CLASS

HaapiTokenManagerBuilder

Contents

@objcMembers public class HaapiTokenManagerBuilder: NSObject

The HaapiTokenManagerBuilder is used to instantiate a HaapiTokenManager with the settings that are appropriate for your environment by using the Builder pattern.

An example use of the Builder to create a default HaapiTokenManager could look like this:

let urlSession = URLSession(configuration: configuration, delegate: trustAllCertsDelegate, delegateQueue: nil)

haapiTokenManager = HaapiTokenManagerBuilder(
   tokenEndpoint: "https://my.curity.example.com/oauth/token",
   clientId: "my-haapi-client"
)
.setInternalUrlSession(urlSession)
.build()

Methods

init(tokenEndpoint:clientId:)

public init (tokenEndpoint: URL,
             clientId: String)

Initialize the Builder with the mandatory tokenEndpoint and clientId parameters

setName(_:)

public func setName(_ name: String) -> HaapiTokenManagerBuilder

Set a name for the HaapiTokenManager. The name is used as prefix in identifying the storage location where the HaapiTokenManager persists state.

When nothing is set, the clientId is used as the default value.

setInternalUrlSession(_:)

public func setInternalUrlSession(_ urlSession: URLSession) -> HaapiTokenManagerBuilder

Set the URLSession instance that is used to make requests to the HAAPI services (e.g. the token endpoint and the HAAPI-enabled endpoints of the server)

When nothing is set, a URLSession with default settings is used.

setHaapiTokenMinTtl(_:)

public func setHaapiTokenMinTtl(_ minTtl: TimeInterval) -> HaapiTokenManagerBuilder

Set the minimum time to live (in seconds) that the HAAPI Token must be valid for. If the token expires before then, the HaapiTokenManager will try to refresh it.

When nothing is set, a value of 10 is used as minimum time to live

disableDeviceCheckAttestation()

public func disableDeviceCheckAttestation() -> HaapiTokenManagerBuilder

Allows the created HaapiTokenManager to run on a similator by turning off DeviceCheck attestation/-assertion.

When the compilation target is a simulator, DeviceCheck attestation/-assertion is automatically disabled.

This feature requires the server to be configured to have attestation validation disabled for this client.

setAttestationMaxRetryCount(maxRetries:)

public func setAttestationMaxRetryCount(maxRetries: Int) -> HaapiTokenManagerBuilder

Set the maximum allowed retry count for attestation/assertion retries. It allows the created HaapiTokenManager to retry DeviceCheck attestation/assertion when receiving a DCError.serverUnavailable.

When nothing is set, a value of 3 is used as the maximum allowed retry count. Providing a value lower than 1 disables the retry mechanism.

setTokenBoundConfiguration(config:)

public func setTokenBoundConfiguration(config: TokenBoundConfiguration) -> HaapiTokenManagerBuilder

Sets the TokenBoundConfiguration when the the client configuration for Haapi in the Identity Server has this key issue-token-bound-authorization-code set to true.

setClientAuthenticationMethod(method:)

public func setClientAuthenticationMethod(method: ClientAuthenticationMethod) -> HaapiTokenManagerBuilder

Sets the authentication method configuration as defined in the Curity identity Server.

setApplicationBundle(_:)

public func setApplicationBundle(_ bundle: Bundle?) -> HaapiTokenManagerBuilder

Sets the application Bundle. The Bundle is required when the client configuration for Haapi integrates the BankID services which may require the application to provide contextual information for risk assessment purposes.

Parameters

Name Description
bundle The application Bundle.

build()

public func build() throws -> HaapiTokenManager

Build a new HaapiTokenManager instance from the state that is created inside the Builder

This method can abort your application if the desired name for a HaapiTokenManager already exists within the current context.