API

The iOS SDK offers 3 basic methods that can be called from the base class: "ConnectisSDK".

Login

func logIn(sdkConfiguration: ConnectisSDKConfiguration,
caller: UIViewController,
delegate: AuthenticationResponseDelegate,
allowDeviceAuthentication: Bool = false
)

Where ConnectisSDKConfiguration is a basic data class:

public struct ConnectisSDKConfiguration {
public var issuer: String
public var clientID: String
public var redirectURI:String
public init(issuer: String, clientID: String, redirectURI: String) {
self.issuer = issuer
self.clientID = clientID
self.redirectURI = redirectURI
}
}

and AuthenticationResponseDelegate is a protocol where you can handle the response:

public protocol AuthenticationResponseDelegate: class {
func handleResponse(authenticationResponse: AuthenticationResponse)
func onCancel()
}

the AuthenticationResponse is the class you will receive after a login was made in the CIB.

public struct AuthenticationResponse {
public var isSuccess: Bool
public var error: Error?
public var nameIdentifier: String?
public var attributes: [Attribute]?
}

Properties definition:

  • issuer - the endpoint of the CIB that you want to connect to. Given by Connectis Technical Support.

  • clientId - the client-id that you provided to Connectis Technical Support.

  • redirectUri - must be set to "com.connectis.mobile:/openid-redirect"

  • caller - The activity context where you call the ConnectisSDK from

  • delegate - your implementation of the AuthenticationResponseDelegate interface

  • allowDeviceAuthentication - true if you wish to enable device authentication in your application, false otherwise

OpenId Access Token

The API provides access to a valid OpenId access token

func useAccessToken(caller: UIViewController,
delegate: AccessTokenDelegate
)

where AccessTokenDelegate is a protocol:

public protocol AccessTokenDelegate: class {
func handleAccessToken(accessToken: Token)
func onError(errorMessage: String)
}

Note: for security reasons, the OpenId Access Token should be treated as a secret in the software.

Device Authentication

The iOS SDK offers the possibility to authenticate the users, once the user logged in at least once, using the mobile phone device authentication supported methods(face unlock, fingerprint, pin code)

To enable the device authentication flow call the following method after the user logged in using the CIB:

func enableDeviceAuthentication(delegate: DeviceAuthenticationResponseDelegate)

If you wish to disable the device authentication you can call the following function:

func disableDeviceAuthentication()

QR Code Login

Connectis offers the possibility to login into the web browser using your mobile phone. To use this feature you must have the QR Code Idp enabled in your system.

IMPORTANT: please set the Qr Code expiration time as small as possible for security reasons

Requirements

The application must be able to access the camera.

Flow:

- The user goes to the Service Provider (Browser) and reaches the CIB Idp selection screen. - On the Idp selection screen a new option called QR Code will be available. - The user opens his mobile phone and selects the QR Code login, a camera will prompt - The user scans the QR Code - The browser will be automatically logged in with the user that was logged in on the mobile phone.

Usage

Launching a login from the mobile phone:

/// Login in a browser using a QR Code.
///
/// - Parameters:
/// - responseHandler: A delegate that will return a response when QR Code login flow is done.
/// - view: A UIViewController from where the QR Code login flow is called
open class func qrLogin(responseHandler: QrCodeDelegate, view: UIViewController) {
let qrCodeLoginView = QrCodeLoginViewController()
qrCodeLoginView.delegate = responseHandler
view.present(qrCodeLoginView, animated: true, completion: nil)
}

Where the QrCodeDelegate is a protocol:

public protocol QrCodeDelegate : class {
func onSuccess()
func onError(errorMessage: String)
}