeObjectOfClass:[NSArray class] - forKey:kResponseTypesKey]; - NSArray *grantTypes = [aDecoder decodeObjectOfClass:[NSArray class] - forKey:kGrantTypesKey]; + NSArray *redirectURIs = + [aDecoder decodeObjectOfClasses:[NSSet setWithArray:@[[NSArray class], [NSURL class]]] + forKey:kRedirectURIsKey]; + NSArray *responseTypes = + [aDecoder decodeObjectOfClasses:[NSSet setWithArray:@[[NSArray class], [NSString class]]] + forKey:kResponseTypesKey]; + NSArray *grantTypes = + [aDecoder decodeObjectOfClasses:[NSSet setWithArray:@[[NSArray class], [NSString class]]] + forKey:kGrantTypesKey]; NSString *subjectType = [aDecoder decodeObjectOfClass:[NSString class] forKey:kSubjectTypeKey]; NSString *tokenEndpointAuthenticationMethod = diff --git a/UnitTests/OIDAuthStateTests.m b/UnitTests/OIDAuthStateTests.m index 051902833..d18ab3405 100644 --- a/UnitTests/OIDAuthStateTests.m +++ b/UnitTests/OIDAuthStateTests.m @@ -204,7 +204,18 @@ - (void)testNonCompliantNSCodingNSErrors { NSError *oauthError = [[self class] OAuthTokenInvalidGrantErrorWithUnderlyingError:nonCompliantError]; [authstate updateWithAuthorizationError:oauthError]; - XCTAssertNoThrow([NSKeyedArchiver archivedDataWithRootObject:authstate], @""); + NSError *error; + NSData *data; + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + data = [NSKeyedArchiver archivedDataWithRootObject:authstate + requiringSecureCoding:YES + error:&error]; + XCTAssertNoThrow(data, @""); + } else { +#if !TARGET_OS_IOS + XCTAssertNoThrow([NSKeyedArchiver archivedDataWithRootObject:authstate], @""); +#endif + } } /*! @brief Tests @c OIDAuthState.updateWithAuthorizationResponse:error: with a success response. @@ -358,8 +369,22 @@ - (void)testSecureCoding { XCTAssert([OIDAuthState supportsSecureCoding], @""); OIDAuthState *authState = [[self class] testInstance]; - NSData *data = [NSKeyedArchiver archivedDataWithRootObject:authState]; - OIDAuthState *authStateCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; + OIDAuthState *authStateCopy; + NSError *error; + NSData *data; + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + data = [NSKeyedArchiver archivedDataWithRootObject:authState + requiringSecureCoding:YES + error:&error]; + authStateCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDAuthState class] + fromData:data + error:&error]; + } else { +#if !TARGET_OS_IOS + data = [NSKeyedArchiver archivedDataWithRootObject:authState]; + authStateCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; +#endif + } XCTAssertEqualObjects(authStateCopy.refreshToken, authState.refreshToken, @""); XCTAssertEqualObjects(authStateCopy.scope, authState.scope, @""); @@ -375,9 +400,26 @@ - (void)testSecureCoding { // Verify the error object is indeed restored. NSError *oauthError = [[self class] OAuthTokenInvalidGrantErrorWithUnderlyingError:nil]; [authState updateWithTokenResponse:nil error:oauthError]; - data = [NSKeyedArchiver archivedDataWithRootObject:authState]; + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + data = [NSKeyedArchiver archivedDataWithRootObject:authState + requiringSecureCoding:YES + error:&error]; + } else { +#if !TARGET_OS_IOS + data = [NSKeyedArchiver archivedDataWithRootObject:authState]; +#endif + } XCTAssertNotNil(authState.authorizationError, @""); - authStateCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; + + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + authStateCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDAuthState class] + fromData:data + error:&error]; + } else { +#if !TARGET_OS_IOS + authStateCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; +#endif + } XCTAssertEqualObjects(authStateCopy.authorizationError.domain, authState.authorizationError.domain, @""); XCTAssertEqual(authStateCopy.authorizationError.code, authState.authorizationError.code, @""); diff --git a/UnitTests/OIDAuthorizationRequestTests.m b/UnitTests/OIDAuthorizationRequestTests.m index dd1329383..dcefc6ff2 100644 --- a/UnitTests/OIDAuthorizationRequestTests.m +++ b/UnitTests/OIDAuthorizationRequestTests.m @@ -322,8 +322,22 @@ - (void)testSecureCoding { XCTAssertEqualObjects(request.additionalParameters[kTestAdditionalParameterKey], kTestAdditionalParameterValue, @""); - NSData *data = [NSKeyedArchiver archivedDataWithRootObject:request]; - OIDAuthorizationRequest *requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; + OIDAuthorizationRequest *requestCopy; + NSError *error; + NSData *data; + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + data = [NSKeyedArchiver archivedDataWithRootObject:request + requiringSecureCoding:YES + error:&error]; + requestCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDAuthorizationRequest class] + fromData:data + error:&error]; + } else { +#if !TARGET_OS_IOS + data = [NSKeyedArchiver archivedDataWithRootObject:request]; + requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; +#endif + } // Not a full test of the configuration deserialization, but should be sufficient as a smoke test // to make sure the configuration IS actually getting serialized and deserialized in the diff --git a/UnitTests/OIDAuthorizationResponseTests.m b/UnitTests/OIDAuthorizationResponseTests.m index 3aded7eaa..6bfb5fce2 100644 --- a/UnitTests/OIDAuthorizationResponseTests.m +++ b/UnitTests/OIDAuthorizationResponseTests.m @@ -158,8 +158,22 @@ - (void)testCopying { */ - (void)testSecureCoding { OIDAuthorizationResponse *response = [[self class] testInstance]; - NSData *data = [NSKeyedArchiver archivedDataWithRootObject:response]; - OIDAuthorizationResponse *responseCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; + OIDAuthorizationResponse *responseCopy; + NSError *error; + NSData *data; + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + data = [NSKeyedArchiver archivedDataWithRootObject:response + requiringSecureCoding:YES + error:&error]; + responseCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDAuthorizationResponse class] + fromData:data + error:&error]; + } else { +#if !TARGET_OS_IOS + data = [NSKeyedArchiver archivedDataWithRootObject:response]; + responseCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; +#endif + } // Not a full test of the request deserialization, but should be sufficient as a smoke test // to make sure the request IS actually getting serialized and deserialized in the diff --git a/UnitTests/OIDEndSessionRequestTests.m b/UnitTests/OIDEndSessionRequestTests.m index 38543c8d3..d9ded81be 100644 --- a/UnitTests/OIDEndSessionRequestTests.m +++ b/UnitTests/OIDEndSessionRequestTests.m @@ -97,8 +97,22 @@ - (void)testSecureCoding { XCTAssertEqualObjects(request.additionalParameters[kTestAdditionalParameterKey], kTestAdditionalParameterValue); - NSData *data = [NSKeyedArchiver archivedDataWithRootObject:request]; - OIDEndSessionRequest *requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; + OIDEndSessionRequest *requestCopy; + NSError *error; + NSData *data; + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + data = [NSKeyedArchiver archivedDataWithRootObject:request + requiringSecureCoding:YES + error:&error]; + requestCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDEndSessionRequest class] + fromData:data + error:&error]; + } else { +#if !TARGET_OS_IOS + data = [NSKeyedArchiver archivedDataWithRootObject:request]; + requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; +#endif + } XCTAssertNotNil(requestCopy.configuration); XCTAssertEqualObjects(requestCopy.configuration.authorizationEndpoint, diff --git a/UnitTests/OIDRegistrationRequestTests.m b/UnitTests/OIDRegistrationRequestTests.m index 440dab2a5..f2a7ba3e1 100644 --- a/UnitTests/OIDRegistrationRequestTests.m +++ b/UnitTests/OIDRegistrationRequestTests.m @@ -142,8 +142,22 @@ - (void)testSecureCoding { XCTAssertEqualObjects(request.additionalParameters[kTestAdditionalParameterKey], kTestAdditionalParameterValue); - NSData *data = [NSKeyedArchiver archivedDataWithRootObject:request]; - OIDRegistrationRequest *requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; + OIDRegistrationRequest *requestCopy; + NSError *error; + NSData *data; + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + data = [NSKeyedArchiver archivedDataWithRootObject:request + requiringSecureCoding:YES + error:&error]; + requestCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDRegistrationRequest class] + fromData:data + error:&error]; + } else { +#if !TARGET_OS_IOS + data = [NSKeyedArchiver archivedDataWithRootObject:request]; + requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; +#endif + } // Not a full test of the configuration deserialization, but should be sufficient as a smoke test // to make sure the configuration IS actually getting serialized and deserialized in the diff --git a/UnitTests/OIDRegistrationResponseTests.m b/UnitTests/OIDRegistrationResponseTests.m index 92e57e338..f98787e55 100644 --- a/UnitTests/OIDRegistrationResponseTests.m +++ b/UnitTests/OIDRegistrationResponseTests.m @@ -119,8 +119,22 @@ - (void)testCopying { */ - (void)testSecureCoding { OIDRegistrationResponse *response = [[self class] testInstance]; - NSData *data = [NSKeyedArchiver archivedDataWithRootObject:response]; - OIDRegistrationResponse *responseCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; + OIDRegistrationResponse *responseCopy; + NSError *error; + NSData *data; + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + data = [NSKeyedArchiver archivedDataWithRootObject:response + requiringSecureCoding:YES + error:&error]; + responseCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDRegistrationResponse class] + fromData:data + error:&error]; + } else { +#if !TARGET_OS_IOS + data = [NSKeyedArchiver archivedDataWithRootObject:response]; + responseCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; +#endif + } // Not a full test of the request deserialization, but should be sufficient as a smoke test // to make sure the request IS actually getting serialized and deserialized in the diff --git a/UnitTests/OIDServiceConfigurationTests.m b/UnitTests/OIDServiceConfigurationTests.m index 7f4fcb11c..bd4c5babb 100644 --- a/UnitTests/OIDServiceConfigurationTests.m +++ b/UnitTests/OIDServiceConfigurationTests.m @@ -363,8 +363,22 @@ - (void)testFetcherWithBadJSON { */ - (void)testSecureCoding { OIDServiceConfiguration *configuration = [[self class] testInstance]; - NSData *data = [NSKeyedArchiver archivedDataWithRootObject:configuration]; - OIDServiceConfiguration *unarchived = [NSKeyedUnarchiver unarchiveObjectWithData:data]; + OIDServiceConfiguration *unarchived; + NSError *error; + NSData *data; + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + data = [NSKeyedArchiver archivedDataWithRootObject:configuration + requiringSecureCoding:YES + error:&error]; + unarchived = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDServiceConfiguration class] + fromData:data + error:&error]; + } else { +#if !TARGET_OS_IOS + data = [NSKeyedArchiver archivedDataWithRootObject:configuration]; + unarchived = [NSKeyedUnarchiver unarchiveObjectWithData:data]; +#endif + } XCTAssertEqualObjects(configuration.authorizationEndpoint, unarchived.authorizationEndpoint, @""); XCTAssertEqualObjects(configuration.tokenEndpoint, unarchived.tokenEndpoint, @""); diff --git a/UnitTests/OIDServiceDiscoveryTests.m b/UnitTests/OIDServiceDiscoveryTests.m index 6d9faf799..f07d5e2a0 100644 --- a/UnitTests/OIDServiceDiscoveryTests.m +++ b/UnitTests/OIDServiceDiscoveryTests.m @@ -448,21 +448,25 @@ - (void)testSecureCoding { [[OIDServiceDiscovery alloc] initWithDictionary:serviceDiscoveryDictionary error:&error]; NSData *data; - if (@available(iOS 11.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { data = [NSKeyedArchiver archivedDataWithRootObject:discovery requiringSecureCoding:YES error:&error]; } else { +#if !TARGET_OS_IOS data = [NSKeyedArchiver archivedDataWithRootObject:discovery]; +#endif } OIDServiceDiscovery *unarchived; - if (@available(iOS 11.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { unarchived = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDServiceDiscovery class] fromData:data error:&error]; } else { +#if !TARGET_OS_IOS unarchived = [NSKeyedUnarchiver unarchiveObjectWithData:data]; +#endif } XCTAssertEqualObjects(discovery.discoveryDictionary, unarchived.discoveryDictionary); @@ -478,16 +482,18 @@ - (void)testSecureCodingDecodeOld { [[OIDServiceDiscoveryOldEncoding alloc] initWithDictionary:serviceDiscoveryDictionary error:&error]; NSData *data; - if (@available(iOS 11.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { data = [NSKeyedArchiver archivedDataWithRootObject:discovery requiringSecureCoding:YES error:&error]; } else { +#if !TARGET_OS_IOS data = [NSKeyedArchiver archivedDataWithRootObject:discovery]; +#endif } OIDServiceDiscovery *unarchived; - if (@available(iOS 11.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { NSSet *allowedClasses = [NSSet setWithArray:@[[OIDServiceDiscovery class], [NSDictionary class], [NSArray class], @@ -498,7 +504,9 @@ - (void)testSecureCodingDecodeOld { fromData:data error:&error]; } else { +#if !TARGET_OS_IOS unarchived = [NSKeyedUnarchiver unarchiveObjectWithData:data]; +#endif } XCTAssertEqualObjects(discovery.discoveryDictionary, unarchived.discoveryDictionary); @@ -514,16 +522,18 @@ - (void)testSecureCodingOldDecodeNew { [[OIDServiceDiscoveryOldDecoding alloc] initWithDictionary:serviceDiscoveryDictionary error:&error]; NSData *data; - if (@available(iOS 11.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { data = [NSKeyedArchiver archivedDataWithRootObject:discovery requiringSecureCoding:YES error:&error]; } else { +#if !TARGET_OS_IOS data = [NSKeyedArchiver archivedDataWithRootObject:discovery]; +#endif } OIDServiceDiscovery *unarchived; - if (@available(iOS 11.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { NSSet *allowedClasses = [NSSet setWithArray:@[[OIDServiceDiscoveryOldDecoding class], [NSDictionary class], [NSArray class], @@ -534,7 +544,9 @@ - (void)testSecureCodingOldDecodeNew { fromData:data error:&error]; } else { +#if !TARGET_OS_IOS unarchived = [NSKeyedUnarchiver unarchiveObjectWithData:data]; +#endif } XCTAssertNil(error); XCTAssertEqualObjects(discovery.discoveryDictionary, unarchived.discoveryDictionary); diff --git a/UnitTests/OIDTokenRequestTests.m b/UnitTests/OIDTokenRequestTests.m index c387bd809..59a2f8ae6 100644 --- a/UnitTests/OIDTokenRequestTests.m +++ b/UnitTests/OIDTokenRequestTests.m @@ -278,8 +278,22 @@ - (void)testSecureCoding { XCTAssertEqualObjects([urlRequest.allHTTPHeaderFields objectForKey:kTestAdditionalHeaderKey], kTestAdditionalHeaderValue); - NSData *data = [NSKeyedArchiver archivedDataWithRootObject:request]; - OIDTokenRequest *requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; + OIDTokenRequest *requestCopy; + NSError *error; + NSData *data; + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + data = [NSKeyedArchiver archivedDataWithRootObject:request + requiringSecureCoding:YES + error:&error]; + requestCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDTokenRequest class] + fromData:data + error:&error]; + } else { +#if !TARGET_OS_IOS + data = [NSKeyedArchiver archivedDataWithRootObject:request]; + requestCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; +#endif + } // Not a full test of the configuration deserialization, but should be sufficient as a smoke test // to make sure the configuration IS actually getting serialized and deserialized in the diff --git a/UnitTests/OIDTokenResponseTests.m b/UnitTests/OIDTokenResponseTests.m index 0eb525ed0..cce020b73 100644 --- a/UnitTests/OIDTokenResponseTests.m +++ b/UnitTests/OIDTokenResponseTests.m @@ -175,8 +175,22 @@ - (void)testCopying { */ - (void)testSecureCoding { OIDTokenResponse *response = [[self class] testInstance]; - NSData *data = [NSKeyedArchiver archivedDataWithRootObject:response]; - OIDTokenResponse *responseCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; + OIDTokenResponse *responseCopy; + NSError *error; + NSData *data; + if (@available(iOS 12.0, macOS 10.13, tvOS 11.0, watchOS 4.0, *)) { + data = [NSKeyedArchiver archivedDataWithRootObject:response + requiringSecureCoding:YES + error:&error]; + responseCopy = [NSKeyedUnarchiver unarchivedObjectOfClass:[OIDTokenResponse class] + fromData:data + error:&error]; + } else { +#if !TARGET_OS_IOS + data = [NSKeyedArchiver archivedDataWithRootObject:response]; + responseCopy = [NSKeyedUnarchiver unarchiveObjectWithData:data]; +#endif + } // Not a full test of the request deserialization, but should be sufficient as a smoke test // to make sure the request IS actually getting serialized and deserialized in the