Classes

The following classes are available globally.

  • AuthService represents Authentication Tree in OpenAM to initiate authentication flow with OpenAM. Initiating AuthService returns one of following:

    • Result of expected type, if available
    • A Node object instance to continue on the authentication flow
    • An error, if occurred during the authentication flow

    Notes

    * Any Callback type returned from AM must be supported within CallbackFactory.shared.supportedCallbacks.
    * Any custom Callback must be implemented by inheriting Callback class, and be registered through CallbackFactory.shared.registerCallback(callbackType:callbackClass:).
    
    See more

    Declaration

    Swift

    @objc(FRAuthService)
    public class AuthService : NSObject
  • Node class is the core abstraction within an authentication tree. Trees are made up of nodes, which may modify the shared state and/or request input from the user via Callbacks. Node is also a representation of each step in the authentication flow, and keeps unique identifier and its state of the authentication flow. Node must be submitted to OpenAM to proceed or finish the authentication flow. Submitting the Node object returns one of following:

    • Result of expected type, if available
    • Another Node object instance to continue on the authentication flow
    • An error, if occurred during the authentication flow
    See more

    Declaration

    Swift

    @objc(FRNode)
    public class Node : NSObject
  • PolicyAdvice is a representation of Authorization Policy advice response from AM’s policy engine

    See more

    Declaration

    Swift

    @objc
    public class PolicyAdvice : NSObject
  • PolicyAdviceCreator helps create a Authorization PolicyAdvice based on different response types (xml, base64XML, json) that receive from AM’s policy engine

    See more

    Declaration

    Swift

    public class PolicyAdviceCreator
  • Callback that accepts user input often need to validate that input either on the client side, the server side or both. Such callback should extend this base class.

    See more

    Declaration

    Swift

    @objc(FRAbstractValidatedCallback)
    public class AbstractValidatedCallback : SingleValueCallback
  • FailedPolicy that describes reason, and additional information for user input validation failure

    See more

    Declaration

    Swift

    @objc(FRFailedPolicy)
    public class FailedPolicy : NSObject
  • Base implementation of a Callback for collection of a single identity object attribute from a user.

    See more

    Declaration

    Swift

    @objc(FRAttributeInputCallback)
    public class AttributeInputCallback : AbstractValidatedCallback
  • BooleanAttributeInputCallback is a representation of OpenAM’s BooleanAttributeInputCallback to collect single boolean value with OpenAM validation and given policies.

    See more

    Declaration

    Swift

    @objc(FRBooleanAttributeInputCallback)
    public class BooleanAttributeInputCallback : AttributeInputCallback
  • Callback class is base class, and is a representation of Callback implementation that OpenAM presents as par to of authentication flow. All Callback class must inherit from this class, and implement its own logic to handle interaction(s) with OpenAM.

    Important Note

    All inherited Callback class must implement and override following method as Callback is just a base class implementation due to Objective-C compatibility:

    • init method that parses raw JSON response, and assign any value accordingly to its properties
    • buildResponse() method that prepares, and builds request JSON payload for this specific Callback
    See more

    Declaration

    Swift

    @objc(FRCallback)
    open class Callback : NSObject
  • CallbackFactory is a representation of class responsible for managing and maintaining supported OpenAM callback in FRAuth SDK.

    Notes

    * Any Callback type returned from OpenAM **must** be supported within CallbackFactory.shared.supportedCallbacks.
    * Any custom Callback must be implemented custom Callback class, and be registered through CallbackFactory.shared.registerCallback(callbackType:callbackClass:).
    * FRAuth SDK currently supports following Callback types:
        1. NameCallback
        2. PasswordCallback
        3. ChoiceCallback
        4. ValidatedCreateUsernameCallback
        5. ValidatedCreatePasswordCallback
        6. StringAttributeInputCallback
        7. TermsAndConditionsCallback
        8. KbaCreateCallback
        9. PollingWaitCallback
        10. ConfirmationCallback
        11. TextOutputCallback
        12. ReCaptchaCallback
        13. MetadataCallback
        14. DeviceProfileCallback
        15. BooleanAttributeInputCallback
        16. NumberAttributeInputCallback
        17. SuspendedTextOutputCallback
        18. WebAuthnRegistrationCallback
        19. WebAuthnAuthenticationCallback
        20. IdPCallback
        21. SelectIdPCallback
        22. FRAppIntegrityCallback
        23. TextInputCallback
    
    See more

    Declaration

    Swift

    @objc(FRCallbackFactory)
    public class CallbackFactory : NSObject
  • ChoiceCallback is a representation of OpenAM’s ChoiceCallback to collect single user input from available choices, and with predefined default choice, and to retrieve selected choice from user interaction.

    See more

    Declaration

    Swift

    @objc(FRChoiceCallback)
    public class ChoiceCallback : SingleValueCallback
  • ConfirmationCallback is a representation of ConfirmationCallback in OpenAM to ask user for YES/NO, OK/CANCEL, YES/NO/CANCEL or other similar confirmations.

    See more

    Declaration

    Swift

    @objc(FRConfirmationCallback)
    public class ConfirmationCallback : Callback
  • DeviceProfileCallback is a callback class that collects Device Information using DeviceCollector(s) in FRAuth SDK.

    See more

    Declaration

    Swift

    @objc
    public class DeviceProfileCallback : HiddenValueCallback, ActionCallback
  • Declaration

    Swift

    public class FRAppIntegrityCallback : MultipleValuesCallback
  • Declaration

    Swift

    public class HiddenValueCallback : SingleValueCallback
  • IdPCallback is a representation of Social Provider Handler Node in AM when Client Type option specified as NATIVE (only available in AM 7.1 and above)

    See more

    Declaration

    Swift

    public class IdPCallback : MultipleValuesCallback
  • KbaCreateCallback is a representation of OpenAM’s KbaCreateCallback which is responsible to define, and create Knowledge Based Authentication question and answer for a user.

    See more

    Declaration

    Swift

    @objc(FRKbaCreateCallback)
    public class KbaCreateCallback : MultipleValuesCallback
  • Declaration

    Swift

    open class MetadataCallback : Callback, DerivableCallback
  • MultipleValuesCallback is a base Callback implementation that has one or more user input values. Any Callback that accepts multiple values from user interaction without OpenAM’s validation with policies may inherit from this class.

    See more

    Declaration

    Swift

    @objc(FRMultipleValuesCallback)
    open class MultipleValuesCallback : Callback
  • NameCallback is a representation of OpenAM’s NameCallback to collect single user input; NameCallback is typically used to collect Username for the authentication flow.

    Declaration

    Swift

    @objc(FRNameCallback)
    public class NameCallback : SingleValueCallback
  • NumberAttributeInputCallback is a representation of OpenAM’s NumberAttributeInputCallback to collect double value with OpenAM validation and given policies.

    See more

    Declaration

    Swift

    @objc(FRNumberAttributeInputCallback)
    public class NumberAttributeInputCallback : AttributeInputCallback
  • PasswordCallback is a representation of OpenAM’s PasswordCallback to collect single user input; PasswordCallback is typically used to collect user or OTP credentials for the authentication flow.

    Declaration

    Swift

    @objc(FRPasswordCallback)
    public class PasswordCallback : SingleValueCallback
  • PollingWaitCallback is a representation of a PollingWaitCallback Callback Object in OpenAM which instructs an application to wait for the given period and resubmit the request.

    See more

    Declaration

    Swift

    @objc(FRPollingWaitCallback)
    public class PollingWaitCallback : Callback
  • Parent Callback used by Ping One Protect callbacks

    See more

    Declaration

    Swift

    open class ProtectCallback : MultipleValuesCallback, NodeAware
  • ReCaptchaCallback is a representation of ReCaptchaCallback Callback in OpenAM which provides ReCaptcha credentials to process ReCaptcha in native application.

    See more

    Declaration

    Swift

    @objc(FRReCaptchaCallback)
    public class ReCaptchaCallback : Callback
  • SelectIdPCallback is a representation of AM’s Select Identity Provider Node to select a specific Identity Provider from given options (local authentication, or list of social login providers)

    See more

    Declaration

    Swift

    public class SelectIdPCallback : SingleValueCallback
  • SingleValueCallback is a base Callback implementation that has single user input value. Any Callback that accepts single value from user interaction without OpenAM’s validation with policies may inherit from this class.

    See more

    Declaration

    Swift

    @objc(FRSingleValueCallback)
    open class SingleValueCallback : Callback
  • StringAttributeInputCallback is a representation of OpenAM’s StringAttributeInputCallback to collect single value of string user attribute with OpenAM validation with given policies.

    See more

    Declaration

    Swift

    @objc(FRStringAttributeInputCallback)
    public class StringAttributeInputCallback : AttributeInputCallback
  • SuspendedTextOutputCallback is a representation of AM’s SuspendedTextOutputCallback to notify user that the authentication flow is suspended and can be resumed with Resume URI sent to user’s email.

    Declaration

    Swift

    public class SuspendedTextOutputCallback : TextOutputCallback
  • TermsAndConditionsCallback is a callback to collect a user’s acceptance of the configured Terms & Conditions.

    See more

    Declaration

    Swift

    @objc(FRTermsAndConditionsCallback)
    public class TermsAndConditionsCallback : SingleValueCallback
  • TextInputCallback is a representation of OpenAM’s TextInputCallback to collect single user input; It is typically used to collect any text input for the authentication flow.

    See more

    Declaration

    Swift

    @objc(FRTextInputCallback)
    public class TextInputCallback : SingleValueCallback
  • TextOutputCallback is a representation of TextOutputCallback Callback in OpenAM which provides a message to be displayed to a user with given message type.

    See more

    Declaration

    Swift

    @objc(FRTextOutputCallback)
    public class TextOutputCallback : Callback
  • ValidatedCreatePasswordCallback is a representation of OpenAM’s ValidatedCreatePasswordCallback to collect single value of Password with OpenAM validation with given policies.

    See more

    Declaration

    Swift

    @objc(FRValidatedCreatePasswordCallback)
    public class ValidatedCreatePasswordCallback : AbstractValidatedCallback
  • ValidatedCreateUsernameCallback is a representation of OpenAM’s ValidatedCreateUsernameCallback to collect single value of Username with OpenAM validation with given policies.

    Declaration

    Swift

    @objc(FRValidatedCreateUsernameCallback)
    public class ValidatedCreateUsernameCallback : AbstractValidatedCallback
  • WebAuthnAuthenticationCallback is a representation of AM’s WebAuthn Authentication Node to generate WebAuthn assertion based on given credentials, and optionally set the WebAuthn outcome value in Node‘s designated HiddenValueCallback

    See more

    Declaration

    Swift

    open class WebAuthnAuthenticationCallback : WebAuthnCallback
    extension WebAuthnAuthenticationCallback: PlatformAuthenticatorAuthenticationDelegate
    extension WebAuthnAuthenticationCallback: FRWebAuthnManagerDelegate
  • WebAuthnCallback represents AM’s WebAuthn MetadataCallback, and is a parent class of WebAuthnRegistrationCallback and WebAuthnAuthenticationCallback

    Declaration

    Swift

    open class WebAuthnCallback : MetadataCallback
  • WebAuthnRegistrationCallback is a representation of AM’s WebAuthn Registration Node to generate WebAuthn attestation based on given credentials, and optionally set the WebAuthn outcome value in Node‘s designated HiddenValueCallback

    See more

    Declaration

    Swift

    open class WebAuthnRegistrationCallback : WebAuthnCallback
    extension WebAuthnRegistrationCallback: PlatformAuthenticatorRegistrationDelegate
    extension WebAuthnRegistrationCallback: FRWebAuthnManagerDelegate
  • FROptions represents a configuration object for the SDK. It can be used for passing configuration options in the FRAuth.start() method.

    See more

    Declaration

    Swift

    @objc
    open class FROptions : NSObject, Codable
  • OAuth2 client object represents OAuth2 client, and provides methods related to OAuth2 protocol

    See more

    Declaration

    Swift

    @objc(FROAuth2Client)
    public class OAuth2Client : NSObject, Codable
  • Configuration object represents OpenAM, or FRaaS environment information

    Declaration

    Swift

    @objc(FRServerConfig)
    public class ServerConfig : NSObject, Codable
  • Declaration

    Swift

    @objc(FRServerConfigBuilder)
    public class ServerConfigBuilder : NSObject
  • BrowserCollector is responsible for collecting browser information of the device.

    See more

    Declaration

    Swift

    public class BrowserCollector : DeviceCollector
  • FRDevice represents a device locally managed, and persisted in FRAuth SDK

    See more

    Declaration

    Swift

    @objc
    public class FRDevice : NSObject
  • FRDeviceCollector class manages, and collects Device related information with given DeviceCollector objects and returns JSON result of all Device Collectors

    See more

    Declaration

    Swift

    @objc
    public class FRDeviceCollector : NSObject
  • HardwareCollector is responsible for collecting hardware information of the device using ProcessInfo.

    See more

    Declaration

    Swift

    public class HardwareCollector : DeviceCollector
  • NetworkCollector is responsible for collecting network information of the device using FRAuth.NetworkReachabilityMonitor.

    See more

    Declaration

    Swift

    public class NetworkCollector : DeviceCollector
  • PlatformCollector is responsible for collecting platform information of the device using UIDevice, and system information.

    See more

    Declaration

    Swift

    public class PlatformCollector : DeviceCollector
  • Declaration

    Swift

    public class ProfileCollector : DeviceCollector
  • TelephonyCollector is responsible for collecting telephony information of the device using CTCarrier.

    See more

    Declaration

    Swift

    public class TelephonyCollector : DeviceCollector
  • FRAuth is an abstraction of authentication and/or registration with OpenAM through FRAuth SDK.

    Note

    • In order to use abstraction layer of FRAuth SDK, you must initiate SDK using FRAuth.start(). Upon completion of SDK initialization, object models (FRDevice and/or FRUser) become available.
    • For SDK initialization, you must have proper configuration file as in .plist; default .plist that FRAuth SDK looks for is ‘FRAuthConfig.plist’, and the config file name can be changed through FRAuth.configPlistFileName property, or create an FROptions object and pass it in the FRAuth.start(options: FROptions? = nil) “options” parameter.
    See more

    Declaration

    Swift

    @objc
    public final class FRAuth : NSObject
  • FRLog is a class responsible for Logging functionalities of FRAuth SDK. FRLog can also be used in the application layer which then be displayed through FRAuth SDK, and through OSLog with FRAuth SDK’s system label and LogLevel.

    Note

    By default, FRLog uses OSLog to display the log entry in the debug console, and in the log system of iOS; however, when OS_ACTIVITY_MODE is disabled in the environment variable, FRLog then uses default system print() method to display the log entry in the console only.

    See more

    Declaration

    Swift

    @objc
    public class FRLog : NSObject
  • FRRequestInterceptorRegistry is a wrapper of FRCore.RequestInterceptorRegistry and is responsible to maintain, and manage an array of RequestInterceptor for FRCore’s network layer

    Declaration

    Swift

    public class FRRequestInterceptorRegistry : RequestInterceptorRegistry
  • FRRestclient is FRCore’s RestClient wrapper with additional functionalities for Cookie management

    See more

    Declaration

    Swift

    @objc
    public class FRRestClient : NSObject
  • Declaration

    Swift

    @objc
    open class FRURLProtocol : URLProtocol
    extension FRURLProtocol: URLSessionDataDelegate
  • AccessToken class represents access_token data inheriting from Token class

    See more

    Declaration

    Swift

    @objc
    public class AccessToken : Token
  • Token class represents any token object type

    See more

    Declaration

    Swift

    @objc
    public class Token : NSObject, Encodable, NSSecureCoding
  • AuthorizationPolicy is mainly responsible to handle Authorization Policy process in AM. AuthorizationPolicy evaluates responses of each request, try to recognize Authorization Policy process as much as possible, and also delegates to the application layer to determine whether or not the response is Authorization Process or not.

    AuthorizationPolicy proceeds following major steps:

       1. Upon receiving request response, or redirected request, it invokes `AuthorizationPolicy.evaluateAuthorizationPolicy` to evaluate whether or not the response is required for Authorization process. If the response is automatically recognizable by SDK (IG redirect, or response payload containing `Advice` json structure, SDK automatically parses the response into `PolicyAdvice`.
       2. If `PolicyAdvice` is found, it invokes `AuthorizationPolicyDelegate.onPolicyAdviseReceived` for the application layer to perform authorization process with given `PolicyAdvice`. The application layer should use `FRSession.authenticate` with `PolicyAdvice` to walk through authentication tree, and notify SDK with `completion` callback with the result of the authorization process.
       3. If the authorization process was successful, it invokes `AuthorizationPolicyDelegate.updateRequest` to decorate the new request with transactionId (if found). If `AuthorizationPolicyDelegate.updateRequest` is not implemented, SDK automatically injects `_txId` in URL query parameter to the original request, and retry the request with updated one. If `transactionId` is not found, then retry with the original request.
    

    Note AuthorizationPolicyDelegate only enforces its policy for given URLs. If given URLRequest does not match any of given URLs, then it proceeds as it is.

    Usage

     // Step 1 - Register FRURLProtocol
     URLProtocol.registerClass(FRURLProtocol.self)
    
     // Step 2 - Initialize AuthorizationPolicy object
     let authorizationPolicy = AuthorizationPolicy(validatingURL: [URL, URL,...], delegate: self)
    
     // Step 3 - Implement delegate method if needed; `AuthorizationPolicyDelegate.onPolicyAdviseReceived` is mandatory whereas others are optional
    
     // Step 4 - Assign AuthorizationPolicy in FRURLProtocol
     FRURLProtocol.authorizationPolicy = authorizationPolicy
    
     // Step 5 - Configure URLProtocol in the application's URLSessionConfiguration
     let config = URLSessionConfiguration.default
     config.protocolClasses = [FRURLProtocol.self]
     let urlSession = URLSession(configuration: config)
    
    See more

    Declaration

    Swift

    @objc
    public class AuthorizationPolicy : NSObject
  • TokenManagementPolicy is mainly responsible to determine to inject OAuth2 authorization header in the request, and whether or not response of the request is OAuth2 token validation failure, so that SDK should renew OAuth2 token, and retry request with updated OAuth2 token
    
    TokenManagementPolicy performs two major responsibilities:
    
        1. Automatically injects `Authorization` header in the request with currently authenticated `FRUser.currentUser.token` value; if no currently authenticated user session is found, then it continues with the original request
        2. Upon receiving request response, it invokes `TokenManagementPolicyDelegate.evaluateTokenRefresh` to evaluate whether or not the response is due to OAuth2 token validation failure (i.e. token expired). The application layer can determine if the response is required to renew OAuth2 token set, and return `true` in the delegation method which then enforce SDK to renew OAuth2 token set with `refresh_token`, and/or `SSOToken`, and retry the original request with updated OAuth2 token set. If OAuth2 token renewal fails, or same response is returned after renewing OAuth2 tokens, SDK terminates the request, and returns the failure response.
    
    **Note** TokenManagementPolicy only enforces its policy for given URLs. If given URLRequest does not match any of given URLs, then it proceeds as it is.
    

    Usage

     // Step 1 - Register FRURLProtocol
     URLProtocol.registerClass(FRURLProtocol.self)
    
     // Step 2 - Initialize TokenManagementPolicy object
     let tokenManagementPolicy = TokenManagementPolicy(validatingURL: [URL, URL,...], delegate: self)
    
     // Step 3 - Implement delegate method if needed
    
     // Step 4 - Assign TokenManagementPolicy in FRURLProtocol
     FRURLProtocol.tokenManagementPolicy = tokenManagementPolicy
    
     // Step 5 - Configure URLProtocol in the application's URLSessionConfiguration
     let config = URLSessionConfiguration.default
     config.protocolClasses = [FRURLProtocol.self]
     let urlSession = URLSession(configuration: config)
    
    See more

    Declaration

    Swift

    @objc(FRTokenManagementPolicy)
    public class TokenManagementPolicy : NSObject
  • FRSession represents a session authenticated by AM’s Authentication Tree

    See more

    Declaration

    Swift

    @objc
    public class FRSession : NSObject
  • AppleSignInHandler is responsible to perform authorization/signing-in a user using Apple ID, and AuthenticationServices framework; Sign-in With Apple is only available for iOS 13 and above.

    See more

    Declaration

    Swift

    public class AppleSignInHandler : NSObject, IdPHandler
    extension AppleSignInHandler: ASAuthorizationControllerDelegate
    extension AppleSignInHandler: ASAuthorizationControllerPresentationContextProviding
  • Address class is a representation of a user’s Address data according to OAuth2 and OIDC spec. Address is retrieved using /userinfo endpoint and is part of UserInfo object.

    See more

    Declaration

    Swift

    @objc(FRUserInfoAddress)
    public class Address : NSObject, NSSecureCoding
  • Browser is a representation of external user-agent (using Authentication Service, Native Browser Application, or SFSafariViewController)

    See more

    Declaration

    Swift

    @objc(FRBrowser)
    public class Browser : NSObject
    extension Browser: SFSafariViewControllerDelegate
    extension Browser: ASWebAuthenticationPresentationContextProviding

BrowserBuilder

  • BrowserBuilder is a builder class for progressive construction of Browser object.

    See more

    Declaration

    Swift

    @objc(FRBrowserBuilder)
    public class BrowserBuilder : NSObject
  • FRUser represents authenticated user session as FRUser object

    See more

    Declaration

    Swift

    @objc
    public class FRUser : NSObject, NSSecureCoding
  • UserInfo class is a representation of a user’s UserInfo data according to OAuth2 and OIDC spec. UserInfo is retrieved using /userinfo endpoint.

    See more

    Declaration

    Swift

    @objc(FRUserInfo)
    public class UserInfo : NSObject, NSSecureCoding
  • FRWebAuthn is a utility class providing helper methods for listing and deleting WebAuthn keys stored on the device. The provided static methods are: public static func deleteCredentials(by rpId: String) public static func loadAllCredentials(by rpId: String) -> [PublicKeyCredentialSource] public static func deleteCredential(with publicKeyCredentialSource: PublicKeyCredentialSource) public static func deleteCredential(with publicKeyCredentialSource: PublicKeyCredentialSource, forceDelete: Bool)

    See more

    Declaration

    Swift

    public class FRWebAuthn : NSObject
  • FRWebAuthnManager is a class handling WebAuthn Registation and Authentication using Apple’s ASAuthorization libraries. Used by the SDK, it is called by the WebAuthnRegistration and WebAuthnAuthenticaton callbacks and sets the outcome in the HiddenValueCallback. This comes with the FRWebAuthnManagerDelegate that offers callbacks in the calling class for Success, Error and Cancel scenarios.

    See more

    Declaration

    Swift

    @available(iOS 16, *)
    @MainActor
    public class FRWebAuthnManager : NSObject, ASAuthorizationControllerPresentationContextProviding, ASAuthorizationControllerDelegate