[英]How to login directly in Auth0 without redirect universal login page?
I'm working on Auth0 integration, i successfully integrated Auth0 SDK in my Swift project, but i want to implement direct login from my app with out redirect into Auth0 universal login page.我正在处理 Auth0 集成,我成功地将 Auth0 SDK 集成到我的 Swift 项目中,但我想实现从我的应用程序直接登录而不重定向到 Auth0 通用登录页面。
I studied mobile login flow here ( https://auth0.com/docs/flows/concepts/mobile-login-flow ).我在这里研究了移动登录流程( https://auth0.com/docs/flows/concepts/mobile-login-flow )。
I implemented Auth0 login in iOS Swift it's working.我在 iOS Swift 中实现了 Auth0 登录,它正在工作。 But i want direct login.但我想直接登录。
See my screens查看我的屏幕
When we click login in my app it shows pop up.当我们在我的应用程序中单击登录时,它会弹出。
Click continue it will open Auth0.com page (I don't want this page, i want direct login with out this page How?)单击继续它将打开 Auth0.com 页面(我不想要这个页面,我想直接登录没有这个页面如何?)
I don't want this page, i want direct login with out this page through mu app login page, How?.我不想要这个页面,我想通过 mu app 登录页面直接登录没有这个页面,如何?。
Is it possible?.是否可以?。
For this i followed this link https://auth0.com/docs/flows/guides/mobile-login-flow/add-login-using-mobile-login-flow and implemented code_verifier and code_challage.为此,我按照此链接https://auth0.com/docs/flows/guides/mobile-login-flow/add-login-using-mobile-login-flow并实施了code_verifier 和 code_challage。 But when i implement Authorize the User it's given html response .但是当我实现授权用户时,它会给出html 响应。
My code is:我的代码是:
func codeVerifier() {
var buffer = [UInt8](repeating: 0, count: 32)
_ = SecRandomCopyBytes(kSecRandomDefault, buffer.count, &buffer)
let verifier = Data(bytes: buffer).base64EncodedString()
.replacingOccurrences(of: "+", with: "-")
.replacingOccurrences(of: "/", with: "$_")
.replacingOccurrences(of: "=", with: "")
.trimmingCharacters(in: .whitespaces)
print("Code_Verifier : \(verifier)")
codeChallenger(verifier: verifier)
}
func codeChallenger(verifier:String) {
// Dependency: Apple Common Crypto library
// http://opensource.apple.com//source/CommonCrypto
guard let data = verifier.data(using: .utf8) else {
return
}
var buffer = [UInt8](repeating: 0, count: Int(CC_SHA256_DIGEST_LENGTH))
data.withUnsafeBytes {
_ = CC_SHA256($0, CC_LONG(data.count), &buffer)
}
let hash = Data(bytes: buffer)
let challenge = hash.base64EncodedString()
.replacingOccurrences(of: "+", with: "-")
.replacingOccurrences(of: "/", with: "$_")
.replacingOccurrences(of: "=", with: "")
.trimmingCharacters(in: .whitespaces)
print("Code_Challenger : \(challenge)")
authorizwTheUser(code_challange: challenge)
}
func authorizwTheUser(code_challange:String) {
let url = "https://domain.auth0.com/authorize?"
var request = URLRequest(url: URL(string: url)!)
request.setValue("application/json", forHTTPHeaderField: "Content-Type")
request.httpMethod = "GET"
print("URL : \(request)")
let parameters = "response_type=token&code_challenge=\(code_challange)&code_challenge_method=S256&client_id=&redirect_uri=com.myappname.Auth0DemoSwift://domainname.auth0.com/ios/com.domainname.Auth0DemoSwift/callback&scope=openid profile&state=xyzABC123x"
request.httpBody = parameters.data(using: .utf8)
print(parameters)
let task = URLSession.shared.dataTask(with: request) { data, response, error in guard let data = data, error == nil else { // check for fundamental networking error
print("error=\(String(describing: error))")
return
}
if let httpStatus = response as? HTTPURLResponse, httpStatus.statusCode != 200 { // check for http errors
print("statusCode should be 200, but is \(httpStatus.statusCode)")
print("response = \(String(describing: response))")
}
// If Response is in String formate
let responseString = String(data: data, encoding: .utf8)
let dictionary = data
print("dictionary = \(dictionary)")
print("responseString = \(String(describing: responseString!))")
do {
let response = try JSONSerialization.jsonObject(with: data, options: .allowFragments) as? [String: AnyObject]
print(response!)
let res = response!["Response"]
let status = res!["status"] as! String
if status == "SUCCESS" {
} else {
}
} catch let error as NSError {
print(error)
}
}
task.resume()
}
If you want to avoid the consent screen and redirection to auth0 hosted login page, you can use authentication API with password-realm grant type .如果您想避免同意屏幕并重定向到 auth0 托管登录页面,您可以使用带有password-realm grant type 的身份验证 API。 The disadvantages are:缺点是:
As described:如描述:
The Authentication API exposes AuthN/AuthZ functionality of Auth0, as well as the supported identity protocols like OpenID Connect, OAuth 2.0, and SAML.身份验证 API 公开了 Auth0 的 AuthN/AuthZ 功能,以及受支持的身份协议,如 OpenID Connect、OAuth 2.0 和 SAML。 We recommend using our Hosted Login Page but if you wish to build your own UI you can use our API endpoints to do so.我们建议使用我们的托管登录页面,但如果您希望构建自己的 UI,您可以使用我们的 API 端点来实现。 However some Auth flows (Grant types) are disabled by default so you will need to enable them via your Auth0 Dashboard as explained in this guide.但是,某些 Auth 流(Grant 类型)在默认情况下是禁用的,因此您需要按照本指南中的说明通过 Auth0 仪表板启用它们。
Sign In:登入:
Auth0.authentication()
.login(
usernameOrEmail: "support@auth0.com",
password: "secret-password",
realm: "Username-Password-Authentication",
scope: "openid"
)
.start { result in
switch result {
case .success(let credentials):
print("Obtained credentials: \(credentials)")
case .failure(let error):
print("Failed with \(error)")
}
}
Sign up:注册:
Auth0.authentication()
.createUser(
email: "support@auth0.com",
password: "secret-password",
connection: "Username-Password-Authentication",
userMetadata: ["first_name": "First",
"last_name": "Last"]
)
.start { result in
switch result {
case .success(let user):
print("User Signed up: \(user)")
case .failure(let error):
print("Failed with \(error)")
}
}
It is documented here: https://github.com/auth0/Auth0.swift#authentication-api-ios--macos--tvos它记录在这里: https : //github.com/auth0/Auth0.swift#authentication-api-ios--macos--tvos
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.