-
Whether the flow type mandates client identification.
Declaration
Swift
open class var clientIdMandatory: Bool
-
If non-nil, will be called before performing dynamic client registration, giving you a chance to instantiate your own registrar.
Declaration
Swift
public final var onBeforeDynamicClientRegistration: ((URL) -> OAuth2DynReg?)?
-
The authorizer to use for UI handling, depending on platform.
Declaration
Swift
open var authorizer: OAuth2AuthorizerUI!
-
Designated initializer.
The following settings keys are currently supported:
- client_id (String)
- client_secret (String), usually only needed for code grant
- authorize_uri (URL-String)
- token_uri (URL-String), if omitted the authorize_uri will be used to obtain tokens
- redirect_uris (Array of URL-Strings)
scope (String)
client_name (String)
registration_uri (URL-String)
logo_uri (URL-String)
keychain (Bool, true by default, applies to using the system keychain)
keychain_access_mode (String, value for keychain kSecAttrAccessible attribute, kSecAttrAccessibleWhenUnlocked by default)
keychain_access_group (String, value for keychain kSecAttrAccessGroup attribute, nil by default)
keychain_account_for_client_credentials(String,
clientCredentials
by default)keychain_account_for_tokens(String,
currentTokens
by default)secret_in_body (Bool, false by default, forces the flow to use the request body for the client secret)
token_assume_unexpired (Bool, true by default, whether to use access tokens that do not come with an
expires_in
parameter)verbose (bool, false by default, applies to client logging)
Declaration
Swift
override public init(settings: OAuth2JSON)
-
Use this method to obtain an access token. Take a look at
authConfig
on how to configure how authorization is presented to the user.This method is running asynchronously and can only be run one at a time.
This method will first check if the client already has an unexpired access token (possibly from the keychain), if not and it’s able to use a refresh token it will try to use the refresh token. If this fails it will check whether the client has a client_id and show the authorize screen if you have
authConfig
set up sufficiently. IfauthConfig
is not set up sufficiently this method will end up calling the callback with a failure. If client_id is not set but aregistration_uri
has been provided, a dynamic client registration will be attempted and if it success, an access token will be requested.Declaration
Swift
public final func authorize(params: OAuth2StringDict? = nil, callback: @escaping ((OAuth2JSON?, OAuth2Error?) -> Void))
Parameters
params
Optional key/value pairs to pass during authorization and token refresh
callback
The callback to call when authorization finishes (parameters will be non-nil but may be an empty dict), fails or is cancelled (error will be non-nil, e.g.
.requestCancelled
if auth was aborted) -
Shortcut function to start embedded authorization from the given context (a UIViewController on iOS, an NSWindow on OS X).
This method sets
authConfig.authorizeEmbedded = true
andauthConfig.authorizeContext = <# context #>
, then callsauthorize()
Declaration
Swift
open func authorizeEmbedded(from context: AnyObject, params: OAuth2StringDict? = nil, callback: @escaping ((_ authParameters: OAuth2JSON?, _ error: OAuth2Error?) -> Void))
Parameters
from
The context to start authorization from, depends on platform (UIViewController or NSWindow, see
authorizeContext
)params
Optional key/value pairs to pass during authorization
callback
The callback to call when authorization finishes (parameters will be non-nil but may be an empty dict), fails or is cancelled (error will be non-nil, e.g.
.requestCancelled
if auth was aborted) -
If the instance has an accessToken, checks if its expiry time has not yet passed. If we don’t have an expiry date we assume the token is still valid.
Declaration
Swift
open func hasUnexpiredAccessToken() -> Bool
Return Value
A Bool indicating whether a probably valid access token exists
-
Attempts to receive a new access token by:
- checking if there still is an unexpired token
- attempting to use a refresh token
Indicates, in the callback, whether the client has been able to obtain an access token that is likely to still work (but there is no guarantee!) or not.
Declaration
Swift
open func tryToObtainAccessTokenIfNeeded(params: OAuth2StringDict? = nil, callback: @escaping ((OAuth2JSON?) -> Void))
Parameters
params
Optional key/value pairs to pass during authorization
callback
The callback to call once the client knows whether it has an access token or not; if
success
is true an access token is present -
Method to actually start authorization. The public
authorize()
method only proceeds to this method if there is no valid access token and if optional client registration succeeds.Can be overridden in subclasses to perform an authorization dance different from directing the user to a website.
Declaration
Swift
open func doAuthorize(params: OAuth2StringDict? = nil) throws
Parameters
params
Optional key/value pairs to pass during authorization
-
Most convenient method if you want the authorize URL to be created as defined in your settings dictionary.
Declaration
Swift
open func authorizeURL(params: OAuth2StringDict? = nil) throws -> URL
Parameters
params
Optional, additional URL params to supply to the request
Return Value
NSURL to be used to start the OAuth dance
-
Convenience method to be overridden by and used from subclasses.
Declaration
Swift
open func authorizeURL(withRedirect redirect: String?, scope: String?, params: OAuth2StringDict?) throws -> URL
Parameters
redirect
The redirect URI string to supply. If it is nil, the first value of the settings’
redirect_uris
entries is used. Must be present in the end!scope
The scope to request
params
Any additional parameters as dictionary with string keys and values that will be added to the query part
Return Value
NSURL to be used to start the OAuth dance
-
Generate the request to be used for token refresh when we have a refresh token.
This will set
grant_type
torefresh_token
, add the refresh token, and take care of the remaining parameters.Declaration
Swift
open func tokenRequestForTokenRefresh(params: OAuth2StringDict? = nil) throws -> OAuth2AuthRequest
Parameters
params
Additional parameters to pass during token refresh
Return Value
An
OAuth2AuthRequest
instance that is configured for token refresh -
If there is a refresh token, use it to receive a fresh access token.
If the request returns an error, the refresh token is thrown away.
Declaration
Swift
open func doRefreshToken(params: OAuth2StringDict? = nil, callback: @escaping ((OAuth2JSON?, OAuth2Error?) -> Void))
Parameters
params
Optional key/value pairs to pass during token refresh
callback
The callback to call after the refresh token exchange has finished