Auth: adds JWT bearer auth via /authenticate.

Works in addition to digest auth

kordophone/Bridge/Operations/MBIMAuthenticateOperation.h

@@ -0,0 +1,17 @@
+//
+//  MBIMAuthenticateOperation.h
+//  MBIMAuthenticateOperation
+//
+//  Created by James Magahern on 7/6/21.
+//  Copyright © 2021 James Magahern. All rights reserved.
+//
+
+#import "MBIMBridgeOperation.h"
+
+NS_ASSUME_NONNULL_BEGIN
+
+@interface MBIMAuthenticateOperation : MBIMBridgeOperation
+
+@end
+
+NS_ASSUME_NONNULL_END

kordophone/Bridge/Operations/MBIMAuthenticateOperation.m

@@ -0,0 +1,72 @@
+//
+//  MBIMAuthenticateOperation.m
+//  MBIMAuthenticateOperation
+//
+//  Created by James Magahern on 7/6/21.
+//  Copyright © 2021 James Magahern. All rights reserved.
+//
+
+#import "MBIMAuthenticateOperation.h"
+#import "MBIMBridge.h"
+#import "MBIMAuthToken.h"
+
+@implementation MBIMAuthenticateOperation
+
++ (void)load { [super load]; }
+
++ (NSString *)endpointName
+{
+    return @"authenticate";
+}
+
++ (BOOL)requiresAuthentication
+{
+    return NO;
+}
+
+- (void)main
+{
+    NSObject<HTTPResponse> *response = nil;
+    
+    if (self.requestBodyData.length == 0) {
+        self.serverCompletionBlock([[HTTPErrorResponse alloc] initWithErrorCode:400]);
+        return;
+    }
+    
+    NSError *error = nil;
+    NSDictionary *args = [NSJSONSerialization JSONObjectWithData:self.requestBodyData options:0 error:&error];
+    if (error || args.count == 0) {
+        response = [[HTTPErrorResponse alloc] initWithErrorCode:400];
+    } else {
+        do {
+            NSString *username = [args objectForKey:@"username"];
+            NSString *password = [args objectForKey:@"password"];
+            
+            if (!username || !password) {
+                response = [[HTTPErrorResponse alloc] initWithErrorCode:400];
+                break;
+            }
+            
+            if (![MBIMBridge.sharedInstance.authUsername isEqualToString:username]) {
+                response = [[HTTPErrorResponse alloc] initWithErrorCode:401];
+                break;
+            }
+            
+            if (![MBIMBridge.sharedInstance.authPassword isEqualToString:password]) {
+                response = [[HTTPErrorResponse alloc] initWithErrorCode:401];
+                break;
+            }
+
+            MBIMAuthToken *token = [[MBIMAuthToken alloc] initWithUsername:username];
+            
+            // All systems go 
+            response = [MBIMJSONDataResponse responseWithJSONObject:@{
+                @"jwt" : token.jwtToken
+            }];
+        } while (NO);
+    }
+    
+    self.serverCompletionBlock(response);
+}
+
+@end

kordophone/Bridge/Operations/MBIMBridgeOperation.h

@@ -18,6 +18,7 @@ typedef void (^MBIMBridgeOperationCompletionBlock)(NSObject<HTTPResponse> * _Nul
 
 @interface MBIMBridgeOperation : NSOperation
 @property (class, nonatomic, readonly) NSString *endpointName;
+@property (class, nonatomic, readonly) BOOL requiresAuthentication; // default YES
 
 @property (nonatomic, strong) NSData *requestBodyData;
 @property (nonatomic, readonly) NSURL *requestURL;

kordophone/Bridge/Operations/MBIMBridgeOperation.m

@@ -55,6 +55,11 @@
     return [[self _operationClassMapping] objectForKey:endpointName];
 }
 
++ (BOOL)requiresAuthentication
+{
+    return YES;
+}
+
 - (instancetype)initWithRequestURL:(NSURL *)requestURL completion:(MBIMBridgeOperationCompletionBlock)completionBlock
 {
     self = [super init];