- Xcode 8.1 or above
- CocoaPods 1.1.0 or higher
- MacOS 10.11.5 or higher
- iOS 9 or higher
-
Add the 'BluemixAppID' dependency to your Podfile, for example:
target <yourTarget> do use_frameworks! pod 'BluemixAppID' end
-
From the terminal, run:
pod install --repo-update
-
Open your Xcode project and enable Keychain Sharing (Under project settings > Capabilities > Keychain sharing)
-
Under project setting > info > Url Types, Add $(PRODUCT_BUNDLE_IDENTIFIER) as a URL Scheme
-
Add the following import to your AppDelegate.swift file:
import BluemixAppID
-
Initialize the client SDK by passing the tenantId and region parameters to the initialize method. A common, though not mandatory, place to put the initialization code is in the application:didFinishLaunchingWithOptions: method of the AppDelegate in your Swift application.
AppID.sharedInstance.initialize(tenantId: <tenantId>, bluemixRegion: AppID.REGION_UK)
- Replace "tenantId" with the App ID service tenantId.
- Replace the AppID.REGION_UK with the your App ID region (AppID.REGION_US_SOUTH, AppID.REGION_SYDNEY).
-
Add the following code to you AppDelegate file
func application(_ application: UIApplication, open url: URL, options :[UIApplicationOpenURLOptionsKey : Any]) -> Bool { return AppID.sharedInstance.application(application, open: url, options: options) }
After the App ID client SDK is initialized, you can start authenticating users by launching the Login Widget.
- Add the following import to the file in which you want to use with the login Widget:
import BluemixAppID
- Add the following code to the same file:
class delegate : AuthorizationDelegate {
public func onAuthorizationSuccess(accessToken: AccessToken?, identityToken: IdentityToken?, refreshToken: RefreshToken?, response:Response?) {
//User authenticated
}
public func onAuthorizationCanceled() {
//Authentication canceled by the user
}
public func onAuthorizationFailure(error: AuthorizationError) {
//Exception occurred
}
}
AppID.sharedInstance.loginWidget?.launch(delegate: delegate())
Note:
- The Login widget default configuration use Facebook and Google as authentication options. If you configure only one of them the login widget will not launch and the user is redirected to the configured identity provder authentication screen.
- When using Cloud Directory, and "Email verification" is configured to not allow users to sign-in without email verification, then the "onAuthorizationSuccess" of the "AuthorizationListener" will be invoked without tokens.
You can obtain access token and id token by supplying the end user's username and the end user's password.
class delegate : TokenResponseDelegate {
public func onAuthorizationSuccess(accessToken: AccessToken?, identityToken: IdentityToken?, refreshToken: RefreshToken?, response:Response?) {
//User authenticated
}
public func onAuthorizationFailure(error: AuthorizationError) {
//Exception occurred
}
}
AppID.sharedInstance.signinWithResourceOwnerPassword(username: username, password: password, delegate: delegate())
It is recommended to store the refresh token locally such that it will be possible to sign in with the refresh token without requiring the user to type his credentials again.
class delegate : TokenResponseDelegate {
public func onAuthorizationSuccess(accessToken: AccessToken?, identityToken: IdentityToken?, refreshToken: RefreshToken?, response:Response?) {
//User authenticated
}
public func onAuthorizationFailure(error: AuthorizationError) {
//Exception occurred
}
}
AppID.sharedInstance.signInWithRefreshToken(refreshTokenString: refreshTokenString, delegate: delegate())
Make sure to set Allow users to sign up and reset their password to ON, in the settings for Cloud Directory.
Use LoginWidget class to start the sign up flow.
class delegate : AuthorizationDelegate {
public func onAuthorizationSuccess(accessToken: AccessToken?, identityToken: IdentityToken?, refreshToken: RefreshToken?, response:Response?) {
if accessToken == nil && identityToken == nil {
//email verification is required
return
}
//User authenticated
}
public func onAuthorizationCanceled() {
//Sign up canceled by the user
}
public func onAuthorizationFailure(error: AuthorizationError) {
//Exception occurred
}
}
AppID.sharedInstance.loginWidget?.launchSignUp(delegate: delegate())
Make sure to set Allow users to sign up and reset their password and Forgot password email to ON, in the settings for Cloud Directory.
Use LoginWidget class to start the forgot password flow.
class delegate : AuthorizationDelegate {
public func onAuthorizationSuccess(accessToken: AccessToken?, identityToken: IdentityToken?, refreshToken: RefreshToken?, response:Response?) {
//forgot password finished, in this case accessToken and identityToken will be null.
}
public func onAuthorizationCanceled() {
//forgot password canceled by the user
}
public func onAuthorizationFailure(error: AuthorizationError) {
//Exception occurred
}
}
AppID.sharedInstance.loginWidget?.launchForgotPassword(delegate: delegate())
Make sure to set Allow users to sign up and reset their password to ON, in the settings for Cloud Directory.
Use LoginWidget class to start the change details flow. This API can be used only when the user is logged in using Cloud Directory identity provider.
class delegate : AuthorizationDelegate {
public func onAuthorizationSuccess(accessToken: AccessToken?, identityToken: IdentityToken?, refreshToken: RefreshToken?, response:Response?) {
//User authenticated, and fresh tokens received
}
public func onAuthorizationCanceled() {
//changed details canceled by the user
}
public func onAuthorizationFailure(error: AuthorizationError) {
//Exception occurred
}
}
AppID.sharedInstance.loginWidget?.launchChangeDetails(delegate: delegate())
Make sure to set Allow users to sign up and reset their password to ON, in the settings for Cloud Directory.
Use LoginWidget class to start the change password flow. This API can be used only when the user is logged in using Cloud Directory identity provider.
class delegate : AuthorizationDelegate {
public func onAuthorizationSuccess(accessToken: AccessToken?, identityToken: IdentityToken?, refreshToken: RefreshToken?, response:Response?) {
//User authenticated, and fresh tokens received
}
public func onAuthorizationCanceled() {
//change password canceled by the user
}
public func onAuthorizationFailure(error: AuthorizationError) {
//Exception occurred
}
}
AppID.sharedInstance.loginWidget?.launchChangePassword(delegate: delegate())
Add the following imports to the file in which you want to invoke a protected resource request:
import BMSCore
import BluemixAppID
Then add the following code:
BMSClient.sharedInstance.initialize(bluemixRegion: AppID.REGION_UK)
BMSClient.sharedInstance.authorizationManager = AppIDAuthorizationManager(appid:AppID.sharedInstance)
var request:Request = Request(url: "<your protected resource url>")
request.send(completionHandler: {(response:Response?, error:Error?) in
//code handling the response here
})
This package contains code licensed under the Apache License, Version 2.0 (the "License"). You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 and may also view the License in the LICENSE file within this package.