TestsTested | ✓ |
LangLanguage | SwiftSwift |
License | MIT |
ReleasedLast Release | Aug 2017 |
SwiftSwift Version | 3.1 |
SPMSupports SPM | ✗ |
Maintained by Adam Sharp.
Pluggable HTTP authentication for Swift.
Advantages
Caveats
When you register the app with your OAuth provider, you will give a redirect
URI. This URI must use a URL scheme that is registered for your app in your
app's Info.plist
.
Superb allows your app to support multiple authentication providers via a registration mechanism. iOS apps have a single entrypoint for URLs, so Superb searches through the registered providers to find the correct one to handle the redirect URL.
// GitHub+Providers.swift
import Superb
import SuperbGitHub
extension GitHubOAuthProvider {
static var shared: GitHubOAuthProvider {
// Register a provider to handle callback URLs
return Superb.register(
GitHubOAuthProvider(
clientId: "<your client id>",
clientSecret: "<your client secret>",
redirectURI: URL(string: "<your chosen redirect URI>")!
)
)
}
}
// AppDelegate.swift
@UIApplicationMain
final class AppDelegate: UIResponder, UIApplicationDelegate {
// ...
func application(_ app: UIApplication, open url: URL, options: [UIApplicationOpenURLOptionsKey: Any]) -> Bool {
// Pass the URL and options off to Superb.
return Superb.handleAuthenticationRedirect(url, options: options)
}
}
Then, in our API client, we can use RequestAuthorizer
to fence the code that
must be run with authentication, using RequestAuthorizer.performAuthorized()
.
// GitHubAPIClient.swift
struct GitHubAPIClient {
static let oauthClient = GitHubAPIClient(
requestAuthorizer: RequestAuthorizer(
authorizationProvider: GitHubOAuthProvider.shared
)
)
private let authorizer: RequestAuthorizerProtocol
init(requestAuthorizer: RequestAuthorizerProtocol) {
authorizer = requestAuthorizer
}
// An authorized request to get the current user's profile.
func getProfile(completionHandler: @escaping (Result<Profile, SuperbError>) -> Void) {
let request = URLRequest(url: URL(string: "https://api.github.com/user")!)
authorizer.performAuthorized(request) { result in
switch result {
case let .success(data, _):
let profile = parseProfile(from: data)
completionHandler(.success(profile))
case let .failure(error):
completionHandler(.failure(error))
}
}
}
// An unauthorized request.
func getZen(completionHandler: @escaping (Result<String, SuperbError>) -> Void) {
let request = URLRequest(url: URL(string: "https://api.github.com/zen")!)
URLSession.shared.dataTask(with: request) { data, _, error in
let result = parseZen(data, error)
completionHandler(result)
}.resume()
}
}
// later
let api = GitHubAPIClient.oauthClient
api.getProfile { result in
// ...
}
Superb.register
.If you do not call Superb.register
then your authentication provider will not
have a chance to receive callback URLs.
See the CONTRIBUTING document. Thank you, contributors!
Superb is Copyright (c) 2017 thoughtbot, inc. It is free software, and may be redistributed under the terms specified in the LICENSE file.
Superb is maintained and funded by thoughtbot, inc. The names and logos for thoughtbot are trademarks of thoughtbot, inc.
We love open source software! See our other projects or look at our product case studies and hire us to help build your iOS app.