Support homeSupport requestsSystem statusTrust center

iOS SDK

Suggest Edits

View on Github

See our Developer Portal to get started with developing for the Strivacity product.

Overview

This SDK allows you to integrate Strivacity’s policy-driven journeys into your brand’s iOS mobile application. It implements Strivacity's no-code components via iOS's ASWebAuthenticationSession .

This SDK uses https://appauth.io, which follows the best practices from RFC 8252 - OAuth 2.0 for Native Apps, including using in-app browser views like ASWebAuthenticationSession. Embedded user-agents, known as web-views, are not supported due to usability and security reasons documented in Section 8.12 of RFC 8252.

The SDK uses the PKCE extension to OAuth, which secures authorization codes in public clients when custom URI scheme redirects are used.

How to use

To use the Strivacity iOS SDK:

If you are using Swift Package Manager extend your Package.swift file with the following dependency

.package(url: "https://github.com/Strivacity/sdk-mobile-ios.git", from: "<version>")

where <version> is the SDK version you want to use.

If you are using an XCode Project use the File / Add Packages... option enter the following url: https://github.com/Strivacity/sdk-mobile-ios.git and select the sdk-mobile-ios package with the version you want to use

Demo App

A demo app is part of this repository.

Before using demo app

Create a Config.xcconfig file into DemoApp folder and copy the following:

ISSUER_URL = 
CLIENT_ID = 
REDIRECT_URL = 
POST_LOGOUT_REDIRECT_URL =

Note: urls won't work with '//' charachters, so refer to https://stackoverflow.com/questions/21317844/how-do-i-configure-full-urls-in-xcconfig-files ,
you have to put a '$()' between '//' (e.g.: '/$()/').

Before you start the app, don't forget to set the config file in the app settings: Project -> Info -> Configurations.

Overview

Note: The internal implementation of the Strivacity SDK for iOS relies on the open source AppAuth Library.

Strivacity SDK for iOS provides the possibility to build an application which can communicate with Strivacity using OAuth 2.0 PKCE flow.
You can define your own storage logic using the Storage interface.
Refresh token can be used to refresh the auth state instead of running authentication again.

Initialize AuthProvider

First, you must call the AuthProvider create method to create an instance:

let provider = AuthProvider.create(
    issuer,                                      // specifies authentication server domain
    redirectUri,                                 // specifies the redirect uri
    clientId,                                    // specifies OAuth client ID
    storage                                      // optional, you can provide the storage logic you implemented using Storage interface, or use the default unsecure storage logic
)

Define more configurations

After you created the provider instance you can add more configs to fit your flow.

provider
    .withScopes()                       // for defining scopes (openid, offline is included by default)
    .withLoginHint()                    // for defining login hint
    .withAcrValues()                    // for defining acr values
    .withUiLocales()                    // for defining ui locales
    .withPrompts()                      // for defining prompts
    .withPostLogoutUri()                // for defining redirect uri after logout

Starting the flow

After a successful set up, you can use the startFlow method to initiate the login process.
You have to provide the viewController and define the success and onError callbacks which is called from this method.

provider.startFlow(viewController: myViewController) { accessToken, claims in
    // add success logic here
} onError: { error in
    // handle error
}

Get access token

To obtain the access token you can use getAccessToken method to retrieve it from the auth state
or the method tries to refresh it using refresh token. Access token can be nil.

provider.getAccessToken { accessToken in
    // add success logic here
} onError: { error in
    // handle error
}

Get claims

You have the possibility to get the claims from the last id token response (if it exists).
For this, call the getLastRetrievedClaims method which returns an '[AnyHashable: Any]?' object that contains the claims.
If there wasn't any claim, nil returns.

let claims = provider.getLastRetrievedClaims()

Perform logout

After the logout, callback function is called both on success or failure logout. If there was no
auth state then it is removed from the storage. If an error happens, then the error will return.
You have to provide the viewController and the callback.

provider.logout(viewController: myViewController) { error in
    // add success logic and handle error if presents
}

Checking authState is authenticated

There is a method where you can check if the auth state stored in the storage is authenticated or not.

provider.checkAuthenticated { isAuthenticated in
    // add some logic here
}

Author

Strivacity [[email protected]](mailto:[email protected])

License

Strivacity is available under the Apache License, Version 2.0. See the LICENSE file for more info.

Vulnerability Reporting

The Guidelines for responsible disclosure details the procedure for disclosing security issues.
Please do not report security vulnerabilities on the public issue tracker.

Updated 1 day ago