Android mobile SDK

Implement Strivacity sign-in journeys into your brand's Android mobile app using Chrome Custom Tabs and Strivacity's Authentication APIs.

The Strivacity Mobile SDK for Android provides simple client for communicating with Strivacity Authentication APIs

implementation 'com.strivacity:sdk:<version>'

Download

The Strivacity Mobile SDK for Android is available on MavenCentral

Demo App

A demo app is available in the Strivacity Github repository. For instructions on how to build and configure this app, see the demo app readme.

Overview

The internal implementation of the Strivacity Mobile SDK for Android relies on the open-source AppAuth Library.

This SDK encapsulates communication with the Strivacity Authentication APIs using the AuthClient interface. Class AuthProvider uses the provided AuthClient object with specified params.

For a convenient representation of the authorization state with the ability to serialize to JSON, use class AuthState from AppAuth Library.

To store the authentication state securely, use the class SecureStorage, which saves auth state to EncryptedSharedPreferences.

Initialize AuthProvider

First, specify an AuthProvider class to create AuthClient instance. For example:

val provider = com.strivacity.android.AuthProvider(context)
            .withClientId(CLIENT_ID) // specifies app client id
            .withClientSecret(CLIENT_SECRET) // specifies app client secret
            .withDomain(DOMAIN) // specifies authentication server domain
            .withRedirectUri(REDIRECT_URI) // specifies authorized redirect uri
            .setUseSecureStorage(true) // specifies using SecureStorage for saving auth state between app launches
            .setAuthState(state) // specifies default auth state
    

Biometric Verification

To enable biometric verification for access data in SecureStorage, you must specify the AuthProvider parameters BiometricType.ANY, fragmentActivity, biometricPromptConfig for biometric verification dialog:

authProvider.withBiometric(BiometricType.ANY, fragmentActivity, biometricPromptConfig)

📘

Note Biometric verification is disabled by default.

Provide AuthClient

To obtain an AuthClient instance, you need to call the authProvider.provide() method and pass into it a ProviderCallback for handle successful or fail completion:

provider.provide(object : ProviderCallback {
            override fun onSuccess(authClient: AuthClient) {
                //obtain authClient instance 
            }

            override fun onError(t : Throwable) {
                //handle error
            }
        })

Examples of performing Strivacity Authentication APIs via AuthClient:

Begin an OIDC Authorization Code Flow (Hosted Login):

authClient.authorizeAuthCodeFlow(activity, object : RequestCallback<AuthState> {
            override fun onRequestCompleted(t: AuthState) {
                // handle request completion
                // authState contains new auth code
            }

            override fun onError(t: Throwable) {
                // handle error
            }
        })

Obtain an ID Token from an Authorization Code:

authClient.requestIdToken(authCode, object : RequestCallback<AuthState> {
                override fun onRequestCompleted(t: AuthState) {
                    // handle request completion
                    // authState contains id and access tokens
                }

                override fun onError(t: Throwable) {
                    // handle error
                }
            }) 

Begin an OIDC Implicit Flow (Hosted Login)

authClient.authorizeImplicitFlow(activity, object : RequestCallback<AuthState> {
            override fun onRequestCompleted(t: AuthState) {
                // handle request copletion
                // authState contains new id token
            }

            override fun onError(t: Throwable) {
                // handle error
            }
        })

Begin an OIDC Hybrid Flow (Hosted Login)

authClient.authorizeHybridFlow(activity, object : RequestCallback<AuthState> {
            override fun onRequestCompleted(t: AuthState) {
                // handle request completion
                // authState contains new auth code and id token
            }

            override fun onError(t: Throwable) {
                // handle error
            }
        })

Begin an OIDC RP Initiated Logout

// Expects that authClient have alredy obtained id token
authClient.logout(activity, object : RequestCallback<AuthState> {
            override fun onRequestCompleted(t: AuthState) {
                // handle request completion
                // authState.isAuthorized returns true
            }

            override fun onError(t: Throwable) {
                // handle error
            }
        })

Obtain an Access Token via Client Credentials

authClient.requestAccessToken(object : RequestCallback<AuthState> {
            override fun onRequestCompleted(t: AuthState) {
                // handle request completion
                // authState contains access token
            }

            override fun onError(t: Throwable) {
                 // handle error
            }
        

📘

For detailed documentation of classes, enumerations, extensions, protocols, and structures, see our extended Mobile SDK for Android documentation.