I have an iOS app which is already in the app store, and i am authenticating users of my app through my web api. The app accessed by the users and this access given manually. In the next release i just want to control the access to my app with Azure AD i.e, the app get accessed by only users who are configured in the Azure AD.
I am new to Azure AD. I have gone through with multiple documents from Microsoft Azure started from https://learn.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-ios-get-started and all the docs/stuff confused me and i just came to know ADAL is the library which need to be used to get authenticated from Azure AD.
Please suggest me from where to start and what need to be followed/done. I have checked https://github.com/Azure-Samples/active-directory-ios and other related Azure native app libraries for objective-c.
Thanks in advance.
If you just want to authenticate against Azure AD, you don't need any mobile backend - just the ADAL library and an appropriate configuration for a Native App in Azure AD.
Firstly, configure Azure AD for a Native Mobile App:
Log in to the Azure Classic Portal (https://manage.windowsazure.com)
Select the appropriate directory from your list of all items
Click on the APPLICATIONS tab
Click on the ADD button at the bottom of the page
Click on Add an application my organization is developing
Give it a name, then select NATIVE CLIENT APPLICATION as the Type
Enter a valid URI for the redirect URI (it can be anything, but it has to be valid)
Click on the tick to create the application.
At this point, you've created the app. Click on the CONFIGURE tab and note the Client ID and Redirect URI.
You can now use any of the samples by replacing the Client ID and the Redirect URI for the ADAL library. Here is the relevant code from one of the samples:
- (void)acquireTokenInteractive:(id)sender
{
ADTestAppSettings* settings = [ADTestAppSettings settings];
NSString* authority = [settings authority];
NSString* resource = [settings resource];
NSString* clientId = [settings clientId];
NSURL* redirectUri = [settings redirectUri];
ADUserIdentifier* identifier = [self identifier];
ADCredentialsType credType = [self credType];
BOOL validateAuthority = _validateAuthority.selectedSegmentIndex == 0;
ADAuthenticationError* error = nil;
ADAuthenticationContext* context = [[ADAuthenticationContext alloc
initWithAuthority:authority
validateAuthority:validateAuthority
error:&error];
if (!context)
{
NSString* resultText = [NSString stringWithFormat:#"Failed to create AuthenticationContext:\n%#", error];
[_resultView setText:resultText];
return;
}
[context setCredentialsType:credType];
if ([self embeddedWebView])
{
[context setWebView:_webView];
//[_authView setFrame:self.view.frame];
[UIView animateWithDuration:0.5 animations:^{
[_acquireSettingsView setHidden:YES];
[_authView setHidden:NO];
}];
}
__block BOOL fBlockHit = NO;
[context acquireTokenWithResource:resource
clientId:clientId
redirectUri:redirectUri
promptBehavior:[self promptBehavior]
userIdentifier:identifier
extraQueryParameters:nil
completionBlock:^(ADAuthenticationResult *result)
{
if (fBlockHit)
{
dispatch_async(dispatch_get_main_queue(), ^{
UIAlertController* alert = [UIAlertController
alertControllerWithTitle:#"Error!"
message:#"Completion block was hit multiple times!"
preferredStyle:UIAlertControllerStyleAlert];
[self presentViewController:alert animated:YES completion:nil];
});
return;
}
fBlockHit = YES;
dispatch_async(dispatch_get_main_queue(), ^{
[self updateResultView:result];
[_webView loadHTMLString:#"<html><head></head><body>done!</body></html>" baseURL:nil];
[_authView setHidden:YES];
[self.view setNeedsDisplay];
[[NSNotificationCenter defaultCenter] postNotificationName:ADTestAppCacheChangeNotification object:self];
});
}];
}
Related
Is there such feature that can be un-locked when the user shares my app via Facebook or Tweeter?
Like this:
1) The user clicks on "Share" button within my app
2) My app is then posted(shared or advertised) on the wall of the user's facebook
3) Some feature gets unlocked within my app
You can use the Facebook sharing delegate method to know whether the user has successfully shared OR not.
Below is FB developer link which show various sharing methods,according to your requirements.
https://developers.facebook.com/docs/sharing/ios
Below are the methods in which you can know the sharing status
- (void)sharer:(id<FBSDKSharing>)sharer didCompleteWithResults:(NSDictionary *)results{
//UNLOCK THE APP FEATURE IN THIS METHOD
}
- (void)sharerDidCancel:(id<FBSDKSharing>)sharer{
}
- (void)sharer:(id<FBSDKSharing>)sharer didFailWithError:(NSError *)error{
NSLog(#"%#",error);
}
See iOS Facebook Tutorial for an example of how its done on the facebook end.
On the app side you can setup a flag on NSUserDefaults or write to the app filesystem to check if the feature is unlocked.
This can be done relatively painlessly using UIActivityViewController and its completion handler.
NSString *message = #"my app is awesome.";
NSURL *link = [NSURL URLWithString:#"awesomeapp.com"];
UIActivityViewController *shareController = [[UIActivityViewController alloc] initWithActivityItems:#[message, link]
applicationActivities:nil];
//add whatever you don't want
shareController.excludedActivityTypes = #[UIActivityTypeMessage];
shareController.completionWithItemsHandler =
^(NSString *activityType, BOOL completed, NSArray *returnedItems, NSError *activityError) {
//Share wasn't completed, don't unlock
if (!completed || activityError) {
return;
}
//Facebook or Twitter
if ([activityType isEqualToString:UIActivityTypePostToFacebook] ||
[activityType isEqualToString:UIActivityTypePostToTwitter]) {
//Unlock item logic
}
};
[self presentViewController:shareController animated:YES completion:^{
//Whatever
}];
I have an application that i need to integrate with twitter login, for logging in via their twitter account. In the application we also have Twitter sharing option. Here i want to implement functionality to choose their account in which account they want to share the tweet. If user is logged in for only one account, then there should be provision to login to another account without logging out of existing logged-in account.
Well, this really compounds about 5 different topics in to one, and we can't write your entire app for you, but here are some helpful pointers.
When it comes to twitter, I use the STTwitter API (https://github.com/nst/STTwitter). What this does is takes all the twitter code, and dumbs it down for us less objective-c inclined programmers. The "README" file contains more information about what you'd be needing. You can find the developer tutorial at http://www.veasoftware.com/tutorials/2014/6/17/xcode-5-tutorial-ios-7-app-only-authentication-twitter-api-version-11. This also allows you to download the project to test, and copy and paste code from.
Youtube and Google are also great sources to find information. Right now your request is quite broad and encompases quite a few different aspects of twitter integration, work on them one at a time from the ground up.
====>Download Third Party Class FSHTwitterEngine.
{
[[FHSTwitterEngine sharedEngine]permanentlySetConsumerKey:#"6XITOIDiXNajx7TQMKOh8qDxj" andSecret:#"w4F44ATueFsarNjGQ9WDdEudJCBJ8P0o5zeNON5bP9hIKhGls6"];
[[FHSTwitterEngine sharedEngine]setDelegate:self];
[[FHSTwitterEngine sharedEngine]loadAccessToken];
UIViewController *loginController = [[FHSTwitterEngine sharedEngine]loginControllerWithCompletionHandler:^(BOOL success) {
NSLog(success?#"L0L success":#"O noes!!! Loggen faylur!!!");
[self performSelector:#selector(TwitterPostMessage) withObject:nil afterDelay:1.0];
}];
[self presentViewController:loginController animated:YES completion:nil];
}
-(void)TwitterPostMessage
{
UIImage *aimg = [UIImage imageNamed:#"mark"];
// [[FHSTwitterEngine sharedEngine]postTweet:#"Hepp adsfihdf sdfhihdsfh" withImageData:UIImagePNGRepresentation(aimg)];
[UIApplication sharedApplication].networkActivityIndicatorVisible = YES;
dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^{
#autoreleasepool {
//NSString *tweet = [alertView textFieldAtIndex:0].text;
// id returned = [[FHSTwitterEngine sharedEngine]postTweet:#"Post of image"];
id returned = [[FHSTwitterEngine sharedEngine]postTweet:#"Hi Successfully Post Twitter..." withImageData:UIImagePNGRepresentation(aimg)];
[UIApplication sharedApplication].networkActivityIndicatorVisible = NO;
NSString *title = nil;
NSString *message = nil;
if ([returned isKindOfClass:[NSError class]])
{
NSError *error = (NSError *)returned;
title = [NSString stringWithFormat:#"Error %d",error.code];
message = error.localizedDescription;
} else {
NSLog(#"%#",returned);
title = #"Tweet Posted";
message = #"Post of image";
}
dispatch_sync(dispatch_get_main_queue(), ^{
#autoreleasepool {
UIAlertView *av = [[UIAlertView alloc]initWithTitle:title message:message delegate:nil cancelButtonTitle:#"OK" otherButtonTitles:nil];
[av show];
}
});
}
});
}
I want to use Braintree API in my iOS app.
My app is used for renting purpose i.e. requester user has to make payment to the owner of asset he wanted for rent.
I have checked following links :
http://www.youtube.com/watch?v=s7GlgBFM20I
https://www.braintreepayments.com/developers
http://www.youtube.com/watch?v=2y8Tsml6JYo
https://www.braintreepayments.com/braintrust/venmo-touch-screencasts-add-one-touch-payments-to-your-app-in-15-minutes
etc.
But I didn't get any idea where to provide receiver's account details using Braintree or Venmo api, For Example we can pass e-mail of receiver in PayPal iOS sdk, and then PayPal pays the amount to the user registered with that e-mail.
The same thing I am searching in Braintree Payment API.
Any help is greatly appreciated.
Thanks in advance.
I am using below code : (Used from a sample code given by braintree)
/* Get called when user pay on Pay button on screen.
User wil see a form for entering his credit card number, CVV and expiration date. */
-(IBAction)payButtonClicked
{
self.paymentViewController =
[BTPaymentViewController paymentViewControllerWithVenmoTouchEnabled:YES];
self.paymentViewController.delegate = self;
[self presentViewController:self.paymentViewController animated:YES completion:nil];
}
// When a user types in their credit card information correctly, the BTPaymentViewController sends you
// card details via the `didSubmitCardWithInfo` delegate method.
//
// NB: you receive raw, unencrypted info in the `cardInfo` dictionary, but
// for easy PCI Compliance, you should use the `cardInfoEncrypted` dictionary
// to securely pass data through your servers to the Braintree Gateway.
- (void)paymentViewController:(BTPaymentViewController *)paymentViewController
didSubmitCardWithInfo:(NSDictionary *)cardInfo
andCardInfoEncrypted:(NSDictionary *)cardInfoEncrypted {
[self savePaymentInfoToServer:cardInfoEncrypted]; // send card through your server to Braintree Gateway
}
// When a user adds a saved card from Venmo Touch to your app, the BTPaymentViewController sends you
// a paymentMethodCode that you can pass through your servers to the Braintree Gateway to
// add the full card details to your Vault.
- (void)paymentViewController:(BTPaymentViewController *)paymentViewController
didAuthorizeCardWithPaymentMethodCode:(NSString *)paymentMethodCode {
// Create a dictionary of POST data of the format
// {"payment_method_code": "[encrypted payment_method_code data from Venmo Touch client]"}
NSMutableDictionary *paymentInfo = [NSMutableDictionary dictionaryWithObject:paymentMethodCode
forKey:#"payment_method_code"];
[self savePaymentInfoToServer:paymentInfo]; // send card through your server to Braintree Gateway
}
#define SAMPLE_CHECKOUT_BASE_URL #"http://venmo-sdk-sample-two.herokuapp.com"
//#define SAMPLE_CHECKOUT_BASE_URL #"http://localhost:4567"
// Pass payment info (eg card data) from the client to your server (and then to the Braintree Gateway).
// If card data is valid and added to your Vault, display a success message, and dismiss the BTPaymentViewController.
// If saving to your Vault fails, display an error message to the user via `BTPaymentViewController showErrorWithTitle`
// Saving to your Vault may fail, for example when
// * CVV verification does not pass
// * AVS verification does not pass
// * The card number was a valid Luhn number, but nonexistent or no longer valid
- (void) savePaymentInfoToServer:(NSDictionary *)paymentInfo {
NSURL *url;
if ([paymentInfo objectForKey:#"payment_method_code"]) {
url = [NSURL URLWithString: [NSString stringWithFormat:#"%#/card/payment_method_code", SAMPLE_CHECKOUT_BASE_URL]];
} else {
url = [NSURL URLWithString: [NSString stringWithFormat:#"%#/card/add", SAMPLE_CHECKOUT_BASE_URL]];
}
NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL:url];
// You need a customer id in order to save a card to the Braintree vault.
// Here, for the sake of example, we set customer_id to device id.
// In practice, this is probably whatever user_id your app has assigned to this user.
NSString *customerId = [[UIDevice currentDevice] identifierForVendor].UUIDString;
[paymentInfo setValue:customerId forKey:#"customer_id"];
request.HTTPBody = [self postDataFromDictionary:paymentInfo];
request.HTTPMethod = #"POST";
[NSURLConnection sendAsynchronousRequest:request
queue:[NSOperationQueue mainQueue]
completionHandler:^(NSURLResponse *response, NSData *body, NSError *requestError)
{
NSError *err = nil;
if (!response && requestError) {
NSLog(#"requestError: %#", requestError);
[self.paymentViewController showErrorWithTitle:#"Error" message:#"Unable to reach the network."];
return;
}
NSDictionary *responseDictionary = [NSJSONSerialization JSONObjectWithData:body options:kNilOptions error:&err];
NSLog(#"saveCardToServer: paymentInfo: %# response: %#, error: %#", paymentInfo, responseDictionary, requestError);
if ([[responseDictionary valueForKey:#"success"] isEqualToNumber:#1]) { // Success!
// Don't forget to call the cleanup method,
// `prepareForDismissal`, on your `BTPaymentViewController`
[self.paymentViewController prepareForDismissal];
// Now you can dismiss and tell the user everything worked.
[self dismissViewControllerAnimated:YES completion:^(void) {
[[[UIAlertView alloc] initWithTitle:#"Success" message:#"Saved your card!" delegate:nil
cancelButtonTitle:#"OK" otherButtonTitles:nil] show];
[[VTClient sharedVTClient] refresh];
}];
} else { // The card did not save correctly, so show the error from server with convenenience method `showErrorWithTitle`
[self.paymentViewController showErrorWithTitle:#"Error saving your card" message:[self messageStringFromResponse:responseDictionary]];
}
}];
}
I work at Braintree. If you've got more questions or need more help, please reach out to our support team.
The Braintree iOS SDK docs include a quickstart guide, as well as detailed information about the features of the library.
If you're looking for information specifically on how to make payments between users of your app / web site, you should take a look at the marketplace guide and the Venmo APIs.
I have three apps that upload files to Dropbox. Same code for all three. They all share the same folder so I've used same secret key etc
Heres where it gets weird
1. All was fine for few months
2. Now on apps 2 and 3 when the user tries to log in it opens the first app?
3. Logging out and in, no help, just says Theres a an error connecting to Dropbox and to try later
What ive tried
Creating seprate secret keys etc for all three apps rathe rthan sharing the same, still get the same behaviour?
Some research on this suggested that Dropbox has changed the way it links to users accounts through applications and remins linked even if you delete the app? Has anyone else got any experience with this?
Appdelegate
NSString* appKey = #"00000000000";
NSString* appSecret = #"0000000000";
NSString *root = kDBRootAppFolder;
DBSession* session =
[[DBSession alloc] initWithAppKey:appKey appSecret:appSecret root:root];
session.delegate = self; // DBSessionDelegate methods allow you to handle re-authenticating
[DBSession setSharedSession:session];
[DBRequest setNetworkRequestDelegate:self];
Button Handler in viewController
LogCmd();
self.publishButtonPressed = YES;
if (![[DBSession sharedSession] isLinked]) {
[self loginLogoutButtonPressed:nil];
} else {
DBRestClient *restClient = [[DBRestClient alloc] initWithSession:[DBSession sharedSession]];
restClient.delegate = self;
NSError *error = nil;
NSString *filePath = [ICUtils pathForDocument:self.fileName];
[self.pdfData writeToFile:filePath options:0 error:&error];
if (nil == error) {
[restClient uploadFile:self.fileName
toPath:#"/"
withParentRev:nil
fromPath:filePath];
} else {
[ICUtils raiseAlertWithTitle:#"An error occurred" message:[error localizedDescription]];
}
}
}
Note works ok on the simulator, problem is only present on device
That is because you are using the same key for multiple applications. The Dropbox app is communicating with your app through a custom URL scheme - to launch your app (because there is no other way to launch apps programmatically on iOS).
In other words, the Dropbox app tells the system to open "db-yoursecretkey://somemessage" which opens the registered app for that custom URL scheme. Unfortunately, all of your apps use the same custom scheme as they are all using the same key, so the system just picks one: most likely the first one.
However, you can grant your apps access to all folders in dropbox, thus effectively sharing folders. So it's not really necessary to have all three apps using the same key.
I followed this guide and I've created my app successfully with Facebook integration.
What's the problem?
When the user has to do the login, the app quits in the browser (or in Facebook app, if is installed)
How do I keep authentication entirely in-app?
The point of the oAuth login is that it doesn't happen within your application. It uses fast-app switching to perform the authentication in a trusted environment (either Safari or the Facebook application).
However, you can modify Facebook.m to do the authentication within your application, but you user's credentials will not be remembered. You can see that if your iOS device doesn't support multi-tasking, there is a backup login dialog.
Excerpt from Facebook.m (around line 160):
if ([device respondsToSelector:#selector(isMultitaskingSupported)] && [device isMultitaskingSupported]) {
if (tryFBAppAuth) {
NSString *scheme = kFBAppAuthURLScheme;
if (_localAppId) {
scheme = [scheme stringByAppendingString:#"2"];
}
NSString *urlPrefix = [NSString stringWithFormat:#"%#://%#", scheme, kFBAppAuthURLPath];
NSString *fbAppUrl = [FBRequest serializeURL:urlPrefix params:params];
didOpenOtherApp = [[UIApplication sharedApplication] openURL:[NSURL URLWithString:fbAppUrl]];
}
if (trySafariAuth && !didOpenOtherApp) {
NSString *nextUrl = [self getOwnBaseUrl];
[params setValue:nextUrl forKey:#"redirect_uri"];
NSString *fbAppUrl = [FBRequest serializeURL:loginDialogURL params:params];
didOpenOtherApp = [[UIApplication sharedApplication] openURL:[NSURL URLWithString:fbAppUrl]];
}
}
// If single sign-on failed, open an inline login dialog. This will require the user to
// enter his or her credentials
if (!didOpenOtherApp) {
[_loginDialog release];
_loginDialog = [[FBLoginDialog alloc] initWithURL:loginDialogURL
loginParams:params
delegate:self];
[_loginDialog show];
}
If you remove the first conditional and it's containing code and set didOpenOtherApp to NO, you can get the behavior you are looking for.
To disable this behavior modify Facebook.m line 275 and set both options to NO.
- (void)authorize:(NSArray *)permissions {
self.permissions = permissions;
// with both options NO, authorization always happens in-app
[self authorizeWithFBAppAuth:NO safariAuth:NO];
}