aboutsummaryrefslogtreecommitdiffhomepage
path: root/Firebase/Auth/Source/FIRUser.m
diff options
context:
space:
mode:
Diffstat (limited to 'Firebase/Auth/Source/FIRUser.m')
-rw-r--r--Firebase/Auth/Source/FIRUser.m27
1 files changed, 20 insertions, 7 deletions
diff --git a/Firebase/Auth/Source/FIRUser.m b/Firebase/Auth/Source/FIRUser.m
index 9bae744..ad0b1d4 100644
--- a/Firebase/Auth/Source/FIRUser.m
+++ b/Firebase/Auth/Source/FIRUser.m
@@ -851,9 +851,17 @@ static void callInMainThreadWithAuthDataResultAndError(
"error" out parameter.
*/
- (FIRAuthTokenResult *)parseIDToken:(NSString *)token error:(NSError **)error {
+ // Though this is an internal method, errors returned here are surfaced in user-visible
+ // callbacks.
*error = nil;
NSArray *tokenStringArray = [token componentsSeparatedByString:@"."];
+ // The JWT should have three parts, though we only use the second in this method.
+ if (tokenStringArray.count != 3) {
+ *error = [FIRAuthErrorUtils malformedJWTErrorWithToken:token underlyingError:nil];
+ return nil;
+ }
+
// The token payload is always the second index of the array.
NSString *idToken = tokenStringArray[1];
@@ -863,8 +871,10 @@ static void callInMainThreadWithAuthDataResultAndError(
[[idToken stringByReplacingOccurrencesOfString:@"_" withString:@"/"] mutableCopy];
// Replace "-" with "+"
- tokenPayload =
- [[tokenPayload stringByReplacingOccurrencesOfString:@"-" withString:@"+"] mutableCopy];
+ [tokenPayload replaceOccurrencesOfString:@"-"
+ withString:@"+"
+ options:kNilOptions
+ range:NSMakeRange(0, tokenPayload.length)];
// Pad the token payload with "=" signs if the payload's length is not a multiple of 4.
while ((tokenPayload.length % 4) != 0) {
@@ -874,19 +884,22 @@ static void callInMainThreadWithAuthDataResultAndError(
[[NSData alloc] initWithBase64EncodedString:tokenPayload
options:NSDataBase64DecodingIgnoreUnknownCharacters];
if (!decodedTokenPayloadData) {
- *error = [FIRAuthErrorUtils unexpectedResponseWithDeserializedResponse:token];
+ *error = [FIRAuthErrorUtils malformedJWTErrorWithToken:token underlyingError:nil];
return nil;
}
+ NSError *jsonError = nil;
+ NSJSONReadingOptions options = NSJSONReadingMutableContainers|NSJSONReadingAllowFragments;
NSDictionary *tokenPayloadDictionary =
[NSJSONSerialization JSONObjectWithData:decodedTokenPayloadData
- options:NSJSONReadingMutableContainers|NSJSONReadingAllowFragments
- error:error];
- if (*error) {
+ options:options
+ error:&jsonError];
+ if (jsonError != nil) {
+ *error = [FIRAuthErrorUtils malformedJWTErrorWithToken:token underlyingError:jsonError];
return nil;
}
if (!tokenPayloadDictionary) {
- *error = [FIRAuthErrorUtils unexpectedResponseWithDeserializedResponse:token];
+ *error = [FIRAuthErrorUtils malformedJWTErrorWithToken:token underlyingError:nil];
return nil;
}