1. Develop and deploy iOS mobile apps to leverage your back-end services
  2. Learn About Authentication Options for Your Oracle Mobile Hub Applications

Learn About Authentication Options for Your Oracle Mobile Hub Applications

Oracle Mobile Hub lets you authenticate your mobile applications using technologies like OAuth, single sign-on, or HTTP basic authentication.

Before authenticating your iOS applications, you must import the following libraries in you XCode project:

#import "OMCCore/OMCAuthorization.h"
#import "OMCCore/OMCMobileBackend.h"
#import "OMCCore/OMCMobileManager.h"

About Using OAuth Consumer and HTTP Basic

Oracle Mobile Hub SDK provides methods for handling user authentication.

Use the following method to handle a user logging in with a user name and password:

- (void) authenticate:(NSString *)userName
             password:(NSString *)password
      completionBlock: (nullable OMCErrorCompletionBlock) completionBlock;

This method terminates the connection to Oracle Mobile Hub and clears the user name and password from the iOS keychain: 

-(void) logout: (nullable OMCErrorCompletionBlock) completionBlock;

About Using Single Sign-on with a Third-party Token

You can use a Third-party token to authenticate your iOS application with Oracle Mobile Hub.

First, your application needs to get a token from the third-party token issuer. The way you can obtain the token varies by issuer.

Once you have the token, use it to authenticate. The code in this example checks to seeif the token is already stored in Oracle Mobile Hub before logging in again: 

-(void) authenticateSSOTokenExchange: (NSString*) token
            storeAccessToken:(BOOL) storeToken
            completionBlock: (OMCErrorCompletionBlock) completionBlock;

Note:

The default expiration time for storing a third-party token in Oracle Mobile Hub is 6 hours. You can adjust this time by changing the Security_TokenExchangeTimeoutSecs policy.

You can also code the application to keep the user logged in, even when closing and restarting the application.

In the authenticateSSOTokenExchange method, if storeAccessToken is set to YES, the token is stored in secure store and the user remains logged in until the token expires.

You can use the loadSSOTokenExchange() method in the app launch sequence to load the token from the keychain. (If a token can’t be retrieved, the method returns NO).

Here’s some code that tries to load a saved token and, if it fails, restarts the authentication process:

OMCAuthorization* auth;
if ( [auth loadSSOTokenExchange] ){
	NSLog(@"## Token already found, login skipped.");
    ...
}
else{
	[auth authenticateSSOTokenExchange:thirdPartyToken
	 storeAccessToken:YES
	 completionBlock:^(NSError * _Nullable error) {
					   
	    if( error ){
	        //Show error popup
	    }
	    else{
	        // Login success.
	        ...
	    }
	}];
}

When you have the token stored in the secure store, it remains associated with the backend that the application originally used. Therefore, if the application is updated to use a different mobile backend (or mobile backend version), you need to clear the saved token (using clearSSOTokenExchange) and re-authenticate.