IDPSession

public protocol IDPSession

IDPSession acts as an interactor/mediator for the IDPClient and IDPStorage sourcery: StreamWrapped

  • Whether the session has access to a (valid) authenticated session (e.g. token)

    Declaration

    Swift

    var isLoggedIn: AnyPublisher<Bool, IDPError> { get }

  • Subscribe to the session’s IDPToken and receive the latest (session) token through this Publisher

    [REQ:gemSpec_eRp_FdV:A_19480] usage of this token is limited to FD/IDP Access.

    Declaration

    Swift

    var autoRefreshedToken: AnyPublisher<IDPToken?, IDPError> { get }

  • Invalidates the active token. Use to logout the user or mark the existing Session as invalid, e.g. due to an 403/forbidden server response.

    Declaration

    Swift

    func invalidateAccessToken()

  • Request a challenge from the IDPClient for certain scopes

    Declaration

    Swift

    func requestChallenge() -> AnyPublisher<IDPChallengeSession, IDPError>

    Return Value

    Published IDPChallengeSession

  • Verify the signed challenge

    Declaration

    Swift

    func verify(_ signedChallenge: SignedChallenge)
    -> AnyPublisher<IDPExchangeToken, IDPError>

    Parameters

    signedChallenge

    the received challenge

    Return Value

  • Exchange the token with verifier for the actual token

    Declaration

    Swift

    func exchange(
    token: IDPExchangeToken,
    challengeSession: ChallengeSession,
    idTokenValidator: @escaping (TokenPayload.IDTokenPayload) -> Result<Bool, Error>
) -> AnyPublisher<IDPToken, IDPError>

    Parameters

    token

    the exchange token
    challengeSession

    A challengeSession with verifier code for the challenge
    idTokenValidator

    Closure that validates the passed IDToken for the selected profile

    Return Value

    Publisher of the received IDPToken

  • Refresh token

    Declaration

    Swift

    func refresh(token: IDPToken) -> AnyPublisher<IDPToken, IDPError>

    Parameters

    token

    the token to refresh

    Return Value

    renewed token or error

  • Pairs the device with a biometric key.

    Declaration

    Swift

    func pairDevice(with registrationData: RegistrationData, token: IDPToken) -> AnyPublisher<PairingEntry, IDPError>

    Parameters

    registrationData

    RegistrationData containing information about the biometric key to register.
    token

    Accesstoken for authentication and authorization for the new key.

    Return Value

    AnyPublisher with a PairingEntry containing registration information upon success.

  • Unregisters the devices key with the given identifier.

    Declaration

    Swift

    func unregisterDevice(_ keyIdentifier: String, token: IDPToken) -> AnyPublisher<Bool, IDPError>

    Parameters

    keyIdentifier

    Key identifier to unregister.
    token

    Accesstoken for authentication and authorization for the new key.

    Return Value

    AnyPublisher with aBool containing true upon success, false otherwise.

  • Returns the list of all registered devices.

    Declaration

    Swift

    func listDevices(token: IDPToken) -> AnyPublisher<PairingEntries, IDPError>

    Parameters

    token

    Accesstoken for authentication and authorization for the new key.

    Return Value

    AnyPublisher with aPairingEntries containing all registered devices.

  • Verify a given challenge with the IDP using alternative authentication, a.k.a. biometric secured key.

    Declaration

    Swift

    func altVerify(_ signedChallenge: SignedAuthenticationData) -> AnyPublisher<IDPExchangeToken, IDPError>

    Parameters

    signedChallenge

    SignedAuthenticationData that is signed with a biometric key instead of an eGK.

    Return Value

    AnyPublisher with IDPExchangeToken if successfull, fails with an IDPError otherwise.

  • Load available Insurance companies that are capable of External Authentication (gID).

    Declaration

    Swift

    func loadDirectoryKKApps() -> AnyPublisher<KKAppDirectory, IDPError>

  • Initial step for external authentication with insurance company app.

    Declaration

    Swift

    func startExtAuth(entry: KKAppDirectory.Entry) -> AnyPublisher<URL, IDPError>

    Parameters

    entry

    The reference to an insurance company app to user for the authentication.

  • Follow up step whenever an insurance company app authorizes a user login.

    Declaration

    Swift

    func extAuthVerifyAndExchange(
    _ url: URL,
    idTokenValidator: @escaping (TokenPayload.IDTokenPayload) -> Result<Bool, Error>
) -> AnyPublisher<IDPToken, IDPError>

    Parameters

    url

    Universal link containing login information
    idTokenValidator

    Closure that validates the passed IDToken for the selected profile

  • Verify signed challenge and immediately exchange the token

    Declaration

    Swift

    public func verifyAndExchange(
    signedChallenge: SignedChallenge,
    idTokenValidator: @escaping (TokenPayload.IDTokenPayload) -> Result<Bool, Error>
) -> AnyPublisher<IDPToken, IDPError>

    Parameters

    signedChallenge

    singed challenge
    idTokenValidator

    Closure that validates the passed IDToken for the selected profile

    Return Value

    Publisher that emits IDPToken or IDPError

  • Exchange the token with verifier for the actual token

    Declaration

    Swift

    public func exchange(token: IDPExchangeToken,
                     challengeSession: ChallengeSession)
    -> AnyPublisher<IDPToken, IDPError>

    Parameters

    token

    the exchange token
    challengeSession

    A challengeSession with verifier code for the challenge
    redirectURI

    optional redirect URI to use for the token exchange.

    Return Value

    Publisher of the received IDPToken