better selection of menu item prompting if both AD and OIDC is setup

twocanoes · Feb 2, 2024 · a4140ac · a4140ac
1 parent 7c81253
commit a4140ac
Show file tree

Hide file tree

Showing 9 changed files with 75 additions and 146 deletions.
diff --git a/Profile Manifest/com.twocanoes.xcreds.plist b/Profile Manifest/com.twocanoes.xcreds.plist
@@ -5,7 +5,7 @@
 	<key>pfm_app_url</key>
 	<string>https://github.com/twocanoes/xcreds</string>
 	<key>pfm_description</key>
-	<string>XCreds 4.1 (6286) OAuth Settings</string>
+	<string>XCreds 4.1 (6298) OAuth Settings</string>
 	<key>pfm_documentation_url</key>
 	<string>https://twocanoes.com/knowledge-base/xcreds-admin-guide/#preferences</string>
 	<key>pfm_domain</key>

diff --git a/XCreds/DesktopLoginWindowController.xib b/XCreds/DesktopLoginWindowController.xib
@@ -21,7 +21,7 @@
             <windowPositionMask key="initialPositionMask" leftStrut="YES" rightStrut="YES" topStrut="YES" bottomStrut="YES"/>
             <rect key="contentRect" x="453" y="250" width="628" height="613"/>
             <rect key="screenRect" x="0.0" y="0.0" width="1496" height="910"/>
-            <view key="contentView" wantsLayer="YES" id="2LH-tE-efn">
+            <view key="contentView" wantsLayer="YES" misplaced="YES" id="2LH-tE-efn">
                 <rect key="frame" x="0.0" y="0.0" width="628" height="613"/>
                 <autoresizingMask key="autoresizingMask"/>
                 <subviews>
@@ -30,9 +30,9 @@
                         <imageCell key="cell" refusesFirstResponder="YES" alignment="left" imageScaling="proportionallyDown" id="OlB-3q-3c1"/>
                     </imageView>
                     <wkWebView wantsLayer="YES" allowsLinkPreview="NO" translatesAutoresizingMaskIntoConstraints="NO" id="p1x-1L-05D">
-                        <rect key="frame" x="0.0" y="0.0" width="628" height="610"/>
+                        <rect key="frame" x="0.0" y="0.0" width="628" height="613"/>
                         <constraints>
-                            <constraint firstAttribute="height" constant="610" id="G12-aL-wfj"/>
+                            <constraint firstAttribute="height" constant="613" id="G12-aL-wfj"/>
                             <constraint firstAttribute="width" constant="628" id="jpw-kL-IRv"/>
                         </constraints>
                         <wkWebViewConfiguration key="configuration" allowsAirPlayForMediaPlayback="NO" suppressesIncrementalRendering="YES">
@@ -56,7 +56,7 @@
                 <constraints>
                     <constraint firstItem="JM0-W1-BrH" firstAttribute="top" secondItem="2LH-tE-efn" secondAttribute="top" id="2r2-pY-UKT"/>
                     <constraint firstAttribute="trailing" secondItem="p1x-1L-05D" secondAttribute="trailing" id="3Xb-lz-75r"/>
-                    <constraint firstItem="p1x-1L-05D" firstAttribute="top" secondItem="2LH-tE-efn" secondAttribute="top" constant="3" id="4mY-sf-GcF"/>
+                    <constraint firstItem="p1x-1L-05D" firstAttribute="top" secondItem="2LH-tE-efn" secondAttribute="top" id="4mY-sf-GcF"/>
                     <constraint firstItem="YnV-QC-aTR" firstAttribute="leading" secondItem="2LH-tE-efn" secondAttribute="leading" id="HXK-IK-ZHa"/>
                     <constraint firstAttribute="bottom" secondItem="JM0-W1-BrH" secondAttribute="bottom" id="JTI-sR-i8N"/>
                     <constraint firstItem="JM0-W1-BrH" firstAttribute="leading" secondItem="2LH-tE-efn" secondAttribute="leading" id="Pm8-pN-bIU"/>

diff --git a/XCreds/MainController.swift b/XCreds/MainController.swift
@@ -8,6 +8,10 @@
 import Cocoa
 import OIDCLite
 class MainController: NSObject, UpdateCredentialsFeedbackProtocol {
+    enum LoginWindowType {
+        case cloud
+        case usernamePassword
+    }
 
     var passwordCheckTimer:Timer?
     var feedbackDelegate:TokenManagerFeedbackDelegate?
@@ -41,19 +45,64 @@ class MainController: NSObject, UpdateCredentialsFeedbackProtocol {
         self.signInViewController = signInViewController
         super.init()
         scheduleManager.feedbackDelegate=self
-        let accountAndPassword = localAccountAndPassword()
-        if let password = accountAndPassword.1 {
-            scheduleManager.kerberosPassword = password
+
+        if isLocalOnlyAccount() == false {
+            let accountAndPassword = localAccountAndPassword()
+            if let password = accountAndPassword.1 {
+                scheduleManager.kerberosPassword = password
+            }
+            self.scheduleManager.startCredentialCheck()
+
         }
-        self.scheduleManager.startCredentialCheck()
     }
 
-    func showSignInWindow()  {
+    func isLocalOnlyAccount() -> Bool {
+
+        let user = getConsoleUser()
+        guard let dsRecord =  try? PasswordUtils.getLocalRecord(user) else {
+            return false
+        }
+        let kerbPrinc = try? dsRecord.values(forAttribute:"dsAttrTypeNative:_xcreds_activedirectory_kerberosPrincipal" )
+        let oidcIss = try? dsRecord.values(forAttribute:"dsAttrTypeNative:_xcreds_oidc_iss" )
+
+        if kerbPrinc == nil && oidcIss == nil {
+            TCSLogWithMark("no kerberos principal and no OIDC ISS in local DS console user, so skipping showing window")
+            return true
+
+        }
+        return false
+
+    }
+    func showSignInWindow(force:Bool=false, forceLoginWindowType:LoginWindowType?=nil )  {
+        if isLocalOnlyAccount()==true && force==false{
+            return
+        }
         windowController.window?.makeKeyAndOrderFront(self)
         NSApp.activate(ignoringOtherApps: true)
 
         scheduleManager.setNextCheckTime()
-        if (DefaultsOverride.standardOverride.bool(forKey: PrefKeys.shouldUseROPGForMenuLogin.rawValue) == true || DefaultsOverride.standardOverride.value(forKey: PrefKeys.aDDomain.rawValue) != nil )
+
+        var forceUsernamePassword = false
+        var forceCloudPassword = false
+
+        if let forceLoginWindowType = forceLoginWindowType {
+
+            if forceLoginWindowType == .cloud {
+                forceCloudPassword = true
+            }
+            else {
+                forceUsernamePassword = true
+            }
+        }
+        if forceUsernamePassword == false && (DefaultsOverride.standardOverride.value(forKey: PrefKeys.discoveryURL.rawValue) != nil && DefaultsOverride.standardOverride.value(forKey: PrefKeys.clientID.rawValue) != nil)  {
+            windowController.webViewController.webView.isHidden=false
+
+            windowController.webViewController.updateCredentialsFeedbackDelegate=self
+            windowController.window!.makeKeyAndOrderFront(self)
+            windowController.webViewController?.loadPage()
+        }
+
+        else if (DefaultsOverride.standardOverride.bool(forKey: PrefKeys.shouldUseROPGForMenuLogin.rawValue) == true || DefaultsOverride.standardOverride.value(forKey: PrefKeys.aDDomain.rawValue) != nil )
         {
 
             if let window = windowController.window{
@@ -103,13 +152,6 @@ class MainController: NSObject, UpdateCredentialsFeedbackProtocol {
                 }
             }
         }
-        else if DefaultsOverride.standardOverride.value(forKey: PrefKeys.discoveryURL.rawValue) != nil && DefaultsOverride.standardOverride.value(forKey: PrefKeys.clientID.rawValue) != nil {
-            windowController.webViewController.webView.isHidden=false
-
-            windowController.webViewController.updateCredentialsFeedbackDelegate=self
-            windowController.window!.makeKeyAndOrderFront(self)
-            windowController.webViewController?.loadPage()
-        }
 
     }
 
@@ -286,7 +328,7 @@ class MainController: NSObject, UpdateCredentialsFeedbackProtocol {
         credentialStatus="Invalid Credentials"
         let appDelegate = NSApp.delegate as? AppDelegate
         appDelegate?.updateStatusMenuIcon(showDot:false)
-        showSignInWindow()
+        showSignInWindow(forceLoginWindowType: .cloud)
     }
     func kerberosTicketUpdated() {
         TCSLogWithMark()
@@ -301,7 +343,7 @@ class MainController: NSObject, UpdateCredentialsFeedbackProtocol {
         (NSApp.delegate as? AppDelegate)?.updateStatusMenuIcon(showDot:false)
 
         credentialStatus="Kerberos Tickets Failed"
-        showSignInWindow()
+        showSignInWindow(forceLoginWindowType: .usernamePassword)
     }
     func adUserUpdated(_ adUser: ADUserRecord) {
 

diff --git a/XCreds/ScheduleManager.swift b/XCreds/ScheduleManager.swift
@@ -137,7 +137,6 @@ class ScheduleManager:TokenManagerFeedbackDelegate, NoMADUserSessionDelegate {
         if let _ = domainName, let kerberosPassword = kerberosPassword {
             TCSLogWithMark("checking for kerberos ticket")
             checkADPasswordExpire(password: kerberosPassword)
-            return
         }
         else {
             TCSLogWithMark("not checking for kerberos ticket")

diff --git a/XCreds/StatusMenuController.swift b/XCreds/StatusMenuController.swift
@@ -190,7 +190,7 @@ class StatusMenuController: NSObject, NSMenuItemValidation {
         let appDelegate = NSApp.delegate as? AppDelegate
 
         let mainController = appDelegate?.mainController
-        mainController?.showSignInWindow()
+        mainController?.showSignInWindow(force: true)
 
     }
 }

diff --git a/xCreds.xcodeproj/project.pbxproj b/xCreds.xcodeproj/project.pbxproj
@@ -1440,7 +1440,7 @@
 			buildSettings = {
 				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 6286;
+				CURRENT_PROJECT_VERSION = 6298;
 				DEFINES_MODULE = YES;
 				DEVELOPMENT_TEAM = UXP6YEHSPW;
 				FRAMEWORK_SEARCH_PATHS = (
@@ -1477,7 +1477,7 @@
 			buildSettings = {
 				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 6286;
+				CURRENT_PROJECT_VERSION = 6298;
 				DEFINES_MODULE = YES;
 				DEVELOPMENT_TEAM = UXP6YEHSPW;
 				FRAMEWORK_SEARCH_PATHS = (
@@ -1598,7 +1598,7 @@
 				CODE_SIGN_ENTITLEMENTS = "XCreds Login Overlay/XCreds_Login_Overlay.entitlements";
 				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 6286;
+				CURRENT_PROJECT_VERSION = 6298;
 				DEVELOPMENT_TEAM = UXP6YEHSPW;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = (
@@ -1635,7 +1635,7 @@
 				CODE_SIGN_ENTITLEMENTS = "XCreds Login Overlay/XCreds_Login_Overlay.entitlements";
 				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 6286;
+				CURRENT_PROJECT_VERSION = 6298;
 				DEVELOPMENT_TEAM = UXP6YEHSPW;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = (
@@ -1785,7 +1785,7 @@
 				CODE_SIGN_ENTITLEMENTS = XCreds/xCreds.entitlements;
 				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 6286;
+				CURRENT_PROJECT_VERSION = 6298;
 				DEVELOPMENT_TEAM = UXP6YEHSPW;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = (
@@ -1827,7 +1827,7 @@
 				CODE_SIGN_ENTITLEMENTS = XCreds/xCreds.entitlements;
 				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 6286;
+				CURRENT_PROJECT_VERSION = 6298;
 				DEVELOPMENT_TEAM = UXP6YEHSPW;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = (

diff --git a/...deproj/project.xcworkspace/xcuserdata/tperfitt.xcuserdatad/UserInterfaceState.xcuserstate b/...deproj/project.xcworkspace/xcuserdata/tperfitt.xcuserdatad/UserInterfaceState.xcuserstate
diff --git a/xCreds.xcodeproj/xcuserdata/tperfitt.xcuserdatad/xcdebugger/Breakpoints_v2.xcbkptlist b/xCreds.xcodeproj/xcuserdata/tperfitt.xcuserdatad/xcdebugger/Breakpoints_v2.xcbkptlist
@@ -7,129 +7,17 @@
       <BreakpointProxy
          BreakpointExtensionID = "Xcode.Breakpoint.FileBreakpoint">
          <BreakpointContent
-            uuid = "65CFC0FC-92F4-4EBE-B39C-06BAAED98738"
+            uuid = "CBFC9DF7-4656-42DF-A56E-B4581138BCCD"
             shouldBeEnabled = "Yes"
             ignoreCount = "0"
             continueAfterRunningActions = "No"
-            filePath = "ShareMounter.swift"
+            filePath = "XCreds/DesktopLoginWindowController.swift"
             startingColumnNumber = "9223372036854775807"
             endingColumnNumber = "9223372036854775807"
-            startingLineNumber = "360"
-            endingLineNumber = "360"
-            landmarkName = "mountShares()"
-            landmarkType = "7">
-         </BreakpointContent>
-      </BreakpointProxy>
-      <BreakpointProxy
-         BreakpointExtensionID = "Xcode.Breakpoint.FileBreakpoint">
-         <BreakpointContent
-            uuid = "85E4B5A0-AC59-4F34-9569-31C68C501F17"
-            shouldBeEnabled = "Yes"
-            ignoreCount = "0"
-            continueAfterRunningActions = "No"
-            filePath = "ShareMounter.swift"
-            startingColumnNumber = "9223372036854775807"
-            endingColumnNumber = "9223372036854775807"
-            startingLineNumber = "371"
-            endingLineNumber = "371"
-            landmarkName = "mountShares()"
-            landmarkType = "7">
-         </BreakpointContent>
-      </BreakpointProxy>
-      <BreakpointProxy
-         BreakpointExtensionID = "Xcode.Breakpoint.FileBreakpoint">
-         <BreakpointContent
-            uuid = "9EDF5B33-D76B-4DC7-A3D1-879A37CA1F48"
-            shouldBeEnabled = "Yes"
-            ignoreCount = "0"
-            continueAfterRunningActions = "No"
-            filePath = "ShareMounter.swift"
-            startingColumnNumber = "9223372036854775807"
-            endingColumnNumber = "9223372036854775807"
-            startingLineNumber = "370"
-            endingLineNumber = "370"
-            landmarkName = "mountShares()"
-            landmarkType = "7">
-         </BreakpointContent>
-      </BreakpointProxy>
-      <BreakpointProxy
-         BreakpointExtensionID = "Xcode.Breakpoint.FileBreakpoint">
-         <BreakpointContent
-            uuid = "28403DD2-8F25-45DC-A10C-EC0AB0526E1D"
-            shouldBeEnabled = "Yes"
-            ignoreCount = "0"
-            continueAfterRunningActions = "No"
-            filePath = "ShareMounter.swift"
-            startingColumnNumber = "9223372036854775807"
-            endingColumnNumber = "9223372036854775807"
-            startingLineNumber = "379"
-            endingLineNumber = "379"
-            landmarkName = "mountShares()"
-            landmarkType = "7">
-         </BreakpointContent>
-      </BreakpointProxy>
-      <BreakpointProxy
-         BreakpointExtensionID = "Xcode.Breakpoint.FileBreakpoint">
-         <BreakpointContent
-            uuid = "21F3B5C6-5072-4E49-B474-9DD86884B530"
-            shouldBeEnabled = "Yes"
-            ignoreCount = "0"
-            continueAfterRunningActions = "No"
-            filePath = "StatusMenuWindowController.swift"
-            startingColumnNumber = "9223372036854775807"
-            endingColumnNumber = "9223372036854775807"
-            startingLineNumber = "13"
-            endingLineNumber = "13"
+            startingLineNumber = "24"
+            endingLineNumber = "24"
             landmarkName = "windowDidLoad()"
             landmarkType = "7">
-            <Locations>
-               <Location
-                  uuid = "21F3B5C6-5072-4E49-B474-9DD86884B530 - eb5483f0f6336682"
-                  shouldBeEnabled = "Yes"
-                  ignoreCount = "0"
-                  continueAfterRunningActions = "No"
-                  symbolName = "XCreds.StatusMenuWindowController.windowDidLoad() -&gt; ()"
-                  moduleName = "XCreds"
-                  usesParentBreakpointCondition = "Yes"
-                  urlString = "file:///Users/tperfitt/Documents/Projects/xcreds/StatusMenuWindowController.swift"
-                  startingColumnNumber = "9223372036854775807"
-                  endingColumnNumber = "9223372036854775807"
-                  startingLineNumber = "14"
-                  endingLineNumber = "14"
-                  offsetFromSymbolStart = "96">
-               </Location>
-               <Location
-                  uuid = "21F3B5C6-5072-4E49-B474-9DD86884B530 - eb5483f0f6336661"
-                  shouldBeEnabled = "Yes"
-                  ignoreCount = "0"
-                  continueAfterRunningActions = "No"
-                  symbolName = "XCreds.StatusMenuWindowController.windowDidLoad() -&gt; ()"
-                  moduleName = "XCreds"
-                  usesParentBreakpointCondition = "Yes"
-                  urlString = "file:///Users/tperfitt/Documents/Projects/xcreds/StatusMenuWindowController.swift"
-                  startingColumnNumber = "9223372036854775807"
-                  endingColumnNumber = "9223372036854775807"
-                  startingLineNumber = "13"
-                  endingLineNumber = "13"
-                  offsetFromSymbolStart = "28">
-               </Location>
-            </Locations>
-         </BreakpointContent>
-      </BreakpointProxy>
-      <BreakpointProxy
-         BreakpointExtensionID = "Xcode.Breakpoint.FileBreakpoint">
-         <BreakpointContent
-            uuid = "F345A805-2A35-4173-BF29-A6EEC5562947"
-            shouldBeEnabled = "Yes"
-            ignoreCount = "0"
-            continueAfterRunningActions = "No"
-            filePath = "XCreds/DefaultsHelper.swift"
-            startingColumnNumber = "9223372036854775807"
-            endingColumnNumber = "9223372036854775807"
-            startingLineNumber = "60"
-            endingLineNumber = "60"
-            landmarkName = "desktopPasswordWindowBackgroundImage(includeDefault:)"
-            landmarkType = "7">
          </BreakpointContent>
       </BreakpointProxy>
    </Breakpoints>

diff --git a/xCreds.xcodeproj/xcuserdata/tperfitt.xcuserdatad/xcschemes/xcschememanagement.plist b/xCreds.xcodeproj/xcuserdata/tperfitt.xcuserdatad/xcschemes/xcschememanagement.plist
@@ -32,7 +32,7 @@
 		<key>auth_mech_fixup.xcscheme_^#shared#^_</key>
 		<dict>
 			<key>orderHint</key>
-			<integer>6</integer>
+			<integer>7</integer>
 		</dict>
 		<key>authrights.xcscheme_^#shared#^_</key>
 		<dict>
@@ -42,7 +42,7 @@
 		<key>test.xcscheme_^#shared#^_</key>
 		<dict>
 			<key>orderHint</key>
-			<integer>7</integer>
+			<integer>6</integer>
 		</dict>
 	</dict>
 	<key>SuppressBuildableAutocreation</key>