SSO Integration in IOS
#
Trust SSO - iOS#
DescriptionTrustSSO allows client applications to fetch and update transactions and their different matters & present users different kind of authentication methods based on their needs.
#
Table of contents#
ImplementationEasiest way to install TrustSSO is by using Cocoapods within just a few steps:
- Initialize cocoapods in your project (if it's not already done):
this would generate a Podfile and Pods folder.
- Complete Podfile according to your needs:
- Finally install previously specified dependencies using:
#
Associated DomainsIn order to support FIDO2 features, host application needs to in support Associated Domains for sharing web credentials.
The following JSON code represents the contents of a simple association file. ie. https://< fully qualified domain >/.well-known/apple-app-site-association
The above string is composed by the Apple developer TeamID (ABCDE12345) followed by the ApplicationBundleID (com.example.app).
#
InitializeUse set(currentEnvironment: Environment) method to set the library's current environment (.prod
or .test
)
#
Trust Transaction#
MethodsUse shared instance to access TrustTransaction public methods. For example: Update an existing transaction receiving it's UUID as parameter
- active: Bool value to be set on the respective transaction
- completed: Bool value to be set on the respective transaction
- authorizationMethod: String value that describes the auth method to be used
- result: ResultHandler for success of failure cases
Fetch exsiting transactions for a specific user
- userId: String value used for search transactions
- result: ResultHandler for success of failure cases
Fetch exsiting transactions for a specific company
- companyId: String value used for search transactions
- result: closure that handles success of failure cases
#
Trust Validation#
MethodsValidate code using transactionUuid and otp value
- transactionUuid: String needed for locating specific transaction
- otp: Int value representing otp Int
- result: ResultHandler for success of failure cases
Validate QR code
- code: String value representing code to validate
- userId: String value representing user id
#
Trust FIDO2Use set(authenticationAnchor: UIWindow) method for configuring the view where the authentication request will be displayed.
#
MethodsRegister new user credentials
- companyId: String valkue representing companyId
- userId: String representing userId
Authenticate user credentials
- userId: String value representing userId value
- companyId: String value representing companyId value
#
Trust IDP#
MethodsRequest authorization from client application user presenting a login form and then calling back to the client application
Ask for an AccessToken using a code provided in RequestAuthorization method
- code: String value stored in application used to get AccessToken
- result: ResultHandler for success of failure cases
#
Trust NativeAllows to obtain a login and a validation through an otp to obtain an access token through PKCE
#
BuilderName | Description | Default Value | Optional |
---|---|---|---|
scopes | Specifies the scopes | - | No |
clientID | Set the client id | - | No |
clientSecret | Set the cliend secret | - | No |
redirectUri | Set the register redirect URI | - | Yes |
responseType | Specifies the response type | - | Yes |
grantType | Specifies the grand type | - | No |
build | Return a instance of TrustNative | - | No |
#
Code example#
Methods#
PerformLogin#
DescriptionIt returns a login type form if it is the first time it is instantiated, otherwise it will return a code form.
view_type.login_form: Means that the form that has been returned is of type login, the data of this form must be sent in the following steps view_type.code_form: Means that the form that has been returned is of type code, the data of this form must be sent in the following steps, the codes are obtained by sms, whatsapp and mail.
#
Login form example#
Code form example#
Send Form login#
Descriptionnext_step: true => Means that there is still one form to complete. next_step: false => Means that there are no more forms left to complete. token_available: false => Means can't get token token_available: true => Means token can be obtained
#
Form step true#
Form step false#
Send Form code#
Descriptionnext_step: true => Means that there is still one form to complete. next_step: false => Means that there are no more forms left to complete. token_available: false => Means can't get token token_available: true => Means token can be obtained
#
Form step true#
Form step false#
Get Token#
Descriptionid_token: It is a jwt with the user information
#
ErrorsTrustError definition:
- code: String value code of error check specification
- localizedDescription: Error description as String
#
CodesPossible errors that can be found when integrating the SDK | Code | Value | |---|---| | 0 | Unknow error | | 400 | Bad request | | 401 | The request was unauthorized | | 403 | The request was forbidden | | 404 | The requested could not be found | | 405 | Method not allowed | | 500 | Internal server error | | 501 | Not implemented | | 502 | Bad gateway | | 503 | Service unavailable | | 1000 | Null or empty data | | 1001 | Null response body from server | | 1002 | Unexpected parameter or value | | 1003 | Error network connection | | 1004 | Error intent | | 1005 | Error response from fingerprint |