Allow customizing the ID Token validator (#8)

These changes allow users of the SDK to override the ID Token Validator with a custom implementation without introducing breaking changes into the API.

Author: andraskadar

Source/AppAuthCore/OIDAuthorizationService.h

@@ -23,6 +23,7 @@
 @class OIDAuthorizationResponse;
 @class OIDEndSessionRequest;
 @class OIDEndSessionResponse;
+@class OIDIDTokenValidator;
 @class OIDRegistrationRequest;
 @class OIDRegistrationResponse;
 @class OIDServiceConfiguration;
@@ -90,6 +91,12 @@ typedef void (^OIDRegistrationCompletion)(OIDRegistrationResponse *_Nullable reg
  */
 @property(nonatomic, readonly) OIDServiceConfiguration *configuration;
 
+/*! @brief The ID Token's validator instance used in the `performTokenRequest` methods.
+    @remarks Upon initialization the default validator (`[OIDIDTokenValidator new]`) is used.
+        When an empty validator is set, the ID Token validation will be skipped.
+ */
+@property(nonatomic, class, nullable) OIDIDTokenValidator *idTokenValidator;
+
 /*! @internal
     @brief Unavailable. This class should not be initialized.
  */

Source/AppAuthCore/OIDAuthorizationService.m

@@ -311,6 +311,22 @@ - (void)didFinishWithResponse:(nullable OIDEndSessionResponse *)response
 
 @implementation OIDAuthorizationService
 
+static OIDIDTokenValidator *_idTokenValidator;
+
++ (void)initialize {
+  [super initialize];
+
+  _idTokenValidator = [OIDIDTokenValidator new];
+}
+
++ (nullable OIDIDTokenValidator *)idTokenValidator {
+  return _idTokenValidator;
+}
+
++ (void)setIdTokenValidator:(nullable OIDIDTokenValidator *)idTokenValidator {
+  _idTokenValidator = idTokenValidator;
+}
+
 + (void)discoverServiceConfigurationForIssuer:(NSURL *)issuerURL
                                    completion:(OIDDiscoveryCallback)completion {
   NSURL *fullDiscoveryURL =
@@ -532,9 +548,9 @@ + (void)performTokenRequest:(OIDTokenRequest *)request
     }
 
     // If an ID Token is included in the response, validates the ID Token.
-    if (tokenResponse.idToken) {
-      NSError *idTokenValidationError = [[OIDIDTokenValidator new] validateIDTokenFromTokenResponse:tokenResponse
-                                                                              authorizationResponse:authorizationResponse];
+    if (tokenResponse.idToken && self.idTokenValidator) {
+      NSError *idTokenValidationError = [self.idTokenValidator validateIDTokenFromTokenResponse:tokenResponse
+                                                                          authorizationResponse:authorizationResponse];
       if (idTokenValidationError) {
         dispatch_async(dispatch_get_main_queue(), ^{
           callback(nil, idTokenValidationError);