RefreshAuthenticationHandler

open class RefreshAuthenticationHandler: AuthenticationHandler, CallAuthenticationServiceProtocol

Base class for all refresh authentication handlers used by an OnlineAuthenticationHandler

Processes Oauth2 refresh-based authentication, where a refresh token is exchanged for an active authentication token with an authentication provider.

Intended to allow for secure biometric or device passcode based authentication scenarios.

In the expected process, the OnlineAuthenticationHandler.authenticationResponsePayload property will contain a refresh token. This token is then used by this handler during the next authentication request to refresh the authentication without needing the users credentials.

public properties

  • Prompt displayed to user when refreshing online authentication using biometric authentication (Touch ID or Face ID)

    Declaration

    Swift

    public var biometricAuthenticationPrompt = "Please sign on"

  • The key used to provide the refresh token in the refresh request.

    Declaration

    Swift

    public var tokenRequestPayloadKey = "refresh_token"

  • The key used to extract the refresh token in the online authentication response.

    Declaration

    Swift

    public var tokenResponsePayloadKey = defaultRefreshTokenKey

  • URLSessionConfiguration to use for the refresh request. Defaults to URLSessionConfiguration.default.

    Declaration

    Swift

    public var sessionConfiguration = URLSessionConfiguration.default

  • Response status code expected from the server if the refresh request was successful.

    Declaration

    Swift

    public var serviceCallSucceededResponseCode = Http.StatusCode.ok

  • Response status code expected from the server if the refresh request was unsuccessful.

    Declaration

    Swift

    public var serviceCallFailedResponseCode = Http.StatusCode.unauthorized

  • Convenience reference to manager’s configuration clientId value. Equal to self.manager?.configuration.clientId

    Declaration

    Swift

    public var clientId: String?

  • Convenience reference to manager’s configuration clientSecret value. Equal to self.manager?.configuration.clientSecret

    Declaration

    Swift

    public var clientSecret: String?

  • The authentication path used to perform the Oauth2 login refresh process.

    Declaration

    Swift

    public var refreshURLPath = ""

  • The AuthenticationManager associated with this RefreshAuthenticationHandler

    Declaration

    Swift

    public override var manager: AuthenticationManager?

  • Request headers to add to the refresh request

    Declaration

    Swift

    public var requestHeaders: [String: String] = [:]

  • The body encoding to use in the refresh request

    See also: RequestBodyEncoding

    -SeeAlso: RequestBodyEncoding

    Declaration

    Swift

    public var requestBodyEncoding: RequestBodyEncoding

initialization

  • Initializes and returns a RefreshAuthenticationHandler object

    Declaration

    Swift

    public override init()

public instance methods

  • Starts the authentication refresh process.

    Called by the associated AuthenticationManager when needed.

    Declaration

    Swift

    public override func authenticate(completionHandler: @escaping (_ result: AuthenticateResult) -> Void)

    Parameters

    completionHandler

    closure called when authentication has completed.
    result

    AuthenticateResult: Success or fail, result of authentication.

  • Cancels an authentication in-process. Does nothing if no authentication is currently in process.

    Declaration

    Swift

    open override func cancelAuthentication()

subclass use only

  • Should not be called from external consumers. The authenticate method should be used to start the authentication process.

    Default behavior will call the server to exchange a refresh token for an authentication token.

    Subclasses may override this method to provide extra processing prior to the authentication refresh request or could modify the actual work of the refresh authentication, in which case they should call authenticationComplete(status:) with the result of that authentication.

    Declaration

    Swift

    open func performRefresh(token: String)

  • Not expected to be called from external consumers.

    Subclasses may override this method to provide additional information into refresh request service call body.

    Declaration

    Swift

    open func createRefreshRequestPayload(token: String) -> [String: String]

  • Not expected to be called from external consumers.

    Encodes the request body payload based on the configured requestBodyEncoding. Can be overriden to allow subclasses to support additional encodings, or otherwise alter the refresh service call process.

    See also: RequestBodyEncoding

    See also

    RequestBodyEncoding

    Declaration

    Swift

    open func encodeRequestPayload(_ payload: [String: String]) -> Data?

    Parameters

    payload

    Dictionary containing the key/value pairs that make up the body of the refresh request payload.

CallAuthenticationServiceProtocol methods

  • Creates the URLSession used during login and logout calls

    Declaration

    Swift

    open func createSession() -> URLSession