Feature/cookieless ios session (#4)

* add prop to cryptrconfig to handle ios ephemeral session

* change key name and adapt base code

* startSecuredView with no_popup_no_cookie param

* hotfix android update for no_popup_no_cookie

Author: tuxtux59

android/src/main/java/com/reactnativecryptr/CryptrModule.kt

@@ -118,6 +118,7 @@ class CryptrModule(reactContext: ReactApplicationContext) : ReactContextBaseJava
     @ReactMethod(isBlockingSynchronousMethod = true)
     fun startSecuredView(
       uri: String,
+      _no_popup_no_cookie: Boolean,
       successCallback: Callback,
       errorCallback: Callback,
     ) {

ios/Cryptr.m

@@ -108,6 +108,7 @@ - (void)openInSafari:(NSURL *)URL {
 }
 
 RCT_EXPORT_METHOD(startSecuredView:(NSURL *)url
+                  prefersEphemeralWebBrowserSession:(BOOL)prefersEphemeralWebBrowserSession
                   successCallback:(RCTResponseSenderBlock)successCallback
                   errorCallback:(RCTResponseSenderBlock)errorCallback)
 {
@@ -142,9 +143,9 @@ - (void)openInSafari:(NSURL *)URL {
         #if __IPHONE_OS_VERSION_MAX_ALLOWED >= 130000
         if (@available(iOS 13.0, *)) {
             session.presentationContextProvider = self;
-            // if ([urlStr rangeOfString:@"slo-after-revoke-token"].location == NSNotFound) {
-            //   session.prefersEphemeralWebBrowserSession = true;
-            // }
+            if (prefersEphemeralWebBrowserSession) {
+              session.prefersEphemeralWebBrowserSession = true;
+            }
         }
         #endif
 

src/__tests__/components/CryptrSsoGatewayButton.test.tsx

@@ -168,17 +168,56 @@ describe('CryptrSsoGatewayButton', () => {
       expect.stringContaining(
         'https://auth.cryptr.eu/t/shark_academy/?client_id=123'
       ),
+      false,
       expect.anything(),
       expect.anything()
     );
     expect(startSecuredViewFn).toHaveBeenCalledWith(
       expect.not.stringContaining('idp_id='),
+      false,
       expect.anything(),
       expect.anything()
     );
 
     expect(startSecuredViewFn).toHaveBeenCalledWith(
       expect.not.stringContaining('idp_ids%5B%5D='),
+      false,
+      expect.anything(),
+      expect.anything()
+    );
+
+    startSecuredViewFn.mockRestore();
+  });
+
+  it('should start standard gateway process without no_popup_no_cookie is true on press action', () => {
+    const { getByText } = render(
+      <CryptrProvider {...config} no_popup_no_cookie={true}>
+        <CryptrSsoGatewayButton>
+          <Text>Custom idp content</Text>
+        </CryptrSsoGatewayButton>
+      </CryptrProvider>
+    );
+    const item = getByText('Custom idp content');
+    const startSecuredViewFn = jest.spyOn(Cryptr, 'startSecuredView');
+    fireEvent.press(item);
+    expect(startSecuredViewFn).toHaveBeenCalledWith(
+      expect.stringContaining(
+        'https://auth.cryptr.eu/t/shark_academy/?client_id=123'
+      ),
+      true,
+      expect.anything(),
+      expect.anything()
+    );
+    expect(startSecuredViewFn).toHaveBeenCalledWith(
+      expect.not.stringContaining('idp_id='),
+      true,
+      expect.anything(),
+      expect.anything()
+    );
+
+    expect(startSecuredViewFn).toHaveBeenCalledWith(
+      expect.not.stringContaining('idp_ids%5B%5D='),
+      true,
       expect.anything(),
       expect.anything()
     );
@@ -199,17 +238,20 @@ describe('CryptrSsoGatewayButton', () => {
     fireEvent.press(item);
     expect(startSecuredViewFn).toHaveBeenCalledWith(
       expect.stringContaining('https://auth.cryptr.eu/?client_id'),
+      false,
       expect.anything(),
       expect.anything()
     );
     expect(startSecuredViewFn).toHaveBeenCalledWith(
       expect.not.stringContaining('idp_id='),
+      false,
       expect.anything(),
       expect.anything()
     );
 
     expect(startSecuredViewFn).toHaveBeenCalledWith(
       expect.not.stringContaining('idp_ids%5B%5D='),
+      false,
       expect.anything(),
       expect.anything()
     );
@@ -230,6 +272,7 @@ describe('CryptrSsoGatewayButton', () => {
     fireEvent.press(item);
     expect(startSecuredViewFn).toHaveBeenCalledWith(
       expect.stringContaining('idp_id=app_sso_idp_id'),
+      false,
       expect.anything(),
       expect.anything()
     );
@@ -249,11 +292,13 @@ describe('CryptrSsoGatewayButton', () => {
     fireEvent.press(item);
     expect(startSecuredViewFn).toHaveBeenCalledWith(
       expect.stringContaining('idp_ids%5B%5D=app_sso_idp_id'),
+      false,
       expect.anything(),
       expect.anything()
     );
     expect(startSecuredViewFn).toHaveBeenCalledWith(
       expect.stringContaining('idp_ids%5B%5D=another_idp_id'),
+      false,
       expect.anything(),
       expect.anything()
     );

src/__tests__/components/CryptrSsoSignInButton.test.tsx

@@ -101,6 +101,28 @@ describe('CryptrSsoSignInButton', () => {
       expect.stringMatching(
         'https://auth.cryptr.eu/enterprise/app_sso_idp_id/login'
       ),
+      false,
+      expect.anything(),
+      expect.anything()
+    );
+  });
+
+  it('should start sso process when no_popup_no_cookie is true on press action', () => {
+    const { getByText } = render(
+      <CryptrProvider {...config} no_popup_no_cookie={true}>
+        <CryptrSsoSignInButton idpId="app_sso_idp_id">
+          <Text>Custom idp content</Text>
+        </CryptrSsoSignInButton>
+      </CryptrProvider>
+    );
+    const item = getByText('Custom idp content');
+    const startSecuredViewFn = jest.spyOn(Cryptr, 'startSecuredView');
+    fireEvent.press(item);
+    expect(startSecuredViewFn).toHaveBeenCalledWith(
+      expect.stringMatching(
+        'https://auth.cryptr.eu/enterprise/app_sso_idp_id/login'
+      ),
+      true,
       expect.anything(),
       expect.anything()
     );

src/__tests__/utils/apiHelpers.test.tsx

@@ -74,6 +74,7 @@ describe('apiHelpers#tokenUrl/3', () => {
     audience: 'cryptr://app',
     default_redirect_uri: 'cryptr://app',
     dedicated_server: false,
+    no_popup_no_cookie: false,
   };
   const authorization = { authorization_id: 'azerty' };
 
@@ -125,6 +126,7 @@ describe('apiHelpers#ssoSignUrl/3', () => {
     audience: 'cryptr://app',
     default_redirect_uri: 'cryptr://app',
     dedicated_server: false,
+    no_popup_no_cookie: false,
   };
   const idpId = 'shark_academy_po54ze';
   const transaction = new Transaction(config.default_redirect_uri, Sign.SSO);
@@ -146,6 +148,7 @@ describe('apiHelpers#revokeTokenUrl/1', () => {
     audience: 'cryptr://app',
     default_redirect_uri: 'cryptr://app',
     dedicated_server: false,
+    no_popup_no_cookie: false,
   };
 
   it('should return revoke token url if sample transaction and sample refresh', () => {
@@ -173,6 +176,7 @@ describe('apiHelpers#sloAfterRevokeTokenUrl/2', () => {
     audience: 'cryptr://app',
     default_redirect_uri: 'cryptr://app',
     dedicated_server: false,
+    no_popup_no_cookie: false,
   };
   const sloCode = 'remove_me';
 
@@ -193,6 +197,7 @@ describe('apiHelpers#refreshTokenUrl/2', () => {
     audience: 'cryptr://app',
     default_redirect_uri: 'cryptr://app',
     dedicated_server: false,
+    no_popup_no_cookie: false,
   };
   const refreshTransaction = new Transaction(
     config.default_redirect_uri,
@@ -228,6 +233,7 @@ describe('apiHelpers#ssoGatewayUrl', () => {
     audience: 'cryptr://app',
     default_redirect_uri: 'cryptr://app',
     dedicated_server: false,
+    no_popup_no_cookie: false,
   };
 
   const transaction = new Transaction(config.default_redirect_uri, Sign.SSO);

src/__tests__/utils/helpers.test.tsx

@@ -18,6 +18,7 @@ describe('helpers#refreshBody/3', () => {
     audience: 'cryptr://app',
     default_redirect_uri: 'cryptr://app',
     dedicated_server: false,
+    no_popup_no_cookie: false,
   };
   const refreshToken = 'shark_academy_po54ze';
   const refreshTransaction = new Transaction(
@@ -41,6 +42,7 @@ describe('helpers#tokensBody/3', () => {
     audience: 'cryptr://app',
     default_redirect_uri: 'cryptr://app',
     dedicated_server: false,
+    no_popup_no_cookie: false,
   };
   const params = { authorization_id: 'auth_id' };
   const transaction = new Transaction(config.default_redirect_uri, Sign.SSO);
@@ -106,6 +108,7 @@ describe('helpers#prepareConfig/1', () => {
       cryptr_base_url: 'https://auth.cryptr.eu',
       default_locale: 'en',
       dedicated_server: false,
+      no_popup_no_cookie: false,
     });
   });
 
@@ -126,6 +129,7 @@ describe('helpers#prepareConfig/1', () => {
       cryptr_base_url: 'https://shark-academy.authent.me',
       default_locale: 'en',
       dedicated_server: false,
+      no_popup_no_cookie: false,
     });
   });
 
@@ -146,6 +150,7 @@ describe('helpers#prepareConfig/1', () => {
       cryptr_base_url: 'https://auth.cryptr.eu',
       default_locale: 'en',
       dedicated_server: false,
+      no_popup_no_cookie: false,
     });
   });
 
@@ -166,6 +171,7 @@ describe('helpers#prepareConfig/1', () => {
       cryptr_base_url: 'https://auth.cryptr.us',
       default_locale: 'en',
       dedicated_server: false,
+      no_popup_no_cookie: false,
     });
   });
 
@@ -187,6 +193,7 @@ describe('helpers#prepareConfig/1', () => {
       cryptr_base_url: 'https://shark-academy.authent.me',
       default_locale: 'en',
       dedicated_server: false,
+      no_popup_no_cookie: false,
     });
   });
 
@@ -207,6 +214,7 @@ describe('helpers#prepareConfig/1', () => {
       cryptr_base_url: 'https://auth.cryptr.eu',
       default_locale: 'fr',
       dedicated_server: false,
+      no_popup_no_cookie: false,
     });
   });
 
@@ -228,6 +236,29 @@ describe('helpers#prepareConfig/1', () => {
       cryptr_base_url: 'https://auth.cryptr.eu',
       default_locale: 'fr',
       dedicated_server: true,
+      no_popup_no_cookie: false,
+    });
+  });
+
+  it('should returns chosen no_popup_no_cookie config if provided', () => {
+    expect(
+      prepareConfig({
+        tenant_domain: 'shark_academy',
+        client_id: 'client_id',
+        audience: 'cryptr://audience',
+        default_redirect_uri: 'cryptr://defaultRedirectUri',
+        default_locale: 'fr',
+        no_popup_no_cookie: true,
+      })
+    ).toEqual({
+      tenant_domain: 'shark_academy',
+      client_id: 'client_id',
+      audience: 'cryptr://audience',
+      default_redirect_uri: 'cryptr://defaultRedirectUri',
+      cryptr_base_url: 'https://auth.cryptr.eu',
+      default_locale: 'fr',
+      dedicated_server: false,
+      no_popup_no_cookie: true,
     });
   });
 });

src/__tests__/utils/jwt.test.tsx

@@ -19,6 +19,7 @@ let config: PreparedCryptrConfig = {
   client_id: 'e2629eb9-3f56-4397-b19d-b85747cecd6b',
   cryptr_base_url: 'http://localhost:4000',
   dedicated_server: false,
+  no_popup_no_cookie: false,
 };
 
 const validExpiredAccess =

src/models/Cryptr.tsx

@@ -9,6 +9,7 @@ const LINKING_ERROR =
 interface CryptrInterface {
   startSecuredView: (
     uri: string,
+    no_popup_no_cookie: boolean,
     successCallback?: (data: any) => any,
     errorCallback?: (error: any) => any
   ) => any;

src/models/CryptrProvider.tsx

@@ -161,6 +161,7 @@ const CryptrProvider: React.FC<ProviderProps> = ({
     setLoading();
     Cryptr.startSecuredView(
       ssoUrl,
+      config.no_popup_no_cookie,
       handleRedirectCalback(ssoTransaction, successCallback),
       (error: any) => {
         setError(error);
@@ -179,6 +180,7 @@ const CryptrProvider: React.FC<ProviderProps> = ({
     setLoading();
     Cryptr.startSecuredView(
       ssoGatewayURL,
+      config.no_popup_no_cookie,
       handleRedirectCalback(ssoTransaction, successCallback),
       (error: any) => {
         setError(error);
@@ -201,6 +203,7 @@ const CryptrProvider: React.FC<ProviderProps> = ({
             let sloUrl = sloAfterRevokeTokenUrl(config, slo_code);
             Cryptr.startSecuredView(
               sloUrl,
+              config.no_popup_no_cookie,
               (_d: any) => {
                 callback && callback(json);
               },

src/utils/helpers.tsx

@@ -29,6 +29,7 @@ export const prepareConfig = (
     default_locale: options.default_locale || deviceCryptrLocale(),
     default_redirect_uri: options.default_redirect_uri,
     dedicated_server: options.dedicated_server || false,
+    no_popup_no_cookie: options.no_popup_no_cookie || false,
   };
 };
 

src/utils/interfaces.tsx

@@ -37,11 +37,13 @@ export interface CryptrConfig {
   cryptr_base_url?: string;
   telemetry?: boolean;
   dedicated_server?: boolean;
+  no_popup_no_cookie?: boolean;
 }
 
 export interface PreparedCryptrConfig extends CryptrConfig {
   cryptr_base_url: string;
   dedicated_server: boolean;
+  no_popup_no_cookie: boolean;
 }
 
 export interface ProviderOptions extends CryptrConfig {}