Short version of my question: I have a Flutter mobile app that uses AWS Amplify to handle user
sign-up and log-in. Now I need to add push notification capability (with AWS SNS, APN etc.)
to the app, and in particular I need to let the app itself to create the platform endpoint.
So now I have to call the CreatePlatformEndpoint function in an Amplify Flutter
mobile app, and I don't know how to do it correctly. Any idea?
Here's what I've done so far: Firstly, I configured AWS Cognito and added Amplify
to my app so that the user can sign up and log in. The relevant code looks something
like the following:
// Sign Up
var userAttributes = {
CognitoUserAttributeKey.email: email,
};
await Amplify.Auth.signUp(
username: email,
password: password,
options: CognitoSignUpOptions(
userAttributes: userAttributes,
),
);
// Log In
var res = await Amplify.Auth.signIn(
username: email,
password: password,
);
if (res.isSignedIn) {
....
} else {
....
}
This part is successful and the code works all right.
Secondly, I configured APN, AWS SNS, and the iOS module of the app, then modified
AppDelegate to something like the following:
override func application(
_ application: UIApplication,
didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?
) -> Bool {
GeneratedPluginRegistrant.register(with: self)
registerForNotifications()
return super.application(application, didFinishLaunchingWithOptions: launchOptions)
}
private func registerForNotifications() {
UNUserNotificationCenter.current().delegate = self
UNUserNotificationCenter.current().requestAuthorization(options: [.alert, .sound, .badge]) { [weak self] granted, _ in
guard granted else { return }
self?.getNotificationSettings()
}
}
private func getNotificationSettings() {
UNUserNotificationCenter.current().getNotificationSettings { settings in
guard settings.authorizationStatus == .authorized else { return }
DispatchQueue.main.async {
UIApplication.shared.registerForRemoteNotifications()
}
}
}
override func application(
_ application: UIApplication,
didRegisterForRemoteNotificationsWithDeviceToken tokenData: Data
) {
let token = tokenData.map { String(format: "%02.2hhx", $0) }.joined()
print("token: \(token)")
}
override func userNotificationCenter(
_ center: UNUserNotificationCenter,
willPresent notification: UNNotification,
withCompletionHandler completionHandler: #escaping (UNNotificationPresentationOptions) -> Void
) {
completionHandler([.badge, .sound, .alert])
}
This part is also successful. The iPhone can obtain and print the device token,
and when I manually create the endpoint in AWS Management Console and send a notification
from there, the iPhone can receive and show the notification.
Finally, I tried to let the app automatically create the endpoint in SNS when it got
the device token. I referenced this article, and managed to modify the
didRegisterForRemoteNotificationsWithDeviceToken method to the following:
override func application(
_ application: UIApplication,
didRegisterForRemoteNotificationsWithDeviceToken tokenData: Data
) {
let token = tokenData.map { String(format: "%02.2hhx", $0) }.joined()
print("token: \(token)")
let credentialsProvider = AWSCognitoCredentialsProvider(regionType: ......, identityPoolId: ".........")
let configuration = AWSServiceConfiguration(region: ......, credentialsProvider: credentialsProvider)
AWSServiceManager.default().defaultServiceConfiguration = configuration
let appArn = "arn:aws:sns:........"
let platformEndpointRequest = AWSSNSCreatePlatformEndpointInput()!
platformEndpointRequest.customUserData = "........."
platformEndpointRequest.token = token
platformEndpointRequest.platformApplicationArn = appArn
let sns = AWSSNS.default()
sns.createPlatformEndpoint(platformEndpointRequest) { response, error in
....
}
}
This part is only partially successful. The endpoint is indeed created in SNS,
and I can verify this in AWS Management Console. But there are serious problems:
the user is logged out after the above code is executed
when the user tries to log back in, the app crashes with an "unexpectedly found nil" exception
Here's the crash log:
AWSMobileClient/AWSMobileClient+SignIn.swift:66: Fatal error: Unexpectedly found nil while unwrapping an Optional value
AWSMobileClient/AWSMobileClient+SignIn.swift:66: Fatal error: Unexpectedly found nil while unwrapping an Optional value
* thread #4, queue = 'NSOperationQueue 0x107d22800 (QOS: UNSPECIFIED)', stop reason = Fatal error: Unexpectedly found nil while unwrapping an Optional value
frame #0: 0x000000019b861060 libswiftCore.dylib`_swift_runtime_on_report
libswiftCore.dylib`_swift_runtime_on_report:
-> 0x19b861060 : ret
libswiftCore.dylib`_swift_reportToDebugger:
0x19b861064 : b 0x19b861060 ; _swift_runtime_on_report
libswiftCore.dylib`_swift_shouldReportFatalErrorsToDebugger:
0x19b861068 : adrp x8, 324077
0x19b86106c : ldrb w0, [x8, #0x611]
Target 0: (Runner) stopped.
I think maybe the defaultServiceConfiguration = configuration thing conflicts
with Amplify, so I try removing that part and modify the code to:
override func application(
_ application: UIApplication,
didRegisterForRemoteNotificationsWithDeviceToken tokenData: Data
) {
let token = tokenData.map { String(format: "%02.2hhx", $0) }.joined()
print("token: \(token)")
let appArn = "arn:aws:sns:........"
let platformEndpointRequest = AWSSNSCreatePlatformEndpointInput()!
platformEndpointRequest.customUserData = "........."
platformEndpointRequest.token = token
platformEndpointRequest.platformApplicationArn = appArn
let sns = AWSSNS.default()
sns.createPlatformEndpoint(platformEndpointRequest) { response, error in
....
}
}
but then the code crashes at the createPlatformEndpoint call, and here's the crash log:
*** Terminating app due to uncaught exception 'NSInternalInconsistencyException', reason: 'The service configuration is `nil`. You need to configure `awsconfiguration.json`, `Info.plist` or set `defaultServiceConfiguration` before using this method.'
*** First throw call stack:
(0x197c1f128 0x1ab932480 0x102d7fcf4 0x197857298 0x1977faf90 0x102d7fb5c 0x102c875a0 0x102c86e4c 0x102c872c0 0x19a4d8c34 0x1978562b0 0x197857298 0x197805ce4 0x197b9e170 0x197b985d0 0x197b976a8 0x1ae247570 0x19a4b5370 0x19a4ba8ec 0x102c88400 0x197876140)
libc++abi: terminating with uncaught exception of type NSException
* thread #1, queue = 'com.apple.main-thread', stop reason = signal SIGABRT
frame #0: 0x00000001c38b47b0 libsystem_kernel.dylib`__pthread_kill + 8
libsystem_kernel.dylib`__pthread_kill:
-> 0x1c38b47b0 : b.lo 0x1c38b47cc ;
0x1c38b47b4 : stp x29, x30, [sp, #-0x10]!
0x1c38b47b8 : mov x29, sp
0x1c38b47bc : bl 0x1c38911fc ; cerror_nocancel
Target 0: (Runner) stopped.
So what should I do? What's the correct way to create an endpoint in an Amplify Flutter app?
OK, I'll answer my own question. I asked the Amplify-Flutter people and learned that there was currently no way to do what I want. I was advised to create a feature request ticket in their repository. I decided to turn to another approach, i.e. creating a Lambda that did the job on the backend, and it worked fine.
Related
im stuck in how to ending all the last call before report a new incoming call, my function work for 2 call, it mean i can end the first call before report new call
But the problem is after next report, the end call function throw error
Here is my code:
// Handle incoming pushes
func pushRegistry(_ registry: PKPushRegistry, didReceiveIncomingPushWith payload: PKPushPayload, for type: PKPushType, completion: #escaping () -> Void) {
// print("Handle incoming pushes: \(payload.dictionaryPayload)")
endCall(thenReportNewCallForUuid: UUID.init())
}
func reportNewCall(uuid : UUID){
let config = CXProviderConfiguration(localizedName: "CallKitExample")
config.includesCallsInRecents = true
config.supportsVideo = true
config.supportedHandleTypes = [.generic]
config.iconTemplateImageData = UIImage(named: "logo_square")!.pngData()
config.maximumCallGroups = 1
config.maximumCallsPerCallGroup = 1
let provider = CXProvider(configuration: config)
provider.setDelegate(self, queue: nil)
let update = CXCallUpdate()
update.supportsHolding = false
update.supportsGrouping = false
update.supportsUngrouping = false
update.remoteHandle = CXHandle(type: .generic, value: uuid.uuidString)
update.hasVideo = true
provider.reportNewIncomingCall(with: uuid, update: update, completion: { error in
print("reportNewIncomingCall \(uuid) error: \(error)")
UserDefaults.standard.set(uuid.uuidString, forKey: "CallUUID")
UserDefaults.standard.synchronize()
})
}
func endCall(thenReportNewCallForUuid : UUID) {
guard let lastCallUUIDString = UserDefaults.standard.string(forKey: "CallUUID"), !lastCallUUIDString.isEmpty else{
return
}
print("end uuid: \(lastCallUUIDString)")
let call = UUID.init(uuidString: lastCallUUIDString)!
let controller = CXCallController()
let endTransaction = CXEndCallAction(call: call)
let transaction = CXTransaction(action: endTransaction)
controller.request(transaction, completion: { error in
if let error = error {
print("endcall Error: \(error)")
self.reportNewCall(uuid: thenReportNewCallForUuid)
} else {
print("endcall Success")
self.reportNewCall(uuid: thenReportNewCallForUuid)
}
})
}
Here is log + error i got
end uuid: CB91CCC6-7FCD-49D3-BE93-7A6581295B57
endcall Error: Error Domain=com.apple.CallKit.error.requesttransaction Code=2 "(null)"
-> OK first time endcall error because no call
reportNewIncomingCall 202DB031-23AE-46B6-91E9-3FBA708E07A7 error: nil
end uuid: 202DB031-23AE-46B6-91E9-3FBA708E07A7
endcall Success -> Matched call to end -> success
reportNewIncomingCall C45FEC0B-1320-4357-ADEF-7B7CA28D96C8 error: nil
end uuid: C45FEC0B-1320-4357-ADEF-7B7CA28D96C8
endcall Error: Error Domain=com.apple.CallKit.error.requesttransaction Code=4 "(null)"
-> Matched call to end -> FAILED
reportNewIncomingCall CBDBA75A-B263-49E5-9138-8D5CCA28ED9E error: nil
Some one who mark duplicate please show the right answer? Thanks
Does someone facing same problem? Please help
I see at least a couple of issues in your code. But, before that, why are you ending the ongoing call whenever you receive a new incoming call? I'm just curious, because it doesn't seem to be a great user experience.
Anyway, the issues I've found are the following:
At every new incoming call you instantiate a new CXProvider. As stated in the documentation:
A VoIP app should create only one instance of CXProvider and store it for use globally.
You don't invoke the completion handler of the pushRegistry(_:didReceiveIncomingPushWith:type:completion) method. You should invoke it inside the completion handler of the reportNewIncomingCall(with:update:completion:) method.
I think that the errors you're facing are caused by the CXProvider issue. But if you don't fix also the second issue you could incur in another problem: the system will suppose that you haven't reported a new incoming call and so, after a few calls, it will stop to send you new VoIP pushes (this limitation was first introduced in iOS 13).
i've had the same issue and fixed it by moving the instantiation of CXProvider, CXProfiderConfiguration and CXCallController outside of pushRegistry function and inside didFinishLaunchingWithOptions part of AppDelegate, something like this:
private func voipRegistration() {
// Create a push registry object
let mainQueue = DispatchQueue.main
let voipRegistry: PKPushRegistry = PKPushRegistry(queue: mainQueue)
voipRegistry.delegate = self
voipRegistry.desiredPushTypes = [PKPushType.voIP]
config.iconTemplateImageData = #imageLiteral(resourceName: "cometchat_white").pngData()
config.includesCallsInRecents = false
config.ringtoneSound = "ringtone.caf"
config.supportsVideo = false
provider = CXProvider.init(configuration: config)
provider!.setDelegate(self, queue: nil)
}
You have to have a single instance of CXProvider.
I am using ASWebAuthentication and SFAuthenticationto authenticate on a OAuth2 server with grant_type : authorization_code.
Everything work perfect except of:
user login successfully
Logout by revoking access token and refresh token with status code :200
Tested that the revocation works <------
User press login again and opens ASWebAuthentication or SFAuthentication according the iOS version and just goes directly in the app like the session is validating that the tokens are valid somehow.
On iOS 13 ASWebAuthentication provides prefersEphemeralWebBrowserSession = true which solves the issue but for iOS 11/12 it looks like it is nothing I can do (except that the issue is probably on BackEnd)
When I am logging in I am passing the parameters prompt:login but still it doesn't help.
Questions
Is there something that I can do to invalidate the session on ASWebAuthentication and SFAuthentication on iOS 11/12 similar to iOS 13 prefersEphemeralWebBrowserSession? (I haven't found something on the documentation. Apple doesn't allow anything)
Is this an issue that can be solved on frontend (iOS) or it is a backend issue?
Thank you
Providing the code just for documentation
print("Auth-Login : Process: Authenticate user")
let state = String().createState(length: 4)
let codeVerifier = String().createCodeVerifier()
let codeChallenge = codeVerifier.pkceEncode.base64UriEncode
let parameters = ["state=\(state)", "code_challenge=\(codeChallenge)"]
let url = createUrl(parameters: parameters)
guard let authURL = url else { return }
DispatchQueue.main.async {
self.delegate?.removeLoader()
if #available(iOS 12.0, *) {
print("Auth-Login : Process: Run ASWebAuthenticationSession")
self.webAuthSession = ASWebAuthenticationSession(url: authURL, callbackURLScheme: "no.bilkollektivet.app") { (callbackUrl, error) in
print(callbackUrl)
if let error = error {
completionHandler(nil, nil, error)
} else {
let result = self.getCodeFromCallbackUrl(url: callbackUrl, state: state)
completionHandler(result.code, codeVerifier, result.error)
}
}
if #available(iOS 13.0, *) {
self.webAuthSession.presentationContextProvider = self
self.webAuthSession.prefersEphemeralWebBrowserSession = true
}
self.webAuthSession.start()
} else {
print("Auth-Login : Process: Run SFAuthenticationSession")
self.sfAuthSession = SFAuthenticationSession(url: authURL, callbackURLScheme: "no.bilkollektivet.app") { (callbackUrl, error) in
if let error = error {
completionHandler(nil, nil, error)
} else {
let result = self.getCodeFromCallbackUrl(url: callbackUrl, state: state)
completionHandler(result.code, codeVerifier, result.error)
}
}
self.sfAuthSession.start()
}
}
There are some similar question however none of those solve my problem.
Using Xcode 11.1
MacOS Cataline 10.15
I clone this "active-directory-b2c-ios-swift-native-msal" and try to run getting Error "Could not acquire token: Error Domain=MSALErrorDomain Code=-50000 "(null)" UserInfo={MSALErrorDescriptionKey=Failed to start an interactive session, MSALInternalErrorCodeKey=-42008, MSALCorrelationIDKey=C9207A45-6A7D-416B-90E4-93E08F28A637}"
After changing B2C details same issue getting .
Please let me know what is issue, Is this issue for Xcode/OS/MSAL version or some issue with Code??
I tried with default configuration mention in git repo "active-directory-b2c-ios-swift-native-msal" and also tried after below changed let kTenantName = "dovervsg.onmicrosoft.com" // Your tenant name
let kClientID = "xxxxxxxxxxxxxxxxxxxxxxx" // Your client ID from the portal when you created your application
let kSignupOrSigninPolicy = "B2C_1-policy" // Your signup and sign-in policy you created in the portal
let kEditProfilePolicy = "b2c_1_edit_profile" // Your edit policy you created in the portal
let kResetPasswordPolicy = "B2C_1_reset_password" // Your reset password policy you created in the portal
let kGraphURI = "https://dev-vsg.dovertech.co.in" // This is your backend API that you've configured to accept your app's tokens
let kScopes: [String] = ["https://dovervsg.onmicrosoft.com/User.Read"] // This is a scope that you've configured your backend API to look for.
// tried with this scope format as well, let kScopes: [String] = ["https://dovervsg.onmicrosoft.com/api/User.Read"] // This is a scope that you've configured your backend API to look for.
let kTenantName = "dovervsg.onmicrosoft.com" // Your tenant name
let kClientID = "xxxxxxxxxxxxxxxxxxxxxxx" // Your client ID from the portal when you created your application
let kSignupOrSigninPolicy = "B2C_1-policy" // Your signup and sign-in policy you created in the portal
let kEditProfilePolicy = "b2c_1_edit_profile" // Your edit policy you created in the portal
let kResetPasswordPolicy = "B2C_1_reset_password" // Your reset password policy you created in the portal
let kGraphURI = "https://dev-vsg.dovertech.co.in" // This is your backend API that you've configured to accept your app's tokens
let kScopes: [String] = ["https://dovervsg.onmicrosoft.com/User.Read"] // This is a scope that you've configured your backend API to look for.
// tried with this scope format as well, let kScopes: [String] = ["https://dovervsg.onmicrosoft.com/api/User.Read"] // This is a scope that you've configured your backend API to look for
// DO NOT CHANGE - This is the format of OIDC Token and Authorization endpoints for Azure AD B2C.
let kEndpoint = "https://login.microsoftonline.com/tfp/%#/%#"
var application: MSALPublicClientApplication!
var accessToken: String?
#IBOutlet weak var loggingText: UITextView!
#IBOutlet weak var signoutButton: UIButton!
#IBOutlet weak var callGraphApiButton: UIButton!
#IBOutlet weak var editProfileButton: UIButton!
#IBOutlet weak var refreshTokenButton: UIButton!
override func viewDidAppear(_ animated: Bool) {
//super.viewDidLoad()
do {
/**
Initialize a MSALPublicClientApplication with a MSALPublicClientApplicationConfig.
MSALPublicClientApplicationConfig can be initialized with client id, redirect uri and authority.
Redirect uri will be constucted automatically in the form of "msal<your-client-id-here>://auth" if not provided.
The scheme part, i.e. "msal<your-client-id-here>", needs to be registered in the info.plist of the project
*/
let authority = try self.getAuthority(forPolicy: self.kSignupOrSigninPolicy)
// Provide configuration for MSALPublicClientApplication
// MSAL will use default redirect uri when you provide nil
let pcaConfig = MSALPublicClientApplicationConfig(clientId: kClientID, redirectUri: nil, authority: authority)
self.application = try MSALPublicClientApplication(configuration: pcaConfig)
} catch {
self.updateLoggingText(text: "Unable to create application \(error)")
}
}
/**
This button will invoke the authorization flow and send the policy specified to the B2C server.
Here we are using the `kSignupOrSignInPolicy` to sign the user in to the app. We will store this
accessToken for subsequent calls.
*/
#IBAction func authorizationButton(_ sender: UIButton) {
do {
/**
authority is a URL indicating a directory that MSAL can use to obtain tokens. In Azure B2C
it is of the form `https://<instance/tfp/<tenant>/<policy>`, where `<instance>` is the
directory host (e.g. https://login.microsoftonline.com), `<tenant>` is a
identifier within the directory itself (e.g. a domain associated to the
tenant, such as contoso.onmicrosoft.com), and `<policy>` is the policy you wish to
use for the current user flow.
*/
let authority = try self.getAuthority(forPolicy: self.kSignupOrSigninPolicy)
/**
Acquire a token for a new account using interactive authentication
- scopes: Permissions you want included in the access token received
in the result in the completionBlock. Not all scopes are
gauranteed to be included in the access token returned.
- completionBlock: The completion block that will be called when the authentication
flow completes, or encounters an error.
*/
let webViewParameters = MSALWebviewParameters(parentViewController: self)
let parameters = MSALInteractiveTokenParameters(scopes: kScopes, webviewParameters: webViewParameters)
parameters.promptType = .selectAccount
print( parameters.promptType = .selectAccount)
parameters.authority = authority
debugPrint( parameters.authority = authority)
application.acquireToken(with: parameters) { (result, error) in
guard let result = result else {
self.updateLoggingText(text: "Could not acquire token: \(error ?? "No error informarion" as! Error)")
return
}
self.accessToken = result.accessToken
self.updateLoggingText(text: "Access token is \(self.accessToken ?? "Empty")")
self.signoutButton.isEnabled = true
self.callGraphApiButton.isEnabled = true
self.editProfileButton.isEnabled = true
self.refreshTokenButton.isEnabled = true
}
} catch {
self.updateLoggingText(text: "Unable to create authority \(error)")
}
}
#IBAction func editProfile(_ sender: UIButton) {
do {
/**
authority is a URL indicating a directory that MSAL can use to obtain tokens. In Azure B2C
it is of the form `https://<instance/tfp/<tenant>/<policy>`, where `<instance>` is the
directory host (e.g. https://login.microsoftonline.com), `<tenant>` is a
identifier within the directory itself (e.g. a domain associated to the
tenant, such as contoso.onmicrosoft.com), and `<policy>` is the policy you wish to
use for the current user flow.
*/
let authority = try self.getAuthority(forPolicy: self.kEditProfilePolicy)
/**
Acquire a token for a new account using interactive authentication
- scopes: Permissions you want included in the access token received
in the result in the completionBlock. Not all scopes are
gauranteed to be included in the access token returned.
- completionBlock: The completion block that will be called when the authentication
flow completes, or encounters an error.
*/
let thisAccount = try self.getAccountByPolicy(withAccounts: application.allAccounts(), policy: kEditProfilePolicy)
let webViewParameters = MSALWebviewParameters(parentViewController: self)
let parameters = MSALInteractiveTokenParameters(scopes: kScopes, webviewParameters: webViewParameters)
parameters.authority = authority
parameters.account = thisAccount
application.acquireToken(with: parameters) { (result, error) in
if let error = error {
self.updateLoggingText(text: "Could not edit profile: \(error)")
} else {
self.updateLoggingText(text: "Successfully edited profile")
}
}
} catch {
self.updateLoggingText(text: "Unable to construct parameters before calling acquire token \(error)")
}
}
#IBAction func refreshToken(_ sender: UIButton) {
do {
/**
authority is a URL indicating a directory that MSAL can use to obtain tokens. In Azure B2C
it is of the form `https://<instance/tfp/<tenant>/<policy>`, where `<instance>` is the
directory host (e.g. https://login.microsoftonline.com), `<tenant>` is a
identifier within the directory itself (e.g. a domain associated to the
tenant, such as contoso.onmicrosoft.com), and `<policy>` is the policy you wish to
use for the current user flow.
*/
let authority = try self.getAuthority(forPolicy: self.kSignupOrSigninPolicy)
/**
Acquire a token for an existing account silently
- scopes: Permissions you want included in the access token received
in the result in the completionBlock. Not all scopes are
gauranteed to be included in the access token returned.
- account: An account object that we retrieved from the application object before that the
authentication flow will be locked down to.
- completionBlock: The completion block that will be called when the authentication
flow completes, or encounters an error.
*/
guard let thisAccount = try self.getAccountByPolicy(withAccounts: application.allAccounts(), policy: kSignupOrSigninPolicy) else {
self.updateLoggingText(text: "There is no account available!")
return
}
let parameters = MSALSilentTokenParameters(scopes: kScopes, account:thisAccount)
parameters.authority = authority
self.application.acquireTokenSilent(with: parameters) { (result, error) in
if let error = error {
let nsError = error as NSError
// interactionRequired means we need to ask the user to sign-in. This usually happens
// when the user's Refresh Token is expired or if the user has changed their password
// among other possible reasons.
if (nsError.domain == MSALErrorDomain) {
if (nsError.code == MSALError.interactionRequired.rawValue) {
// Notice we supply the account here. This ensures we acquire token for the same account
// as we originally authenticated.
let webviewParameters = MSALWebviewParameters(parentViewController: self)
let parameters = MSALInteractiveTokenParameters(scopes: self.kScopes, webviewParameters: webviewParameters)
parameters.account = thisAccount
self.application.acquireToken(with: parameters) { (result, error) in
guard let result = result else {
self.updateLoggingText(text: "Could not acquire new token: \(error ?? "No error informarion" as! Error)")
return
}
self.accessToken = result.accessToken
self.updateLoggingText(text: "Access token is \(self.accessToken ?? "empty")")
}
return
}
}
self.updateLoggingText(text: "Could not acquire token: \(error)")
return
}
guard let result = result else {
self.updateLoggingText(text: "Could not acquire token: No result returned")
return
}
self.accessToken = result.accessToken
self.updateLoggingText(text: "Refreshing token silently")
self.updateLoggingText(text: "Refreshed access token is \(self.accessToken ?? "empty")")
}
} catch {
self.updateLoggingText(text: "Unable to construct parameters before calling acquire token \(error)")
}
}
#IBAction func callApi(_ sender: UIButton) {
guard let accessToken = self.accessToken else {
self.updateLoggingText(text: "Operation failed because could not find an access token!")
return
}
let sessionConfig = URLSessionConfiguration.default
sessionConfig.timeoutIntervalForRequest = 30
let url = URL(string: self.kGraphURI)
var request = URLRequest(url: url!)
request.setValue("Bearer \(accessToken)", forHTTPHeaderField: "Authorization")
let urlSession = URLSession(configuration: sessionConfig, delegate: self, delegateQueue: OperationQueue.main)
self.updateLoggingText(text: "Calling the API....")
urlSession.dataTask(with: request) { data, response, error in
guard let validData = data else {
self.updateLoggingText(text: "Could not call API: \(error ?? "No error informarion" as! Error)")
return
}
let result = try? JSONSerialization.jsonObject(with: validData, options: [])
guard let validResult = result as? [String: Any] else {
self.updateLoggingText(text: "Nothing returned from API")
return
}
self.updateLoggingText(text: "API response: \(validResult.debugDescription)")
}.resume()
}
#IBAction func signoutButton(_ sender: UIButton) {
do {
/**
Removes all tokens from the cache for this application for the provided account
- account: The account to remove from the cache
*/
let thisAccount = try self.getAccountByPolicy(withAccounts: application.allAccounts(), policy: kSignupOrSigninPolicy)
if let accountToRemove = thisAccount {
try application.remove(accountToRemove)
} else {
self.updateLoggingText(text: "There is no account to signing out!")
}
self.signoutButton.isEnabled = false
self.callGraphApiButton.isEnabled = false
self.editProfileButton.isEnabled = false
self.refreshTokenButton.isEnabled = false
self.updateLoggingText(text: "Signed out")
} catch {
self.updateLoggingText(text: "Received error signing out: \(error)")
}
}
override func didReceiveMemoryWarning() {
super.didReceiveMemoryWarning()
// Dispose of any resources that can be recreated.
}
override func viewWillAppear(_ animated: Bool) {
if self.accessToken == nil {
signoutButton.isEnabled = false
callGraphApiButton.isEnabled = false
editProfileButton.isEnabled = false
refreshTokenButton.isEnabled = false
}
}
func getAccountByPolicy (withAccounts accounts: [MSALAccount], policy: String) throws -> MSALAccount? {
for account in accounts {
// This is a single account sample, so we only check the suffic part of the object id,
// where object id is in the form of <object id>-<policy>.
// For multi-account apps, the whole object id needs to be checked.
if let homeAccountId = account.homeAccountId, let objectId = homeAccountId.objectId {
if objectId.hasSuffix(policy.lowercased()) {
return account
}
}
}
return nil
}
/**
The way B2C knows what actions to perform for the user of the app is through the use of `Authority URL`.
It is of the form `https://<instance/tfp/<tenant>/<policy>`, where `<instance>` is the
directory host (e.g. https://login.microsoftonline.com), `<tenant>` is a
identifier within the directory itself (e.g. a domain associated to the
tenant, such as contoso.onmicrosoft.com), and `<policy>` is the policy you wish to
use for the current user flow.
*/
func getAuthority(forPolicy policy: String) throws -> MSALB2CAuthority {
guard let authorityURL = URL(string: String(format: self.kEndpoint, self.kTenantName, policy)) else {
throw NSError(domain: "SomeDomain",
code: 1,
userInfo: ["errorDescription": "Unable to create authority URL!"])
}
return try MSALB2CAuthority(url: authorityURL)
}
func updateLoggingText(text: String) {
DispatchQueue.main.async{
self.loggingText.text = text
}
}
}
After run getting error above
The sample has been updated and should be working as expected now. It is now updated to handle *.b2clogin.com and now adds sui_si and edit profile to the known authorities list.
let siginPolicyAuthority = try self.getAuthority(forPolicy: self.kSignupOrSigninPolicy)
let editProfileAuthority = try self.getAuthority(forPolicy: self.kEditProfilePolicy)
// Provide configuration for MSALPublicClientApplication
// MSAL will use default redirect uri when you provide nil
let pcaConfig = MSALPublicClientApplicationConfig(clientId: kClientID, redirectUri: nil, authority: siginPolicyAuthority)
pcaConfig.knownAuthorities = [siginPolicyAuthority, editProfileAuthority]
self.application = try MSALPublicClientApplication(configuration: pcaConfig)
and
func getAuthority(forPolicy policy: String) throws -> MSALB2CAuthority {
guard let authorityURL = URL(string: String(format: self.kEndpoint, self.kAuthorityHostName, self.kTenantName, policy)) else {
throw NSError(domain: "SomeDomain",
code: 1,
userInfo: ["errorDescription": "Unable to create authority URL!"])
}
return try MSALB2CAuthority(url: authorityURL)
}
I have built authentication into my app using Firebase/Facebook Auth and now I would like to build into my app a system for managing a user's presence (eg; updating a 'status' field on Firebase for the user to say 'online or offline') as described in the Firebase Docs here
*My question is... where do I put all this managing presense code?, here is my 'signIntoFirebase' function. would I create a separate function called 'manageUserPresense' and call it straight after 'firebaseLoginComplete'?
func signIntoFirebase(firebaseLoginComplete: #escaping (_ status: Bool, _ error: Error?) -> ()){
//Getting FB authentication
guard let authenticationToken = AccessToken.current?.authenticationToken else { return }
//Getting credential using authentication token
let credential = FacebookAuthProvider.credential(withAccessToken: authenticationToken)
//Signing in to Firebase using FB authentication token
Auth.auth().signIn(with: credential) { (user, error) in
if let error = error { //if there is an error
print (error)
firebaseLoginComplete(false, error)
return
}
firebaseLoginComplete(true, nil)
self.isLoggedIn = true
print ("Successfully authenticated into Firebase")
}
}//end func
I'm having a hard time trying to figure out how to determine the login type during a resume session using AWS Cognito. My code is based upon the MobileHub sample (below).
I've integrated a name/password mode for user pools (account creation and login) as well as as a Facebook login button which all works perfectly.
I have some logic in my application that needs to behave differently depending on the login type but I can't figure out how to do it.
Anyone done this?
func didFinishLaunching(_ application: UIApplication, withOptions launchOptions: [AnyHashable: Any]?) -> Bool {
print("didFinishLaunching:")
// Register the sign in provider instances with their unique identifier
AWSSignInManager.sharedInstance().register(signInProvider: AWSFacebookSignInProvider.sharedInstance())
AWSIdentityProfileManager.sharedInstance().register(FacebookIdentityProfile.sharedInstance(), forProviderKey: AWSFacebookSignInProvider.sharedInstance().identityProviderName)
AWSSignInManager.sharedInstance().register(signInProvider: AWSCognitoUserPoolsSignInProvider.sharedInstance())
AWSIdentityProfileManager.sharedInstance().register(UserPoolsIdentityProfile.sharedInstance(), forProviderKey: AWSCognitoUserPoolsSignInProvider.sharedInstance().identityProviderName)
setupAPIGateway()
setupS3()
let didFinishLaunching: Bool = AWSSignInManager.sharedInstance().interceptApplication(application, didFinishLaunchingWithOptions: launchOptions)
if (!isInitialized) {
AWSSignInManager.sharedInstance().resumeSession(completionHandler: { (result: Any?, authState: AWSIdentityManagerAuthState, error: Error?) in
print("didFinishLaunching Result: \(String(describing: result)) AuthState: \(authState) \n Error:\(String(describing: error))")
if authState == .authenticated {
// Facebook or Cognito???
AWSCognitoUserAuthHelper.getCurrentUserAttribute(name: "sub", completionHandler: { (userid) in
// we need to fetch the user
ObjectManager.instance.getUser(userid: userid, completionHandler: { (user) in
ObjectManager.instance.setCurrentUser(user: user)
})
})
}
}) // If you get an EXC_BAD_ACCESS here in iOS Simulator, then do Simulator -> "Reset Content and Settings..."
// This will clear bad auth tokens stored by other apps with the same bundle ID.
isInitialized = true
}
return didFinishLaunching
}
One solution I found was to cast to the different identity profile types such as the following:
let identityManager = AWSIdentityManager.default()
if let fbIdentityProfile = identityManager.identityProfile as? FacebookIdentityProfile {
print("didFinishLaunching - Facebook login")
} else if let upIdentityProfile = identityManager.identityProfile as? UserPoolsIdentityProfile {
print("didFinishLaunching - User Pools login")
}
I can model logic in my application around this. Not sure if there is a cleaner approach using the MobileHub helper classes or AWS APIs but this works.