Feature/sso gateway (#1)

* extract organization domain from refresh if pattern present

* use domain from authorization redirect param if present for token url generation

* build sso gateway url depending on params

* missing change for previous cmmit

* integrate signinWithSSOGateway hook in provider

* adapt logout revoke process with new refresh pattern

* adapt refresh process with new refresh token pattern

* add test for token url with organziation domain present in authorization

* test revokeTokenUrl with orgnaization domain pattern in refresh

* add refresh token url when organization domain present

* test ssoGatewayUrl genration depending on idpId value

* syntax

* create component to handle gatewayprocess

* handle error callback in sso button

* add testing and check for gateway button component

* begin integration of dedicated_server param into cryptrconfig

* use dedicated_server to build sso gateway url

* add dedicated_server to config template

* add another idp to gateway multiple button

* fix typo in test

* set type to result of user method

* update README to match new Cryptr config and gateway elements

Author: tuxtux59

README.md

@@ -97,6 +97,7 @@ const config: CryptrConfig = {
   default_redirect_uri: 'cryptr://YOUR_TENANT',
   region: Region.EU,
   cryptr_base_url: 'YOUR_SERVER_URL',
+  dedicated_server: true, // if you have a dedicated server on cryptr
 };
 ```
 
@@ -200,6 +201,22 @@ const { signinWithSSO } = useCryptr()
 signinWithSSO(idpID: string, successCallback?: (data: any) => any, errorCallback?: (data: any) => any)
 ```
 
+#### signinWithSSOGateway
+
+Hook action to sign in the user using Cryptr Gateway when you don't know what is the precise ID used by your end user. You can precise a subset of IDP_ID that user will be able to consume, if none end-user will be able to find his by email or organziation_domain.
+
+When you set one string for `idpId` behavior is same as `signinWithSSO`
+
+:warning: requires a proper setup of you different organization
+
+
+```js
+const { signinWithSSOGateway } = useCryptr()
+
+// [...]
+signinWithSSOGateway(idpID?: string | string[], successCallback?: (data: any) => any, errorCallback?: (data: any) => any)
+```
+
 #### refreshTokens
 
 Hook action to refresh tokens to new ones.
@@ -251,5 +268,7 @@ const { isLoading } = useCryptr()
 This SDK also includes Component to simplify your integration.
 
 - `SsoSigInButton` to login using SSO (hides when session is already active [`autoHide={false}` to disable])
+
+- `SsoGatewayButton` to login using SSO Gateway (hides when session is already active [`autoHide={false}` to disable])
 - `LogOutButton` to logout user (hides when no session is active [`autoHide={false}` to disable])
 - `RefreshButton` to get new tokens (hides when session is already active [`autoHide={false}` to disable])

example/cryptrConfig.template.tsx

@@ -7,6 +7,8 @@ export const cryptrConfig: CryptrConfig = {
   default_redirect_uri: 'cryptr://your-app',
   region: Region.EU,
   cryptr_base_url: 'YOUR_CRYPTR_SERVER_URL',
+  dedicated_server: true,
 };
 
 export const IDP_ID = 'YOUR_IDP_ID';
+export const IDP_ID2 = 'YOUR_SECOND_IDP_ID';

example/src/components/AuthenticatedView.tsx

@@ -3,6 +3,7 @@ import { Button, Text } from 'react-native';
 import {
   LogOutButton,
   RefreshButton,
+  SsoGatewayButton,
   SsoSignInButton,
   useCryptr,
 } from '@cryptr/cryptr-react-native';
@@ -46,9 +47,13 @@ const AuthenticatedView = () => {
     <>
       <Text style={styles.textAuthenticated}>You're logged in</Text>
       <HorizontalDivider />
+      {user() && (
+        <TokenView title={user()!.tnt} value={`Issued at ${user()!.iat}`} />
+      )}
       {accessToken && <TokenView title="Access Token" value={accessToken} />}
       {user() && <TokenView title="User" value={JSON.stringify(user())} />}
       <HorizontalDivider />
+      <SsoGatewayButton text="Gateway" />
       <SsoSignInButton idpId={IDP_ID} autoHide={false} />
       <LogOutButton
         successCallback={logOutCallback}

example/src/components/UnauthenticatedView.tsx

@@ -1,7 +1,13 @@
 import React from 'react';
-import { StyleSheet } from 'react-native';
-import { SsoSignInButton } from '@cryptr/cryptr-react-native';
-import { IDP_ID } from '../../cryptrConfig.template';
+import { Pressable, StyleSheet, Text, View } from 'react-native';
+import {
+  SsoGatewayButton,
+  SsoSignInButton,
+  useCryptr,
+} from '@cryptr/cryptr-react-native';
+import { IDP_ID, IDP_ID2 } from '../../cryptrConfig.template';
+import { styles } from '../styles';
+import HorizontalDivider from './HorizontalDivider';
 
 export const unauthStyles = StyleSheet.create({
   ssoBtnContainer: {
@@ -18,9 +24,25 @@ export const unauthStyles = StyleSheet.create({
 });
 
 const UnauthenticatedView = () => {
+  const { signinWithSSOGateway } = useCryptr();
+
   return (
     <>
       <SsoSignInButton idpId={IDP_ID} />
+      <HorizontalDivider />
+      <SsoGatewayButton autoHide={false} text="Gateway" />
+      <View>
+        <Pressable
+          onPress={() => signinWithSSOGateway(IDP_ID)}
+          style={styles.button}
+        >
+          <Text>Gateway on IDP</Text>
+        </Pressable>
+        <SsoGatewayButton
+          idpId={[IDP_ID, IDP_ID2]}
+          text="Gateway with multiple IDPs"
+        />
+      </View>
     </>
   );
 };

src/__tests__/components/CryptrSsoGatewayButton.test.tsx

@@ -0,0 +1,262 @@
+import React from 'react';
+import CryptrProvider from '../../models/CryptrProvider';
+import renderer from 'react-test-renderer';
+import type { CryptrConfig } from '../../utils/interfaces';
+import CryptrSsoGatewayButton from '../../components/CryptrSsoGatewayButton';
+import { Locale } from '../../utils/enums';
+import { Text } from 'react-native';
+import { render, fireEvent } from '@testing-library/react-native';
+import Cryptr from '../../models/Cryptr';
+
+interface JsonTree {
+  children: any;
+}
+
+jest.mock('../../models/Cryptr', () => ({
+  startSecuredView: jest.fn(),
+  getRefresh: jest.fn(),
+  setRefresh: jest.fn(),
+}));
+
+describe('CryptrSsoGatewayButton', () => {
+  const config: CryptrConfig = {
+    tenant_domain: 'shark_academy',
+    client_id: '123',
+    audience: 'cryptr://audience',
+    default_redirect_uri: 'cryptr://redirect-uri',
+  };
+
+  it('should mount in provider', () => {
+    const tree = renderer.create(
+      <CryptrProvider {...config}>
+        <CryptrSsoGatewayButton />
+      </CryptrProvider>
+    );
+
+    expect(tree).not.toBeUndefined();
+    const jsonTree = tree.toJSON() as JsonTree;
+    expect(jsonTree.children[0].children).toEqual(['Sign in with SSO']);
+    expect(tree.root.findByType(CryptrSsoGatewayButton).props).toEqual({});
+  });
+
+  it('should mount in provider and allow french locale', () => {
+    const tree = renderer.create(
+      <CryptrProvider {...config} default_locale={Locale.FR}>
+        <CryptrSsoGatewayButton />
+      </CryptrProvider>
+    );
+
+    expect(tree).not.toBeUndefined();
+    const jsonTree = tree.toJSON() as JsonTree;
+    expect(jsonTree.children[0].children).toEqual(['Se connecter en SSO']);
+    expect(tree.root.findByType(CryptrSsoGatewayButton).props).toEqual({});
+  });
+
+  it('should mount in provider and allow non blank idpId string', () => {
+    const tree = renderer.create(
+      <CryptrProvider {...config}>
+        <CryptrSsoGatewayButton idpId={'shark_academy_12fregerg'} />
+      </CryptrProvider>
+    );
+
+    expect(tree).not.toBeUndefined();
+    const jsonTree = tree.toJSON() as JsonTree;
+    expect(jsonTree.children[0].children).toEqual(['Sign in with SSO']);
+    expect(tree.root.findByType(CryptrSsoGatewayButton).props).toEqual({
+      idpId: 'shark_academy_12fregerg',
+    });
+  });
+
+  it('should mount in provider and allow non blank and non empty idpId string array', () => {
+    const tree = renderer.create(
+      <CryptrProvider {...config}>
+        <CryptrSsoGatewayButton
+          idpId={['shark_academy_12fregerg', 'company_fzef1238']}
+        />
+      </CryptrProvider>
+    );
+
+    expect(tree).not.toBeUndefined();
+    const jsonTree = tree.toJSON() as JsonTree;
+    expect(jsonTree.children[0].children).toEqual(['Sign in with SSO']);
+    expect(tree.root.findByType(CryptrSsoGatewayButton).props).toEqual({
+      idpId: ['shark_academy_12fregerg', 'company_fzef1238'],
+    });
+  });
+
+  it('should throw error if blank idpId string', () => {
+    expect(() =>
+      renderer.create(
+        <CryptrProvider {...config}>
+          <CryptrSsoGatewayButton idpId={''} />
+        </CryptrProvider>
+      )
+    ).toThrow('Please provide non blank string(s) for idpId');
+  });
+
+  it('should throw error if empty idpId string array', () => {
+    expect(() =>
+      renderer.create(
+        <CryptrProvider {...config}>
+          <CryptrSsoGatewayButton idpId={[]} />
+        </CryptrProvider>
+      )
+    ).toThrow('Please provide non blank string(s) for idpId');
+  });
+
+  it('should throw error if blank idpId string array', () => {
+    expect(() =>
+      renderer.create(
+        <CryptrProvider {...config}>
+          <CryptrSsoGatewayButton idpId={['']} />
+        </CryptrProvider>
+      )
+    ).toThrow('Please provide non blank string(s) for idpId');
+  });
+
+  it('should throw error if one blank item in idpId string array', () => {
+    expect(() =>
+      renderer.create(
+        <CryptrProvider {...config}>
+          <CryptrSsoGatewayButton idpId={['idp_id', '']} />
+        </CryptrProvider>
+      )
+    ).toThrow('Please provide non blank string(s) for idpId');
+  });
+
+  it('should mount in provider and custom text', () => {
+    const tree = renderer.create(
+      <CryptrProvider {...config}>
+        <CryptrSsoGatewayButton text="Access to gateway" />
+      </CryptrProvider>
+    );
+
+    expect(tree).not.toBeUndefined();
+    const jsonTree = tree.toJSON() as JsonTree;
+    expect(jsonTree.children[0].children).toEqual(['Access to gateway']);
+    expect(tree.root.findByType(CryptrSsoGatewayButton).props).toEqual({
+      text: 'Access to gateway',
+    });
+  });
+
+  it('should mount in provider and allow custom children', () => {
+    const tree = renderer.create(
+      <CryptrProvider {...config}>
+        <CryptrSsoGatewayButton text="Access to gateway">
+          <Text>Custom button text</Text>
+        </CryptrSsoGatewayButton>
+      </CryptrProvider>
+    );
+
+    expect(tree).not.toBeUndefined();
+    const jsonTree = tree.toJSON() as JsonTree;
+    expect(jsonTree.children[0].children).toEqual(['Custom button text']);
+  });
+
+  it('should start standard gateway process on press action', () => {
+    const { getByText } = render(
+      <CryptrProvider {...config}>
+        <CryptrSsoGatewayButton>
+          <Text>Custom idp content</Text>
+        </CryptrSsoGatewayButton>
+      </CryptrProvider>
+    );
+    const item = getByText('Custom idp content');
+    const startSecuredViewFn = jest.spyOn(Cryptr, 'startSecuredView');
+    fireEvent.press(item);
+    expect(startSecuredViewFn).toHaveBeenCalledWith(
+      expect.stringContaining(
+        'https://auth.cryptr.eu/t/shark_academy/?client_id=123'
+      ),
+      expect.anything(),
+      expect.anything()
+    );
+    expect(startSecuredViewFn).toHaveBeenCalledWith(
+      expect.not.stringContaining('idp_id='),
+      expect.anything(),
+      expect.anything()
+    );
+
+    expect(startSecuredViewFn).toHaveBeenCalledWith(
+      expect.not.stringContaining('idp_ids%5B%5D='),
+      expect.anything(),
+      expect.anything()
+    );
+
+    startSecuredViewFn.mockRestore();
+  });
+
+  it('should start standard dedicated gateway process on press action', () => {
+    const { getByText } = render(
+      <CryptrProvider {...config} dedicated_server={true}>
+        <CryptrSsoGatewayButton>
+          <Text>Custom idp content</Text>
+        </CryptrSsoGatewayButton>
+      </CryptrProvider>
+    );
+    const item = getByText('Custom idp content');
+    const startSecuredViewFn = jest.spyOn(Cryptr, 'startSecuredView');
+    fireEvent.press(item);
+    expect(startSecuredViewFn).toHaveBeenCalledWith(
+      expect.stringContaining('https://auth.cryptr.eu/?client_id'),
+      expect.anything(),
+      expect.anything()
+    );
+    expect(startSecuredViewFn).toHaveBeenCalledWith(
+      expect.not.stringContaining('idp_id='),
+      expect.anything(),
+      expect.anything()
+    );
+
+    expect(startSecuredViewFn).toHaveBeenCalledWith(
+      expect.not.stringContaining('idp_ids%5B%5D='),
+      expect.anything(),
+      expect.anything()
+    );
+
+    startSecuredViewFn.mockRestore();
+  });
+
+  it('should start idp gateway process on press action', () => {
+    const { getByText } = render(
+      <CryptrProvider {...config}>
+        <CryptrSsoGatewayButton idpId="app_sso_idp_id">
+          <Text>Custom idp content</Text>
+        </CryptrSsoGatewayButton>
+      </CryptrProvider>
+    );
+    const item = getByText('Custom idp content');
+    const startSecuredViewFn = jest.spyOn(Cryptr, 'startSecuredView');
+    fireEvent.press(item);
+    expect(startSecuredViewFn).toHaveBeenCalledWith(
+      expect.stringContaining('idp_id=app_sso_idp_id'),
+      expect.anything(),
+      expect.anything()
+    );
+    startSecuredViewFn.mockRestore();
+  });
+
+  it('should start idps gateway process on press action', () => {
+    const { getByText } = render(
+      <CryptrProvider {...config}>
+        <CryptrSsoGatewayButton idpId={['app_sso_idp_id', 'another_idp_id']}>
+          <Text>Custom idp content</Text>
+        </CryptrSsoGatewayButton>
+      </CryptrProvider>
+    );
+    const item = getByText('Custom idp content');
+    const startSecuredViewFn = jest.spyOn(Cryptr, 'startSecuredView');
+    fireEvent.press(item);
+    expect(startSecuredViewFn).toHaveBeenCalledWith(
+      expect.stringContaining('idp_ids%5B%5D=app_sso_idp_id'),
+      expect.anything(),
+      expect.anything()
+    );
+    expect(startSecuredViewFn).toHaveBeenCalledWith(
+      expect.stringContaining('idp_ids%5B%5D=another_idp_id'),
+      expect.anything(),
+      expect.anything()
+    );
+    startSecuredViewFn.mockRestore();
+  });
+});