updated AD support: kerb ticket now obtained at user space app launch from password in keychain. udpated profile manifest with better comments; delete cookes on webview each time it appears; added local login button; shows username password if discoveryURL is not defined

Author: twocanoes

Profile Manifest/com.twocanoes.xcreds.plist

@@ -14,11 +14,11 @@ class MainController: NSObject, NoMADUserSessionDelegate {
     }
 
     func NoMADAuthenticationFailed(error: NoMAD_ADAuth.NoMADSessionError, description: String) {
-        TCSLogErrorWithMark(description)
+        TCSLogErrorWithMark("NoMADAuthenticationFailed:\(description)")
     }
-
+    
     func NoMADUserInformation(user: NoMAD_ADAuth.ADUserRecord) {
-
+        TCSLogWithMark("AD user password expires: \(user.passwordExpire?.description ?? "unknown")")
     }
 
 

XCreds/MainController.swift

@@ -106,7 +106,7 @@ class TokenManager {
         if creds.password.count>0 {
             TCSLogWithMark("Saving cloud password")
 
-            if keychainUtil.updatePassword(serviceName: "xcreds",accountName:PrefKeys.password.rawValue, pass: creds.password,shouldUpdateACL: setACL, keychainPassword:password) == false {
+            if keychainUtil.updatePassword(serviceName: "xcreds local password",accountName:PrefKeys.password.rawValue, pass: creds.password,shouldUpdateACL: setACL, keychainPassword:password) == false {
                 TCSLogErrorWithMark("Error Updating password")
 
                 return false
@@ -144,7 +144,7 @@ TCSLogWithMark()
         let refreshAccountAndToken = try? keychainUtil.findPassword(serviceName: "xcreds",accountName:PrefKeys.refreshToken.rawValue)
 
         let clientID = defaults.string(forKey: PrefKeys.clientID.rawValue)
-        let keychainAccountAndPassword = try? keychainUtil.findPassword(serviceName: "xcreds",accountName:PrefKeys.password.rawValue)
+        let keychainAccountAndPassword = try? keychainUtil.findPassword(serviceName: "xcreds local password",accountName:PrefKeys.password.rawValue)
         TCSLogWithMark()
         if let refreshAccountAndToken = refreshAccountAndToken, let refreshToken = refreshAccountAndToken.1, let clientID = clientID, let keychainAccountAndPassword = keychainAccountAndPassword, let keychainPassword = keychainAccountAndPassword.1 {
             TCSLogWithMark()

XCreds/TokenManager.swift

@@ -23,7 +23,8 @@ class WebViewWindowController: NSWindowController {
     var password:String?
 
     func loadPage() {
-
+        TCSLogWithMark("Clearing cookies")
+        webView.cleanAllCookies()
         TCSLogWithMark()
         let licenseState = LicenseChecker().currentLicenseState()
         if let refreshTitleTextField = refreshTitleTextField {
@@ -320,3 +321,21 @@ extension String {
         self = self.sanitized()
     }
 }
+extension WKWebView {
+
+    func cleanAllCookies() {
+        HTTPCookieStorage.shared.removeCookies(since: Date.distantPast)
+        print("All cookies deleted")
+
+        WKWebsiteDataStore.default().fetchDataRecords(ofTypes: WKWebsiteDataStore.allWebsiteDataTypes()) { records in
+            records.forEach { record in
+                WKWebsiteDataStore.default().removeData(ofTypes: record.dataTypes, for: [record], completionHandler: {})
+                print("Cookie ::: \(record) deleted")
+            }
+        }
+    }
+
+    func refreshCookies() {
+        self.configuration.processPool = WKProcessPool()
+    }
+}

XCreds/WebViewWindowController.swift

@@ -147,7 +147,18 @@ import Cocoa
             allowLogin()
             return
         }
-        showLoginWindowType(loginWindowType: .cloud)
+        let discoveryURL=DefaultsOverride.standardOverride.value(forKey: PrefKeys.discoveryURL.rawValue)
+
+
+        if let _ = discoveryURL {
+            showLoginWindowType(loginWindowType: .cloud)
+
+        }
+        else {
+            showLoginWindowType(loginWindowType: .usernamePassword)
+
+        }
+
 //        if (false){
 //
 //            os_log("Activating app", log: checkADLog, type: .debug)

XCredsLoginPlugIn/Mechanisms/XCredsLoginMechanism.swift

@@ -1233,7 +1233,7 @@
 				CLANG_ENABLE_MODULES = YES;
 				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 4138;
+				CURRENT_PROJECT_VERSION = 4143;
 				DEFINES_MODULE = YES;
 				DEVELOPMENT_TEAM = UXP6YEHSPW;
 				FRAMEWORK_SEARCH_PATHS = (
@@ -1270,7 +1270,7 @@
 				CLANG_ENABLE_MODULES = YES;
 				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 4138;
+				CURRENT_PROJECT_VERSION = 4143;
 				DEFINES_MODULE = YES;
 				DEVELOPMENT_TEAM = UXP6YEHSPW;
 				FRAMEWORK_SEARCH_PATHS = (
@@ -1389,7 +1389,7 @@
 				CODE_SIGN_ENTITLEMENTS = "XCreds Login Overlay/XCreds_Login_Overlay.entitlements";
 				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 4138;
+				CURRENT_PROJECT_VERSION = 4143;
 				DEVELOPMENT_TEAM = UXP6YEHSPW;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = (
@@ -1425,7 +1425,7 @@
 				CODE_SIGN_ENTITLEMENTS = "XCreds Login Overlay/XCreds_Login_Overlay.entitlements";
 				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 4138;
+				CURRENT_PROJECT_VERSION = 4143;
 				DEVELOPMENT_TEAM = UXP6YEHSPW;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = (
@@ -1574,7 +1574,7 @@
 				CODE_SIGN_ENTITLEMENTS = XCreds/xCreds.entitlements;
 				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 4138;
+				CURRENT_PROJECT_VERSION = 4143;
 				DEVELOPMENT_TEAM = UXP6YEHSPW;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = (
@@ -1610,7 +1610,7 @@
 				CODE_SIGN_ENTITLEMENTS = XCreds/xCreds.entitlements;
 				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 4138;
+				CURRENT_PROJECT_VERSION = 4143;
 				DEVELOPMENT_TEAM = UXP6YEHSPW;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = (

xCreds.xcodeproj/project.pbxproj

@@ -7,145 +7,17 @@
       <BreakpointProxy
          BreakpointExtensionID = "Xcode.Breakpoint.FileBreakpoint">
          <BreakpointContent
-            uuid = "759CA819-0DBE-4AF3-8E8F-619D2FFA886C"
+            uuid = "B835CF57-4699-45EB-9D7D-FCB99468A05F"
             shouldBeEnabled = "Yes"
             ignoreCount = "0"
             continueAfterRunningActions = "No"
-            filePath = "XCreds/MainController.swift"
+            filePath = "XCreds/KeychainUtil.swift"
             startingColumnNumber = "9223372036854775807"
             endingColumnNumber = "9223372036854775807"
-            startingLineNumber = "12"
-            endingLineNumber = "12"
-            landmarkName = "NoMADAuthenticationSucceded()"
+            startingLineNumber = "61"
+            endingLineNumber = "61"
+            landmarkName = "findPassword(serviceName:accountName:)"
             landmarkType = "7">
-            <Locations>
-               <Location
-                  uuid = "759CA819-0DBE-4AF3-8E8F-619D2FFA886C - effc79e05f43d2dc"
-                  shouldBeEnabled = "Yes"
-                  ignoreCount = "0"
-                  continueAfterRunningActions = "No"
-                  symbolName = "XCreds.MainController.NoMADAuthenticationSucceded() -&gt; ()"
-                  moduleName = "XCreds"
-                  usesParentBreakpointCondition = "Yes"
-                  urlString = "file:///Users/tperfitt/Documents/Projects/xcreds/XCreds/MainController.swift"
-                  startingColumnNumber = "9223372036854775807"
-                  endingColumnNumber = "9223372036854775807"
-                  startingLineNumber = "13"
-                  endingLineNumber = "13"
-                  offsetFromSymbolStart = "12">
-               </Location>
-               <Location
-                  uuid = "759CA819-0DBE-4AF3-8E8F-619D2FFA886C - effc79e05f43d223"
-                  shouldBeEnabled = "Yes"
-                  ignoreCount = "0"
-                  continueAfterRunningActions = "No"
-                  symbolName = "XCreds.MainController.NoMADAuthenticationSucceded() -&gt; ()"
-                  moduleName = "XCreds"
-                  usesParentBreakpointCondition = "Yes"
-                  urlString = "file:///Users/tperfitt/Documents/Projects/xcreds/XCreds/MainController.swift"
-                  startingColumnNumber = "9223372036854775807"
-                  endingColumnNumber = "9223372036854775807"
-                  startingLineNumber = "12"
-                  endingLineNumber = "12"
-                  offsetFromSymbolStart = "28">
-               </Location>
-            </Locations>
-         </BreakpointContent>
-      </BreakpointProxy>
-      <BreakpointProxy
-         BreakpointExtensionID = "Xcode.Breakpoint.FileBreakpoint">
-         <BreakpointContent
-            uuid = "1032FA1F-C7EB-4C5B-98BF-0F1A088E9205"
-            shouldBeEnabled = "Yes"
-            ignoreCount = "0"
-            continueAfterRunningActions = "No"
-            filePath = "XCreds/MainController.swift"
-            startingColumnNumber = "9223372036854775807"
-            endingColumnNumber = "9223372036854775807"
-            startingLineNumber = "17"
-            endingLineNumber = "17"
-            landmarkName = "NoMADAuthenticationFailed(error:description:)"
-            landmarkType = "7">
-            <Locations>
-               <Location
-                  uuid = "1032FA1F-C7EB-4C5B-98BF-0F1A088E9205 - c92aeb92f11cf5ff"
-                  shouldBeEnabled = "Yes"
-                  ignoreCount = "0"
-                  continueAfterRunningActions = "No"
-                  symbolName = "XCreds.MainController.NoMADAuthenticationFailed(error: NoMAD_ADAuth.NoMADSessionError, description: Swift.String) -&gt; ()"
-                  moduleName = "XCreds"
-                  usesParentBreakpointCondition = "Yes"
-                  urlString = "file:///Users/tperfitt/Documents/Projects/xcreds/XCreds/MainController.swift"
-                  startingColumnNumber = "9223372036854775807"
-                  endingColumnNumber = "9223372036854775807"
-                  startingLineNumber = "17"
-                  endingLineNumber = "17"
-                  offsetFromSymbolStart = "36">
-               </Location>
-               <Location
-                  uuid = "1032FA1F-C7EB-4C5B-98BF-0F1A088E9205 - c92aeb92f11cf5ff"
-                  shouldBeEnabled = "Yes"
-                  ignoreCount = "0"
-                  continueAfterRunningActions = "No"
-                  symbolName = "XCreds.MainController.NoMADAuthenticationFailed(error: NoMAD_ADAuth.NoMADSessionError, description: Swift.String) -&gt; ()"
-                  moduleName = "XCreds"
-                  usesParentBreakpointCondition = "Yes"
-                  urlString = "file:///Users/tperfitt/Documents/Projects/xcreds/XCreds/MainController.swift"
-                  startingColumnNumber = "9223372036854775807"
-                  endingColumnNumber = "9223372036854775807"
-                  startingLineNumber = "17"
-                  endingLineNumber = "17"
-                  offsetFromSymbolStart = "76">
-               </Location>
-            </Locations>
-         </BreakpointContent>
-      </BreakpointProxy>
-      <BreakpointProxy
-         BreakpointExtensionID = "Xcode.Breakpoint.FileBreakpoint">
-         <BreakpointContent
-            uuid = "6250C6DE-EF23-424F-A0E8-0D42CE5A9025"
-            shouldBeEnabled = "Yes"
-            ignoreCount = "0"
-            continueAfterRunningActions = "No"
-            filePath = "XCreds/MainController.swift"
-            startingColumnNumber = "9223372036854775807"
-            endingColumnNumber = "9223372036854775807"
-            startingLineNumber = "21"
-            endingLineNumber = "21"
-            landmarkName = "NoMADUserInformation(user:)"
-            landmarkType = "7">
-            <Locations>
-               <Location
-                  uuid = "6250C6DE-EF23-424F-A0E8-0D42CE5A9025 - 4ca5d5e0e4e88f8"
-                  shouldBeEnabled = "Yes"
-                  ignoreCount = "0"
-                  continueAfterRunningActions = "No"
-                  symbolName = "XCreds.MainController.NoMADUserInformation(user: NoMAD_ADAuth.ADUserRecord) -&gt; ()"
-                  moduleName = "XCreds"
-                  usesParentBreakpointCondition = "Yes"
-                  urlString = "file:///Users/tperfitt/Documents/Projects/xcreds/XCreds/MainController.swift"
-                  startingColumnNumber = "9223372036854775807"
-                  endingColumnNumber = "9223372036854775807"
-                  startingLineNumber = "21"
-                  endingLineNumber = "21"
-                  offsetFromSymbolStart = "20">
-               </Location>
-               <Location
-                  uuid = "6250C6DE-EF23-424F-A0E8-0D42CE5A9025 - 4ca5d5e0e4e88d9"
-                  shouldBeEnabled = "Yes"
-                  ignoreCount = "0"
-                  continueAfterRunningActions = "No"
-                  symbolName = "XCreds.MainController.NoMADUserInformation(user: NoMAD_ADAuth.ADUserRecord) -&gt; ()"
-                  moduleName = "XCreds"
-                  usesParentBreakpointCondition = "Yes"
-                  urlString = "file:///Users/tperfitt/Documents/Projects/xcreds/XCreds/MainController.swift"
-                  startingColumnNumber = "9223372036854775807"
-                  endingColumnNumber = "9223372036854775807"
-                  startingLineNumber = "22"
-                  endingLineNumber = "22"
-                  offsetFromSymbolStart = "20">
-               </Location>
-            </Locations>
          </BreakpointContent>
       </BreakpointProxy>
    </Breakpoints>

xCreds.xcodeproj/project.xcworkspace/xcuserdata/tperfitt.xcuserdatad/UserInterfaceState.xcuserstate

@@ -32,7 +32,7 @@
 		<key>auth_mech_fixup.xcscheme_^#shared#^_</key>
 		<dict>
 			<key>orderHint</key>
-			<integer>7</integer>
+			<integer>8</integer>
 		</dict>
 		<key>authrights.xcscheme_^#shared#^_</key>
 		<dict>
@@ -42,7 +42,7 @@
 		<key>test.xcscheme_^#shared#^_</key>
 		<dict>
 			<key>orderHint</key>
-			<integer>8</integer>
+			<integer>7</integer>
 		</dict>
 	</dict>
 	<key>SuppressBuildableAutocreation</key>