API

The Android SDK offers 3 basic methods that can be called from the base class: "com.connectis.sdk.ConnectisSDK".

Login

fun login(
sdkConfiguration: ConnectisSDKConfiguration,
caller: Context,
delegate: AuthenticationResponseDelegate,
allowDeviceAuthentication: Boolean = false
)

Where ConnectisSDKConfiguration is a basic data class:

data class ConnectisSDKConfiguration(
val issuer: String,
val clientId: String,
val redirectUri: String
)

and AuthenticationResponseDelegate is a interface where you can handle the response:

interface AuthenticationResponseDelegate{
fun handleResponse(authenticatonResponse: AuthenticationResponse)
fun onCancel()
}

the AuthenticationResponse is the class you will receive after a login was made in the CIB.

data class AuthenticationResponse(
val isSuccess: Boolean,
val error: String?,
val nameIdentifier: String?,
val attributes: List<Attribute>
)

Properties definition:

  • issuer - the endpoint of the CIB that you want to connect to. Given by Connectis Technical Support.

  • clientId - the client-id that you provided to Connectis Technical Support.

  • redirectUri - must be set to "com.connectis.mobile:/openid-redirect"

  • caller - The activity context where you call the ConnectisSDK from

  • delegate - your implementation of the AuthenticationResponseDelegate interface

  • allowDeviceAuthentication - true if you wish to enable device authentication in your application, false otherwise

OpenId Access Token

The API provides access to a valid OpenId access token

fun useAccessToken(
caller: Context,
accessTokenDelegate: AccessTokenDelegate
)

where AccessTokenDelegate is an interface:

interface AccessTokenDelegate {
fun handleAccessToken(accessToken : Token)
fun onError(errorMessage: String)
}

Note: for security reasons, the OpenId Access Token should be treated as a secret in the software.

Device Authentication

The Android SDK offers the possibility to authenticate the users, once the user logged in at least once, using the mobile phone device authentication supported methods(face unlock, fingerprint, pin code)

To enable the device authentication flow call the following method after the user logged in using the CIB:

fun enableDeviceAuthentication(originalContext: Context)

If you wish to disable the device authentication you can call the following function:

fun disableDeviceAuthentication(originalContext: Context)

QR Code Login

Connectis offers the possibility to login into the web browser using your mobile phone. To use this feature you must have the QR Code Idp enabled in your system.

IMPORTANT: please set the Qr Code expiration time as small as possible for security reasons

Requirements

The application must be able to access the camera.

Flow:

- The user goes to the Service Provider (Browser) and reaches the CIB Idp selection screen. - On the Idp selection screen a new option called QR Code will be available. - The user opens his mobile phone and selects the QR Code login, a camera will prompt - The user scans the QR Code - The browser will be automatically logged in with the user that was logged in on the mobile phone.

Usage

Launching a login from the mobile phone:

/**
* Login on other device with current session using QR.
* - Parameters:
* - originalContext: Context from where the method is called.
* - delegate: A delegate that will return a response when QR login flow is done.
*/
fun qrCodeLogin(originalContext: Context, delegate: QrLoginResponseDelegate) {
qrLoginService.login(originalContext, delegate)
}

Where the QrLoginResponseDelegate is a interface:

interface QrLoginResponseDelegate {
fun onSuccess()
fun onError(errorMessage: String)
}