{"id":13528076,"url":"https://github.com/auth0/TouchIDAuth","last_synced_at":"2025-04-01T11:30:54.868Z","repository":{"id":22776716,"uuid":"26122774","full_name":"auth0/TouchIDAuth","owner":"auth0","description":"A library for passwordless authentication using TouchID \u0026 JWT","archived":true,"fork":false,"pushed_at":"2015-10-30T22:39:53.000Z","size":384,"stargazers_count":60,"open_issues_count":2,"forks_count":7,"subscribers_count":62,"default_branch":"master","last_synced_at":"2025-03-21T17:56:27.610Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Objective-C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/auth0.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-11-03T14:45:05.000Z","updated_at":"2023-02-09T08:21:41.000Z","dependencies_parsed_at":"2022-08-05T19:16:33.522Z","dependency_job_id":null,"html_url":"https://github.com/auth0/TouchIDAuth","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/auth0%2FTouchIDAuth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/auth0%2FTouchIDAuth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/auth0%2FTouchIDAuth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/auth0%2FTouchIDAuth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/auth0","download_url":"https://codeload.github.com/auth0/TouchIDAuth/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246631650,"owners_count":20808725,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T06:02:11.942Z","updated_at":"2025-04-01T11:30:54.578Z","avatar_url":"https://github.com/auth0.png","language":"Objective-C","funding_links":[],"categories":["Objective-C"],"sub_categories":[],"readme":"# TouchIDAuth\n\n[![CI Status](http://img.shields.io/travis/auth0/TouchIDAuth.svg?style=flat)](https://travis-ci.org/auth0/TouchIDAuth)\n[![Version](https://img.shields.io/cocoapods/v/TouchIDAuth.svg?style=flat)](http://cocoadocs.org/docsets/TouchIDAuth)\n[![License](https://img.shields.io/cocoapods/l/TouchIDAuth.svg?style=flat)](http://cocoadocs.org/docsets/TouchIDAuth)\n[![Platform](https://img.shields.io/cocoapods/p/TouchIDAuth.svg?style=flat)](http://cocoadocs.org/docsets/TouchIDAuth)\n[![Carthage compatible](https://img.shields.io/badge/Carthage-compatible-4BC51D.svg?style=flat)](https://github.com/Carthage/Carthage)\n\nTouchIDAuth provides a default implementation for a passwordless login flow using TouchID and JWT.\n\n![TouchID Flow](/Flow.png \"TouchID Flow\")\n\nThe flow is represented in the following graph:\n\n1. Validate the user presence using TouchID\n1. Check if the user has a key pair\n  1. Generate a key pair\n  1. Register the Public Key for the user.\n1. Generate a JWT and signs it with the Private Key using **RS256**\n1. Authenticate the user with the signed JWT.\n\n![TouchID demo](https://cloudup.com/cyDR07xBX3j+)\n\n## Requirements\n\nThe library requires iOS 8+ and a device with TouchID.\n\n## Installation\n\n### CocoaPods\n\nTouchIDAuth is available through [CocoaPods](http://cocoapods.org). To install\nit, simply add the following line to your Podfile:\n\n    pod \"TouchIDAuth\"\n\n### Carthage\n\nIn your Cartfile add the following\n\n```\ngithub \"auth0/TouchIDAuth\"\n```\n \n\n## Running Example app\n\nTo run the example project, clone the repo, and run `pod install` from the Example directory first.\nAnd then in [A0ViewController](https://github.com/auth0/TouchIDAuth/blob/master/MyTouchID/ViewController.m#L32) add your IP address or hostname for the mock server URL:\n\n```objc\n#define kBaseURL @\"http://mymac.local:3000\"\n```\n\nTo run the mock server, go to the folder [TouchIDAuthServer](https://github.com/auth0/TouchIDAuth/tree/master/TouchIDAuthServer) and run the following commands:\n```bash\nnpm install\nnode app.js\n```\n\n## Usage\n\nFirst you'll need to instantiate it\n```objc\nA0TouchIDAuthentication *authentication = [[A0TouchIDAuthentication alloc] init];\n```\nThen you need to configure a couple of callbacks that will be called during the authentication flow. There are three callbacks, `registerPublicKey`, `jwtPayload` and `authenticate`.\n\nThe callback `registerPublicKey` will handle the registration of the public key against an API and must call `completionBlock` on success in order to continue with the flow (or `errorBlock` if it fails). For example:\n\n```objc\nauthentication.registerPublicKey = ^(NSData *pubKey, A0RegisterCompletionBlock completionBlock, A0ErrorBlock errorBlock) {\n      AFHTTPRequestOperationManager *manager = [[AFHTTPRequestOperationManager alloc] initWithBaseURL:baseURL];\n      //Configure AFHTTPRequestOperationManager\n      [manager POST:@\"/pubkey\" parameters:params success:^(AFHTTPRequestOperation *operation, id responseObject) {\n          completionBlock();\n      } failure:^(AFHTTPRequestOperation *operation, NSError *error) {\n          errorBlock(error);\n      }];\n  };\n};\n```\n\n The callback `jwtPayload` is called before generating the JWT in order to provide the JWT payload needed by your API endpoint. For example:\n\n```objc\nauthentication.jwtPayload = ^{\n    return @{\n      @\"iss\": @\"Issuer\",\n      @\"custom_key\": @\"value\",\n    };\n};\n```\n The callback `authenticate` will receive the signed JWT and will need to authenticate against your API endpoint. For example:\n\n```objc\nauthentication.authenticate = ^(NSString *jwt, A0ErrorBlock errorBlock) {\n  NSDictionary *params = @{\n                           @\"jwt\": jwt,\n                           };\n  AFHTTPRequestOperationManager *manager = [[AFHTTPRequestOperationManager alloc] initWithBaseURL:baseURL];\n  //Configure AFHTTPRequestOperationManager\n  [manager POST:@\"/login\" parameters:params success:^(AFHTTPRequestOperation *operation, id responseObject) {\n    NSLog(@\"Logged in!!!\");\n  } failure:^(AFHTTPRequestOperation *operation, NSError *error) {\n    errorBlock(error);\n  }];\n};\n```\n\nThere is an extra callback `onError` that will be called whenever an error ocurrs while executing the Auth flow:\n```objc\nauthentication.onError = ^(NSError *error) {\n  NSLog(@\"ERROR %@\", error);\n};\n```\n\nAt last, call the following method to start the authentication flow:\n```objc\n[authentication start];\n```\n\u003e Before calling `start`, it's recommended to check if **TouchID** is enabled in the device calling the method [isTouchIDAuthenticationAvailable](#a0touchidauthenticationistouchidauthenticationavailable).\n\n##API\n\n###A0TouchIDAuthentication\n\n####A0TouchIDAuthentication#registerPublicKey\n```objc\n@property (copy, nonatomic) void(^registerPublicKey)(NSData *pubKey, A0RegisterCompletionBlock completionBlock, A0ErrorBlock errorBlock);\n```\nBlock to handle public key registration with an API Endpoint. It will receive 3 parameters: publicKey, completionBlock and errorBlock. The public key is formatted as a RSA public key.\n\n####A0TouchIDAuthentication#jwtPayload\n```objc\n@property (copy, nonatomic) NSDictionary *(^jwtPayload)();\n```\nBlock to return the paylod for the JWT to be signed by the device. It will be called each time a JWT needs to be generated and signed. By default `A0TouchIDAuth` will include `iat`, `exp` (30 sec) and `sub` (Public Key fingerprint) claims but you can override them or add more entries to the payload.\n\n####A0TouchIDAuthentication#authenticate\n```objc\n@property (copy, nonatomic) void(^authenticate)(NSString *jwt, A0ErrorBlock errorBlock);\n```\nBlock called with the signed JWT to authenticate against an API ednpoint.\n\n####A0TouchIDAuthentication#onError\n```objc\n@property (copy, nonatomic) void(^onError)(NSError *error);\n```\nBlock called when an error occurred during the Authentication flow.\n\n####A0TouchIDAuthentication#localizedTouchIDMessage\n```objc\n@property (copy, nonatomic) NSString *localizedTouchIDMessage;\n```\nLocalized message displayed in TouchID prompt.\n\n####A0TouchIDAuthentication#start\n```objc\n- (void)start;\n```\nStarts the TouchID authentication flow. It will fail automatically if `isTouchIDAuthenticationAvailable` returns `NO`.\n\n####A0TouchIDAuthentication#isTouchIDAuthenticationAvailable\n```objc\n- (BOOL)isTouchIDAuthenticationAvailable;\n```\nCheck if TouchID is supported by the device and configured.\n\n####A0TouchIDAuthentication#reset\n```objc\n- (void)reset;\n```\nReset TouchID authentication info stored in the device.\n\n## Issue Reporting\n\nIf you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.\n\n## Author\n\n[Auth0](auth0.com)\n\n## What is Auth0?\n\nAuth0 helps you to:\n\n* Add authentication with [multiple authentication sources](https://docs.auth0.com/identityproviders), either social like **Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, amont others**, or enterprise identity systems like **Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider**.\n* Add authentication through more traditional **[username/password databases](https://docs.auth0.com/mysql-connection-tutorial)**.\n* Add support for **[linking different user accounts](https://docs.auth0.com/link-accounts)** with the same user.\n* Support for generating signed [Json Web Tokens](https://docs.auth0.com/jwt) to call your APIs and **flow the user identity** securely.\n* Analytics of how, when and where users are logging in.\n* Pull data from other sources and add it to the user profile, through [JavaScript rules](https://docs.auth0.com/rules).\n\n## Create a free account in Auth0\n\n1. Go to [Auth0](https://auth0.com) and click Sign Up.\n2. Use Google, GitHub or Microsoft Account to login.\n\n## License\n\nTouchIDAuth is available under the MIT license. See the [LICENSE file](https://github.com/auth0/TouchIDAuth/blob/master/LICENSE) for more info.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fauth0%2FTouchIDAuth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fauth0%2FTouchIDAuth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fauth0%2FTouchIDAuth/lists"}