ValidationManager

class ValidationManager : IValidationManager

Manages the id token validation.

  • object that parses id token string

    Declaration

    Swift

    private let idTokenParser: ITokenParser

  • object that manages jwks url data

    Declaration

    Swift

    private let jwksUrlDataManager: IJwksUrlDataManager

  • object handles public key creation

    Declaration

    Swift

    private let publicKeyCreator: IPublicKeyCreator

  • Initialises with objects that help to validate the id token string.

    Declaration

    Swift

    init(tokenParser: ITokenParser = IdTokenParser(), jwksUrlDataManager: IJwksUrlDataManager = JwksUrlDataManager(), publicKeyCreator: IPublicKeyCreator = PublicKeyCreator())

    Parameters

    tokenParser

    object that parses id token string
    jwksUrlDataManager

    object that manages jwks url data
    publicKeyCreator

    object handles public key creation

  • Validates the id token string

    Declaration

    Swift

    func validate(idTokenString: String?, authorizationCode: String?, clientId: String, nonce: String, jwksUrl: URL, config: Config, error: inout NSError?) -> Bool

    Parameters

    idTokenString

    String value obtained using AppAuth framework and passed for validation.
    authorizationCode

    String value obtained using AppAuth framework and passed for validation.
    clientId

    used for id token validation.
    nonce

    used for id token validation.
    config

    used for id token validation.
    jwksUrl

    URL which contains data needed for validation process.
    error

    An error which can occur during the validation, (it is passed as inout parameter so, its value can be set inside the function).

    Return Value

    Boolean value is returned, true on success or false on failure.

  • Validates the [IdTokenHeader] object.

    Declaration

    Swift

    private func validateIdTokenHeader(_ header: IdTokenHeader, keyId: String) -> Bool

    Parameters

    header

    [IdTokenHeader] object which is under validation.
    keyId

    String value which is obtained from jwks url. The header can be treated as valid if it’s keyId property is equal to the keyId property obtained from jwks url.

    Return Value

    Boolean value, true on success, false on failure.

  • Validates the [IdTokenPayload] object. The payload can be treated as valid if:

    • it’s client id and audience properties are equal to the client id obtained from OIDAuthorizationResponse object;
    • it’s nonce property is equal to the property obtained from OIDAuthorizationResponse object;
    • it’s issuer property is equal to the domain value stored in config;

    • it’s expiration time property has the time which is after the current time.

    Declaration

    Swift

    private func validateIdTokenPayload(_ payload: IdTokenPayload, clientId: String, nonce: String, config: Config) -> Bool

    Parameters

    payload

    [IdTokenPayload] object which is under validation.
    clientId

    obtained from the OIDAuthorizationRequest object which contained inside the OIDAuthorizationResponse object.
    nonce

    obtained from the OIDAuthorizationRequest object which contained inside the OIDAuthorizationResponse object.
    config

    [Config] object that contains information required for the authentication.

    Return Value

    Boolean value, true on success, false on failure.

  • Validates the authorization code, The authorization code can be treated as valid if base64 encoded string of the first 16 bits of the hash value of it’s ASCII encoded data is equal to base64 encoded cHash string.

    Declaration

    Swift

    private func validateAuthCode(_ authCode: String, cHash: String) -> Bool

    Parameters

    authCode

    String value which is under validation.
    cHash

    String value which is obtained from [IdTokenPayload] object.

    Return Value

    Boolean value, true on success, false on failure.