Guides

iOS Setup and Integration Using AppAuth - SwiftUI App

Suggest Edits

Step 1: Get the AppAuth iOS demo app

First ensure that you are running an up-to-date version of Xcode, then clone the GitHub repository and open the app subfolder. You can download the demo app code via the following link:

The code example is a SwiftUI app and the main OAuth integration is done in the AuthenticationViewModel class.

Step 2: Add the AppAuth Dependency

Add AppAuth using the Swift dependency manager by typing in the URL to the AppAuth repo. When prompted, please select the package product named AppAuth:

Step 3: Update OAuth Client Settings

The code example uses a configuration file as config.json which needs to be updated using your configuration data before running the demo app on your phone/simulator.

{
  "issuer": "<YOUR_ISSUER>",
  "clientID": "<YOUR_CLIENT_ID>",
  "redirectUri": "id.truuth.client:/callback",
  "scope": "<YOUR_SCOPES>" 
}

You can add the list of your considered scopes seperated by spaces (e.g. "openid profile"). If no scope determined, the default one would be "openid profile".

Step 4: Run the Sample App on an Emulator / Device

To run the app on a device you must have an Apple account configured in Xcode under Preferences / Accounts. You also need to sign the app, such as by selecting the Automatically Manage Signing option in Xcode.

Ensure that the iOS device or emulator is selected in Xcode, then run the app using Xcode’s build and run option in the top left of the IDE.:

This renders the following simple view. You can click Authenticate to run an entire OpenID Connect authorization redirect:

Next an ASWebAuthenticationSession window is shown, which first involves informing the user which app they are logging into:

You can then sign in to the app using Biopass universal login.

The login is done using the system browser, which overlays the mobile view and prevents the sample app from having direct access to the credentials:

Once signed in the app switches to an Authenticated View, to simulate screens in real apps that work with access tokens and call APIs. This view presents details about tokens and also allows token refresh to be tested:

Updated about 1 year ago