Refactor

Signed-off-by: Milen Pivchev <milen.pivchev@gmail.com>

Author: mpivchev

Nextcloud.xcodeproj/project.pbxproj

@@ -95,6 +95,7 @@
 		D5B6AA7827200C7200D49C24 /* NCActivityTableViewCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5B6AA7727200C7200D49C24 /* NCActivityTableViewCell.swift */; };
 		F30E77E92EAB716900B1EFAB /* CertificatePicker.swift in Sources */ = {isa = PBXBuildFile; fileRef = F30E77E82EAB716900B1EFAB /* CertificatePicker.swift */; };
 		F30E77EC2EAB7C9B00B1EFAB /* DocumentPicker.swift in Sources */ = {isa = PBXBuildFile; fileRef = F30E77EB2EAB7C9800B1EFAB /* DocumentPicker.swift */; };
+		F30E77EF2EAF9BCD00B1EFAB /* CertificatePickerModel.swift in Sources */ = {isa = PBXBuildFile; fileRef = F30E77EE2EAF9BC700B1EFAB /* CertificatePickerModel.swift */; };
 		F310B1EF2BA862F1001C42F5 /* NCViewerMedia+VisionKit.swift in Sources */ = {isa = PBXBuildFile; fileRef = F310B1EE2BA862F1001C42F5 /* NCViewerMedia+VisionKit.swift */; };
 		F314F1142A30E2DE00BC7FAB /* View+Extension.swift in Sources */ = {isa = PBXBuildFile; fileRef = F7E8A390295DC5E0006CB2D0 /* View+Extension.swift */; };
 		F321DA8A2B71205A00DDA0E6 /* NCTrashSelectTabBar.swift in Sources */ = {isa = PBXBuildFile; fileRef = F321DA892B71205A00DDA0E6 /* NCTrashSelectTabBar.swift */; };
@@ -1384,6 +1385,7 @@
 		D5B6AA7727200C7200D49C24 /* NCActivityTableViewCell.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = NCActivityTableViewCell.swift; sourceTree = "<group>"; };
 		F30E77E82EAB716900B1EFAB /* CertificatePicker.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CertificatePicker.swift; sourceTree = "<group>"; };
 		F30E77EB2EAB7C9800B1EFAB /* DocumentPicker.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DocumentPicker.swift; sourceTree = "<group>"; };
+		F30E77EE2EAF9BC700B1EFAB /* CertificatePickerModel.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CertificatePickerModel.swift; sourceTree = "<group>"; };
 		F310B1EE2BA862F1001C42F5 /* NCViewerMedia+VisionKit.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "NCViewerMedia+VisionKit.swift"; sourceTree = "<group>"; };
 		F321DA892B71205A00DDA0E6 /* NCTrashSelectTabBar.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = NCTrashSelectTabBar.swift; sourceTree = "<group>"; };
 		F32FADA82D1176DE007035E2 /* UIButton+Extension.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "UIButton+Extension.swift"; sourceTree = "<group>"; };
@@ -2264,6 +2266,7 @@
 		F30E77EA2EAB7C1700B1EFAB /* CertificatePicker */ = {
 			isa = PBXGroup;
 			children = (
+				F30E77EE2EAF9BC700B1EFAB /* CertificatePickerModel.swift */,
 				F30E77EB2EAB7C9800B1EFAB /* DocumentPicker.swift */,
 				F30E77E82EAB716900B1EFAB /* CertificatePicker.swift */,
 			);
@@ -4856,6 +4859,7 @@
 				F75D90212D2BE26F003E740B /* NCRecommendationsCell.swift in Sources */,
 				F7E98C1627E0D0FC001F9F19 /* NCManageDatabase+Video.swift in Sources */,
 				F7F4F11227ECDC52008676F9 /* UIFont+Extension.swift in Sources */,
+				F30E77EF2EAF9BCD00B1EFAB /* CertificatePickerModel.swift in Sources */,
 				F76882222C0DD1E7001CF441 /* NCCapabilitiesView.swift in Sources */,
 				F3CA337D2D0B2B6C00672333 /* AlbumModel.swift in Sources */,
 				AF93471A27E2361E002537EE /* NCShareHeader.swift in Sources */,

Nextcloud.xcodeproj/xcshareddata/xcschemes/Nextcloud.xcscheme

@@ -70,7 +70,9 @@
       selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
       shouldUseLaunchSchemeArgsEnv = "NO"
       enableThreadSanitizer = "YES"
-      codeCoverageEnabled = "YES">
+      disableMainThreadChecker = "YES"
+      codeCoverageEnabled = "YES"
+      disablePerformanceAntipatternChecker = "YES">
       <MacroExpansion>
          <BuildableReference
             BuildableIdentifier = "primary"
@@ -119,12 +121,14 @@
       buildConfiguration = "Debug"
       selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
       selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+      disableMainThreadChecker = "YES"
       launchStyle = "0"
       useCustomWorkingDirectory = "NO"
       ignoresPersistentStateOnLaunch = "NO"
       debugDocumentVersioning = "YES"
       debugServiceExtension = "internal"
-      allowLocationSimulation = "NO">
+      allowLocationSimulation = "NO"
+      disablePerformanceAntipatternChecker = "YES">
       <BuildableProductRunnable
          runnableDebuggingMode = "0">
          <BuildableReference

iOSClient/CertificatePicker/CertificatePicker.swift

@@ -52,13 +52,19 @@ struct CertificatePicker: View {
                             .textContentType(.password)
                             .autocorrectionDisabled()
                             .textInputAutocapitalization(.never)
+                            .submitLabel(.done)
+                            .onSubmit {
+                                if let url = pickedURL {
+                                    model.handleCertificate(fileUrl: url, urlBase: urlBase, password: password)
+                                }
+                            }
                     }
                 }
             }
             .onAppear {
                 model.delegate = delegate
             }
-            .navigationTitle("_cert_navigation_title_")
+            .navigationTitle(NSLocalizedString("_cert_navigation_title_", comment: ""))
             .navigationBarTitleDisplayMode(.inline)
             .toolbar {
                 ToolbarItem(placement: .cancellationAction) {
@@ -76,6 +82,7 @@ struct CertificatePicker: View {
                         } label: {
                             Image(systemName: "checkmark")
                         }
+                        .keyboardShortcut(.defaultAction)
                         .disabled(pickedURL == nil || password.isEmpty)
                         .tint(Color(NCBrandColor.shared.customer))
                 }
@@ -88,81 +95,14 @@ struct CertificatePicker: View {
                     }
                 }
             }
-            .alert("_client_cert_wrong_password_", isPresented: $model.isWrongPassword) {}
-        }
-    }
-}
-
-protocol CertificatePickerDelegate: AnyObject {
-    func certificatePickerDidImportIdentity(_ picker: CertificatePickerModel, for urlBase: String)
-}
-
-@Observable class CertificatePickerModel: NSObject, UIDocumentPickerDelegate {
-    var isWrongPassword = false
-    @ObservationIgnored weak var delegate: CertificatePickerDelegate?
-
-    func handleCertificate(fileUrl: URL, urlBase: String, password: String) {
-        if fileUrl.startAccessingSecurityScopedResource() {
-            defer {
-                fileUrl.stopAccessingSecurityScopedResource()
-            }
-
-            if let identity = getIdentityFromP12(from: fileUrl, password: password) {
-                let urlWithoutScheme = urlBase.replacingOccurrences(of: "https://", with: "").replacingOccurrences(of: "http://", with: "")
-                let label = "client_identity_\(urlWithoutScheme)"
-                storeIdentityInKeychain(identity: identity, label: label)
-                delegate?.certificatePickerDidImportIdentity(self, for: urlBase)
-            } else {
-                isWrongPassword = true
+            .alert(NSLocalizedString("_client_cert_wrong_password_", comment: ""), isPresented: $model.isWrongPassword) {}
+            .onChange(of: model.isCertImportedSuccessfully) { _, newValue in
+                if newValue { dismiss() }
             }
         }
     }
-
-    func getIdentityFromP12(from url: URL, password: String) -> SecIdentity? {
-        guard let p12Data = try? Data(contentsOf: url) else { return nil }
-
-        let options = [kSecImportExportPassphrase as String: password]
-        var items: CFArray?
-        let status = SecPKCS12Import(p12Data as CFData, options as CFDictionary, &items)
-
-        if status == errSecSuccess,
-           let array = items as? [[String: Any]] {
-            // swiftlint:disable force_cast
-            if let identity = array.first?[kSecImportItemIdentity as String] as! SecIdentity? {
-                // swiftlint:enable force_cast
-                return identity
-            }
-        }
-        return nil
-    }
-
-    func storeIdentityInKeychain(identity: SecIdentity, label: String) {
-        let addQuery: [String: Any] = [
-            kSecValueRef as String: identity,
-            kSecClass as String: kSecClassIdentity,
-            kSecAttrLabel as String: label,
-            kSecAttrAccessible as String: kSecAttrAccessibleAfterFirstUnlock
-        ]
-
-        let classes = [kSecClassIdentity, kSecClassCertificate, kSecClassKey]
-        for secClass in classes {
-            let deleteQuery: [String: Any] = [
-                kSecClass as String: secClass,
-                kSecAttrLabel as String: label,
-                kSecAttrAccessible as String: kSecAttrAccessibleAfterFirstUnlock
-            ]
-            let status = SecItemDelete(deleteQuery as CFDictionary)
-            print("Deleting \(secClass): \(status)")
-        }
-
-        let addStatus = SecItemAdd(addQuery as CFDictionary, nil)
-        print("Add status: \(addStatus)")
-
-    }
-
 }
 
 #Preview {
     CertificatePicker(urlBase: "test.com")
 }
-

iOSClient/CertificatePicker/CertificatePickerModel.swift

@@ -0,0 +1,74 @@
+// SPDX-FileCopyrightText: Nextcloud GmbH
+// SPDX-FileCopyrightText: 2025 Milen Pivchev
+// SPDX-License-Identifier: GPL-3.0-or-later
+
+protocol CertificatePickerDelegate: AnyObject {
+    func certificatePickerDidImportIdentity(_ picker: CertificatePickerModel, for urlBase: String)
+}
+
+@Observable class CertificatePickerModel: NSObject, UIDocumentPickerDelegate {
+    var isWrongPassword = false
+    var isCertImportedSuccessfully = false
+    @ObservationIgnored weak var delegate: CertificatePickerDelegate?
+
+    func handleCertificate(fileUrl: URL, urlBase: String, password: String) {
+        if fileUrl.startAccessingSecurityScopedResource() {
+            defer {
+                fileUrl.stopAccessingSecurityScopedResource()
+            }
+
+            if let identity = getIdentityFromP12(from: fileUrl, password: password) {
+                let urlWithoutScheme = urlBase.replacingOccurrences(of: "https://", with: "").replacingOccurrences(of: "http://", with: "")
+                let label = "client_identity_\(urlWithoutScheme)"
+                storeIdentityInKeychain(identity: identity, label: label)
+                delegate?.certificatePickerDidImportIdentity(self, for: urlBase)
+                isCertImportedSuccessfully = true
+            } else {
+                isWrongPassword = true
+            }
+        }
+    }
+
+    func getIdentityFromP12(from url: URL, password: String) -> SecIdentity? {
+        guard let p12Data = try? Data(contentsOf: url) else { return nil }
+
+        let options = [kSecImportExportPassphrase as String: password]
+        var items: CFArray?
+        let status = SecPKCS12Import(p12Data as CFData, options as CFDictionary, &items)
+
+        if status == errSecSuccess,
+           let array = items as? [[String: Any]] {
+            // swiftlint:disable force_cast
+            if let identity = array.first?[kSecImportItemIdentity as String] as! SecIdentity? {
+                // swiftlint:enable force_cast
+                return identity
+            }
+        }
+        return nil
+    }
+
+    func storeIdentityInKeychain(identity: SecIdentity, label: String) {
+        let addQuery: [String: Any] = [
+            kSecValueRef as String: identity,
+            kSecClass as String: kSecClassIdentity,
+            kSecAttrLabel as String: label,
+            kSecAttrAccessible as String: kSecAttrAccessibleAfterFirstUnlock
+        ]
+
+        let classes = [kSecClassIdentity, kSecClassCertificate, kSecClassKey]
+        for secClass in classes {
+            let deleteQuery: [String: Any] = [
+                kSecClass as String: secClass,
+                kSecAttrLabel as String: label,
+                kSecAttrAccessible as String: kSecAttrAccessibleAfterFirstUnlock
+            ]
+            let status = SecItemDelete(deleteQuery as CFDictionary)
+            print("Deleting \(secClass): \(status)")
+        }
+
+        let addStatus = SecItemAdd(addQuery as CFDictionary, nil)
+        print("Add status: \(addStatus)")
+
+    }
+
+}

iOSClient/Login/NCLogin.swift

@@ -446,7 +446,7 @@ extension NCLogin: ClientCertificateDelegate, CertificatePickerDelegate {
 #if DEBUG
 import Security
 
-func clearKeychain() {
+private func clearKeychain() {
     let secItemClasses = [
         kSecClassGenericPassword,
         kSecClassInternetPassword,