https://github.com/pushpabrol/iosssoapp2

https://github.com/pushpabrol/iosssoapp2

Last synced: about 2 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/pushpabrol/iosssoapp2
• Owner: pushpabrol
• Created: 2017-03-05T00:12:47.000Z (over 9 years ago)
• Default Branch: master
• Last Pushed: 2017-03-05T16:20:36.000Z (over 9 years ago)
• Last Synced: 2025-03-12T11:17:13.681Z (over 1 year ago)
• Language: Swift
• Size: 260 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# SSOApp2

- A project using Auth0.swift to show Login via an iOS app and generating both access_token and refresh_token for sign in,  calling an API and SSO to a website protected by Auth0 and also SSO to another App - iosSSOApp2

## Setup.

 - Download the project file

 - Make sure you have atleast v1.1.1 of Cocoa Pods installed

 - open the folder in command line

 - `pod install` -- to install the dependencies

 - `open App2SSO.xcworkspace` -- to open this in xcode and launch a simulator

## How it works

 - User signs in using this App which uses a auth0 SDK that launches the login within a web view. The user authenticates with the `audience=Identifier_for_API as defined within Auth0` and the `scope = openid profile offline_access api:scopes` where api:scopes represents the set of scopes the user will consent to allow the App to present to the API.

 

 ### Please read the note below before setting up the Client App within Auth0

 - Create a Client within Auth0 and see the link -> https://github.com/auth0/Auth0.swift#web-based-auth-ios-only to set the settings based on your iOS App

 

 ### App to App SSO

 - This requires that the 2 Apps share the same same keychain. Also for the purposes of this demo the 2 apps share the same refresh_token so that one app can use the refresh_token of the other App. Ideally just using webAuth to do SSO using safari should work fine too.

 ### Please read the note below before setting up the API within Auth0

 - Make sure while defining the API within Auth0 the toggle for allow offline access is enabled. make sure when creating the API you have defined the Signing algorithm as RS256 and make a note of the identifier for the API within Auth0. This identifier will be used as the API_AUDIENCE in the settings below

 

 

- The required settings are created within Auth0.plist

```

	Domain

	{your_auth0_domain}

	ClientId

	{your_auth0_clientId}

	API_AUDIENCE

	{your_API_Identifier as defined in Auth0}

	scope

	openid profile offline_access api:scopes

```

- The endpoint of the API is defined under Info.plist - The project for the API is under https://github.com/pushpabrol/nodejs-api-rs

- The other required settings are under Info.plist. The important settings are:

```

	APIUrl

	https://pushp.us.webtask.io

	...

	CFBundleURLTypes

	

		

			CFBundleTypeRole

			None

			CFBundleURLName

			auth0

			CFBundleURLSchemes

			

				com.auth0.App2SSO

			

		

	

	...

	NSAppTransportSecurity

	

		NSAllowsArbitraryLoads

		

	

	...

```