CodeCow/stack
1
0
Fork 0
mirror of https://github.com/stack-auth/stack.git synced 2026-06-27 21:01:03 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
d04e944f8d
stack/sdks/implementations/swift/Tests/StackAuthTests/TestConfig.swift
Aman Ganapathy c8694c7ff5
[Fix] [Feat] Update OAuth Sign-In and Get Token Functions to Work (#1130) 
### Summary of Changes

Previously, on the Swift SDK, the `signInWithOAuth` function wasn't
working. In this PR, we fix it by having the `getOAuthUrl` function to
actually redirect correctly. Note that to do so, we updated the
`validRedirectUrl` check on the backend to accept app native redirects
(from our new trusted url scheme). Another thing to note is that we
added functionality to the `TokenStore` abstraction to conditionally
refresh the access token that the user is trying to fetch if it is
expired/close to expiring if possible. `getOAuthUrl` will attempt to get
a valid access token, and thus will rely on our algorithm documented in
`utilities.md`.

The specs serve as the source of truth.

We go further and implement Apple Native sign in. To do so, we have it
hit a new route on the backend and verify the `jwtToken` retrieved by
the sdk against an Apple-provided set of `jwks`. We use jose to do so,
in line with the rest of the codebase.

We take this opportunity to refactor the oauth provider route owing to
the amount of duplicated logic. Additionally, to enable the apple sign
in, users will have to update the Apple authentication method modal on
the dashboard and add accepted bundle ids. These are identifiers for
projects, and we will check the `JWT` on the backend to make sure the
audience is set to an accepted bundleId.

We also update the Apple modal to be more informative.

### Using the new Features

To use the Apple native sign in, users will have to 1) sign up with an
apple developer account, 2) set up their bundleids for their projects by
connecting them to the apple developer account, 3) update the Stack-Auth
Authentication Methods dashboard apple modal with the relevant fields.
Then, trying to sign in with apple with our Swift SDK will use the apple
native sign in.

### UI Changes

Renamed the fields in the apple modal. Added a new field for bundle ids.
See below.


https://github.com/user-attachments/assets/0e760c0e-3198-4818-ac7f-4900d7a125bb



Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
2026-01-28 02:17:27 +00:00

87 lines
3.2 KiB
Swift
Raw Blame History

import Foundation
#if canImport(FoundationNetworking)
import FoundationNetworking
#endif
@testable import StackAuth
/// Shared test configuration
/// Set environment variables to customize test behavior:
/// - NEXT_PUBLIC_STACK_PORT_PREFIX: Port prefix for backend (default: "81")
/// - STACK_SKIP_E2E_TESTS: Set to "true" to skip E2E tests
struct TestConfig {
static let portPrefix = ProcessInfo.processInfo.environment["NEXT_PUBLIC_STACK_PORT_PREFIX"] ?? "81"
static let baseUrl = "http://localhost:\(portPrefix)02"
static let skipE2E = ProcessInfo.processInfo.environment["STACK_SKIP_E2E_TESTS"] == "true"
// Test credentials - these should match the test project in the backend
// See apps/e2e/.env.development for the source of truth
static let projectId = "internal"
static let publishableClientKey = "this-publishable-client-key-is-for-local-development-only"
static let secretServerKey = "this-secret-server-key-is-for-local-development-only"
/// Check if backend is accessible
static func isBackendAvailable() async -> Bool {
guard !skipE2E else { return false }
guard let url = URL(string: "\(baseUrl)/api/v1/health") else { return false }
do {
let (_, response) = try await URLSession.shared.data(from: url)
if let httpResponse = response as? HTTPURLResponse {
return (200..<300).contains(httpResponse.statusCode)
}
return false
} catch {
return false
}
}
/// Generate a unique test email
static func uniqueEmail() -> String {
"test-\(UUID().uuidString.lowercased())@example.com"
}
/// Generate a unique team name
static func uniqueTeamName() -> String {
"Test Team \(UUID().uuidString.prefix(8))"
}
/// Create a new client app instance for testing.
/// By default uses a fresh isolated MemoryTokenStore (not from the registry)
/// to avoid interference between parallel tests.
static func createClientApp(tokenStore: TokenStoreInit? = nil) -> StackClientApp {
// Default to a fresh isolated memory store, not the shared registry singleton
let store = tokenStore ?? .custom(MemoryTokenStore())
return StackClientApp(
projectId: projectId,
publishableClientKey: publishableClientKey,
baseUrl: baseUrl,
tokenStore: store,
noAutomaticPrefetch: true
)
}
/// Create a new server app instance for testing
static func createServerApp() -> StackServerApp {
StackServerApp(
projectId: projectId,
publishableClientKey: publishableClientKey,
secretServerKey: secretServerKey,
baseUrl: baseUrl
)
}
/// Standard test password that meets requirements
static let testPassword = "TestPassword123!"
/// Weak password that should be rejected
static let weakPassword = "123"
}
// MARK: - Convenience Aliases
let baseUrl = TestConfig.baseUrl
let testProjectId = TestConfig.projectId
let testPublishableClientKey = TestConfig.publishableClientKey
let testSecretServerKey = TestConfig.secretServerKey
Reference in New Issue View Git Blame Copy Permalink