Skip to content

Commit

Permalink
Send the Device Token in a cookie HTTP request header (#165)
Browse files Browse the repository at this point in the history
Supplying the deviceToken to the server within the HTTP request body is deprecated, and no longer supported. This update is to send the value through the appropriate cookie header value instead.
  • Loading branch information
mikenachbaur-okta authored Jun 5, 2024
1 parent 79e1a3a commit e8fd454
Show file tree
Hide file tree
Showing 3 changed files with 41 additions and 5 deletions.
2 changes: 1 addition & 1 deletion OktaAuthSdk.podspec
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
Pod::Spec.new do |s|
s.name = 'OktaAuthSdk'
s.version = '2.4.4'
s.version = '2.4.5'
s.summary = 'SDK for Okta native authentication.'
s.description = <<-DESC
Integrate your native app with Okta.
Expand Down
23 changes: 19 additions & 4 deletions Source/RestAPI/OktaAPI.swift
Original file line number Diff line number Diff line change
Expand Up @@ -52,15 +52,30 @@ open class OktaAPI {
bodyParams["relayState"] = relayState
bodyParams["options"] = ["multiOptionalFactorEnroll": multiOptionalFactorEnroll,
"warnBeforePasswordExpired": warnBeforePasswordExpired]
var context: [String: String] = [:]
context["deviceToken"] = deviceToken
bodyParams["context"] = context
bodyParams["token"] = token
req.bodyParams = bodyParams

var additionalHeaders = req.additionalHeaders ?? [:]
if let deviceToken = deviceToken {
var cookies = ["DT=\(deviceToken)"]
if let cookieHeader = req.additionalHeaders?["Cookie"] as? String {
cookies.append(contentsOf: cookieHeader
.components(separatedBy: ";")
.map({ $0.trimmingCharacters(in: .whitespaces) }))
}

additionalHeaders["Cookie"] = cookies.joined(separator: "; ")
}


if let deviceFingerprint = deviceFingerprint {
req.additionalHeaders = ["X-Device-Fingerprint": deviceFingerprint]
additionalHeaders["X-Device-Fingerprint"] = deviceFingerprint
}

if !additionalHeaders.isEmpty {
req.additionalHeaders = additionalHeaders
}

req.run()
return req
}
Expand Down
21 changes: 21 additions & 0 deletions Tests/RestAPI/OktaAPITests.swift
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,27 @@ class OktaAPITests : XCTestCase {
wait(for: [exp], timeout: 60.0)
}

func testPrimaryAuthenticationWithDeviceToken() {
let username = "username"
let password = "password"
let deviceToken = "abcd123"

let exp = XCTestExpectation()
api.commonCompletion = { req, _ in
XCTAssertEqual(req.baseURL, self.url)
XCTAssertEqual(req.path, "/api/v1/authn")
XCTAssertEqual(req.bodyParams?["username"] as? String, username)
XCTAssertEqual(req.bodyParams?["password"] as? String, password)
XCTAssertNil(req.bodyParams?["context"])
XCTAssertEqual(req.additionalHeaders?["Cookie"], "DT=\(deviceToken)")
exp.fulfill()
}

api.primaryAuthentication(username: username, password: password, deviceToken: deviceToken)

wait(for: [exp], timeout: 60.0)
}

func testPrimaryAuthenticationWithDeviceFingerprint() {
let username = "username"
let password = "password"
Expand Down

0 comments on commit e8fd454

Please sign in to comment.