Customer Identity (CIAM)
Alipay Login
# Documentation Description
This document explains how to integrate the Alipay authorization login functionality in an iOS client.
The user clicks the Alipay login button on the client APP, the IDaaS SDK triggers the authorization page within the Alipay APP. After the user clicks the "Authorize Login" button and authorization is successful, the Alipay APP redirects back to the client APP. At this point, the IDaaS SDK automatically receives a temporary ticket, uses this ticket to request authentication from the IDaaS server, and finally returns the authentication result to the client APP.
# Login Flow
Integration Flow Description
- The user clicks the Alipay login button on the APP client.
- The APP client calls the IDaaS SDK's Alipay login method.
- The IDaaS SDK calls the Alipay SDK's login method.
- The Alipay SDK launches the Alipay APP on the phone and displays the authorization login page.
- The user clicks the "Authorize Login" button.
- Alipay authorization is successful, the client APP is launched, and an Alipay authorization ticket is passed along. At this point, the IDaaS SDK automatically obtains the Alipay authorization ticket during the launch process.
- IDaaS uses the Alipay authorization ticket to request authentication from the IDaaS server.
- The IDaaS server checks if a phone number is bound. If a phone number is already bound, the IDaaS server authentication succeeds and returns session_token and id_token to the IDaaS SDK.
- The IDaaS SDK returns session_token and id_token to the APP client.
- If the IDaaS server finds that no phone number is bound, it returns an identifier indicating that binding or registration is required.
- The IDaaS server displays the binding or registration page.
- The user enters their phone number, clicks to get the verification code, and completes the slider verification.
- The IDaaS SDK takes the slider verification code to the IDaaS server to request slider verification.
- The IDaaS server successfully verifies the slider and returns a token to the IDaaS SDK.
- The IDaaS SDK uses the token and phone number to request the IDaaS server to send an SMS verification code.
- The user receives the SMS verification code, enters it into the verification code input field, and clicks the bind or register button.
- The IDaaS SDK submits the binding or registration data to the IDaaS server.
- Binding or registration is successful, the IDaaS server returns session_token and id_token to the IDaaS SDK.
- The IDaaS SDK returns session_token and id_token to the client APP.
- The client can use id_token to verify login validity and obtain basic user information.
- The client can use session_token to refresh id_token.
# Preparation
# Create an Application on Alipay Open Platform
Developers log in to the Alipay Open Platform (opens new window) to create their own developer account. Refer to the official documentation (opens new window) to create a new application and wait for approval.
For the Alipay minimal package iOS integration guide, please refer to https://opendocs.alipay.com/open/218/sxc60m (opens new window).
# Obtain Application clientID
Log in to the IDaaS Enterprise Center platform, click "Resources --> Applications", select the relevant application, and click to view it.
# Configure Authentication Source
Log in to the IDaaS Enterprise Center platform, click "--> Authentication --> Authentication Source Management --> Alipay".
Click "Add Authentication Source", fill in the AppKey and AppSecret obtained after registering the application on the Alipay development platform. Select 'Mobile Application' in the channel selection box. Enter a name in the display name field.
Click "OK", and an authentication source will be created. Switch to "Resources --> Applications", click on the newly created application, go to "Login Configuration --> Mobile Application --> Configuration", and click the enable button next to the Alipay record.
Select the authentication source just configured and save.
# Import Dependencies
Before proceeding with Alipay OAuth authorization login integration, you need to register a developer account on the Alipay Open Platform (opens new window), have an approved mobile application, and obtain the corresponding AppID and AppSecret. After applying for Alipay login and passing the review, you can start the integration process.
AFServiceSDK.framework // Alipay SDK package
1
# Adding the Main Library
AuthnCenter_common_2C.framework
AuthnCenter_Alipay_2C.framework
AuthnCenter_Alipay_2C.bundle // Resource bundle
1
2
3
2
3
Drag the IDaaSSDK into the project and include it as shown below:
Also, add the Pod dependency:
pod 'JWT', '~> 3.0.0-beta.14'
# Targets Settings
- The IDaaS SDK minimum compatible version is iOS 11.
- Add the following package under "Frameworks, Libraries, and Embedded Content":
AFServiceSDK.framework
1
Set the URL Scheme. Under the Info tab, create a new entry under "URL Types". Fill it in as shown below. The URL scheme must be "alipay" concatenated with your Alipay AppID (as shown in the image).
In Xcode, select your project settings, go to the "TARGETS" section, and under the "Info" tab, add
alipayandalipayauthto "LSApplicationQueriesSchemes" (as shown in the image).
Set "Enable Bitcode" to NO.
Set "Allow Non-modular Includes In Framework Modules" to Yes.
# Development Integration
# Development Integration Method with Built-in UI Pages
This chapter describes the process for the APP client to initiate Alipay login in one go. The APP client only needs to integrate the IDaaS SDK initialization method and the Alipay registration method, and call the IDaaS SDK Alipay login method where Alipay login needs to be initiated. All other authentication, registration, and binding UI flows are fully provided by the IDaaS SDK. Upon successful login, the session_token and id_token are returned in the callback function. Before proceeding with this chapter, please complete all Xcode configurations and Alipay Open Platform configurations from the previous chapter.
# SDK Initialization
The IDaaS SDK provides an initialization method where you can fill in the tenant, clientID, and whether to enable log printing.
Example of the initialization method:
In the AppDelegate, reference the header files as follows:
#import <AuthnCenter_common_2C/BCIDACommonManager.h>
#import <AuthnCenter_Alipay_2C/BCLoginAlipayManager.h>
// Initialize in the didFinishLaunchingWithOptions method
[[[[[BCIDACommonManager sharedInstance] initWithDomain:@"https://your-backend-tenant.com"] initWithClientID:@"backend-tenant-clientID"] initWithSSLCerVerification:NO] setLogEnabled:YES] ;
[[BCLoginAlipayManager sharedInstance] registAlipayAppid:@"your-alipay-appid"];
1
2
3
4
5
6
7
8
2
3
4
5
6
7
8
In the AppDelegate, the following methods receive the scheme callbacks from Alipay.
- (BOOL)application:(UIApplication *)application handleOpenURL:(NSURL *)url {
[[BCLoginAlipayManager sharedInstance] oauthHandleOpenURL:url];
return YES;
}
- (BOOL)application:(UIApplication *)app openURL:(NSURL *)url options:(NSDictionary<UIApplicationOpenURLOptionsKey,id> *)options{
[[BCLoginAlipayManager sharedInstance] oauthHandleOpenURL:url];
return YES;
}
- (BOOL)application:(UIApplication *)application openURL:(NSURL *)url sourceApplication:(NSString *)sourceApplication annotation:(id)annotation{
[[BCLoginAlipayManager sharedInstance] oauthHandleOpenURL:url];
return YES;
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
Basic Configuration Initialization Main Class BCIDACommonManager Method Introduction:
/**
* Function name: sharedInstance
* @param None
* @return Singleton object instance class
*/
+ (instancetype )sharedInstance ;
/**
* Function name: initWithDomain
* @param domain, starts with https:// and ends with .com.
* @return Instance class
*/
-(BCIDACommonManager)initWithDomain:(NSString)domain
/**
* Function name: initWithClientID
* @param client id.
* @return Instance class
*/
-(BCIDACommonManager)initWithClientID:(NSString)clientID;
/**
* Function name: setLogEnabled
* @param Boolean value whether to enable log.
* @return Instance class
*/
-(void)setLogEnabled:(BOOL)enable;
/**
* Function name: initWithSSLCerVerification
* @param Boolean value to set whether SSL certificate verification is enabled.
* @return Instance class
*/
-(BCIDACommonManager*)initWithSSLCerVerification:(bool)sslCerVerification;
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Alipay BCLoginAlipayManager Class Method Introduction:
/**
* Function name: sharedInstance
* @param None
* @return Singleton object instance class
*/
+ (instancetype )sharedInstance ;
/**
* Function name: registAlipayAppid
* @param alipayAppid The appid from the Alipay Open Platform
*@return Singleton object instance class
*/
-(BCLoginAlipayManager*)registAlipayAppid:(NSString*)alipayAppid;
/**
* Function name: oauthHandleOpenURL
* @param Call this method when the scheme callbacks to the client app
* @param None
* @return YES/NO
*/
-(BOOL)oauthHandleOpenURL:(NSURL*)url
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
# Initiate Alipay Login
When the user clicks the Alipay login button, the APP client calls the IDaaS SDK's Alipay login method. The code example is as follows:
/**
* Function name: sharedInstance
* @param None
* @return Singleton object instance class
*/
+ (instancetype )sharedInstance ;
/**
* Function name: registAlipayAppid
* @param alipayAppid The appid from the Alipay Open Platform
*@return Singleton object instance class
*/
-(BCLoginAlipayManager*)registAlipayAppid:(NSString*)alipayAppid;
/**
* Function name: oauthHandleOpenURL
* @param Call this method when the scheme callbacks to the client app
* @param None
* @return YES/NO
*/
-(BOOL)oauthHandleOpenURL:(NSURL*)url
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
BCLoginAlipayManager Login Object Method Introduction:
/**
* Function name: loginWithAlipayWithScheme
* @param Launches Alipay login
* @param schemeStr is the input Alipay appid, format is "alipay+Alipay appid", e.g., alipay2021002149616573
* @return BCAlipayCompletionHandler callback function.
1.code=0 means success, data returns session_token and id_token
2.code=other means failure, data returns reason description.
*/
-(void)loginWithAlipayWithScheme:(NSString*)schemeStr withCompleteCallBack:(BCAlipayCompletionHandler)callBackHandler;
1
2
3
4
5
6
7
8
9
2
3
4
5
6
7
8
9
BCAlipayCompletionHandler Callback Function Return Codes:
| Code | Description |
|---|---|
| code=0 | Login successful. At this time, data returns an NSDictionary: data=@{@"session_token":sessionToken content,@"id_token":idToken content}; |
| code=1 | Login failed. data returns a string describing the error. |
| code=Error Code (Please refer to IDaaS Return Codes) | Login unsuccessful. data returns an error description. |
| Code=102 | User denied authorization on the Alipay authorization page. |
| Code=103 | Alipay authorization return was unsuccessful. Details are in the description of data. |
| Code=104 | After successful authorization, on the bind or register phone number page, the user clicked the back button, binding was not successful, user returned and canceled. |
# UI Customization
After Alipay authorization is successful, depending on whether a user is matched, the bind or quick registration process will be initiated. If "New Alipay user login triggers registration" is configured in the IDaaS Enterprise Center authentication source settings, then quick registration will be performed. (Whether the bind page or quick registration page is displayed depends on the backend authentication source configuration).
The above image shows the default UI page.
In the didFinishLaunchingWithOptions method within the AppDelegate, set up the theme object.
Code Example:
// Create a new style object and set styles for each element. If an individual element is not set, the default style from the image above will be used.
BCAlipayBindPhoneViewCustomSetting* settings=[[BCAlipayBindPhoneViewCustomSetting alloc] init];
settings.isNavHidden=YES;
settings.navHiddenBackButtonFrameBlock = ^CGRect(CGRect frame) {// When isNavHidden=YES, you can set the frame for the back button.
CGRect rec=CGRectMake(5, 150, 70, 40);
return rec;
};
// settings.hideInternationalPhoneCodeArea=YES;
settings.navBindTitle=[[NSAttributedString alloc] initWithString:@"Bind xx" attributes:@{NSForegroundColorAttributeName : UIColor.orangeColor,NSFontAttributeName : [UIFont systemFontOfSize:18.0]}];
settings.navRegistTitle=[[NSAttributedString alloc] initWithString:@"Register xx" attributes:@{NSForegroundColorAttributeName : UIColor.greenColor,NSFontAttributeName : [UIFont systemFontOfSize:18.0]}];
settings.navBackImage=[UIImage imageNamed:@"fanhuianniu-2"];
settings.navColor=@"99FFCC";
UIButton* bttn=[UIButton buttonWithType:UIButtonTypeSystem];
[bttn setTitle:@"More" forState:UIControlStateNormal];
[bttn setTintColor:[UIColor blackColor]];
[bttn addTarget:self action:@selector(clickMore) forControlEvents:UIControlEventTouchUpInside];
settings.navRightView=bttn;
settings.tileDescriptionRegistText=[[NSAttributedString alloc] initWithString:@"Register xx My Phone Number" attributes:@{NSForegroundColorAttributeName : UIColor.orangeColor,NSFontAttributeName : [UIFont systemFontOfSize:25.0]}];
settings.tileDescriptionBindText=[[NSAttributedString alloc] initWithString:@"Bind My Phone Number" attributes:@{NSForegroundColorAttributeName : UIColor.greenColor,NSFontAttributeName : [UIFont systemFontOfSize:25.0]}];
settings.descriptionRegistText=[[NSAttributedString alloc] initWithString:@"Enter the phone number for registration........." attributes:@{NSForegroundColorAttributeName : UIColor.grayColor,NSFontAttributeName : [UIFont systemFontOfSize:16.0]}];
settings.descriptionBindText=[[NSAttributedString alloc] initWithString:@"Enter the phone number for binding........." attributes:@{NSForegroundColorAttributeName : UIColor.redColor,NSFontAttributeName : [UIFont systemFontOfSize:16.0]}];
settings.clickToSendSMSButtonText=[[NSAttributedString alloc] initWithString:@"Get Verification Code" attributes:@{NSForegroundColorAttributeName : UIColor.greenColor,NSFontAttributeName : [UIFont systemFontOfSize:10.0]}];
// settings.clickToSendBorderColor=@"CCFF33";
settings.clickToSendSMSBackgroundImage=[UIImage imageNamed:@"wangluo"];
// settings.countDownTextColor=@"330000";
settings.countDownBtnBackgroundColor=@"CCCCFF";
settings.countDownBtnBackgroundImage=[UIImage imageNamed:@"lvhang"];
settings.confirmButtonRegistText=@"Register Me";
settings.confirmButtonBindText=@"Bind";
settings.confirmButtonInactiveTextColor=@"FF99FF";
settings.confirmButtonActiveTextColor=@"FF9966";
settings.confirmButtonOnPressTextColor=@"FF66FF";
settings.confirmButtonInactiveBackgroundColor=@"999999";
settings.confirmButtonactiveBackgroundColor=@"CC00FF";
// settings.confirmButtonInactiveBackgroundImage=[UIImage imageNamed:@"24gf-stopCircle"];
// settings.confirmButtonActiveBackgroundImage=[UIImage imageNamed:@"24gf-stopCircle-2"];
// After setting these values, save them to memory using the class below.
[[BCAlipayBindPhoneThemeManager sharedInstance] setBindPhoneTheme:settings];
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
Property List:
| Property | Description |
|---|---|
| isNavHidden | YES: Hide the navigation bar, the back button is a UIButton, you can pass in a button image. NO: Do not hide the navigation bar, the back button requires an image to be passed in. |
| navColor | // Navigation bar theme color NSString, hexadecimal, no ox, no #, e.g.: FF4F4A |
| navHiddenBackButtonFrameBlock | When isNavHidden=YES, you can set the frame of the back button |
| navBindTitle | Bind navigation bar title |
| navRegistTitle | Register navigation bar title |
| navBackImage | Navigation bar back image. If isNavHidden=NO, the navigation bar is hidden, then it is simply a back button on the interface. On navigation bar (50x30), without navigation bar (70x40) |
| navRightView | Custom UIView on the right side of the navigation bar, can pass in a UIButton with events |
| tileDescriptionRegistText | First title (title of the quick registration page), NSString |
| tileDescriptionBindText | First title (title of the social login bind phone number page) |
| descriptionBindText | Description field below the title (title of the social login bind phone number page), NSString |
| descriptionRegistText | Description field below the title (title of the registration page) |
| clickToSendSMSButtonText | Send SMS button text |
| clickToSendBorderColor | Send SMS button border color NSString, hexadecimal, no ox, no #, e.g.: FF4F4A |
| clickToSendSMSBackgroundColor | Send SMS button background color, NSString, hexadecimal, no ox, no #, e.g.: FF4F4A |
| clickToSendSMSBackgroundImage | Click to send SMS button background image setting, background image takes priority, if no image is set, use the background color above |
| countDownTextColor | Send SMS countdown text color, NSString, hexadecimal, no ox, no #, e.g.: FF4F4A |
| countDownBtnBackgroundColor | Send SMS countdown background color. NSString, hexadecimal, no ox, no #, e.g.: FF4F4A |
| countDownBtnBackgroundImage | Send SMS countdown background image, background image takes priority, if no image is set, use the background color above |
| confirmButtonRegistText | Register, confirm button text |
| confirmButtonBindText | Bind, confirm button text |
| confirmButtonInactiveTextColor | Confirm button text color when not clickable, NSString, hexadecimal, no ox, no #, e.g.: FF4F4A |
| confirmButtonActiveTextColor | Confirm button text color when clickable, NSString, hexadecimal, no ox, no #, e.g.: FF4F4A |
| confirmButtonOnPressTextColor | Bind, confirm button text color when just pressed, NSString, hexadecimal, no ox, no #, e.g.: FF4F4A |
| confirmButtonInactiveBackgroundColor | Bind, confirm button background color when not clickable, NSString, hexadecimal, no ox, no #, e.g.: FF4F4A |
| confirmButtonactiveBackgroundColor | Bind, confirm button background color when clickable, NSString, hexadecimal, no ox, no #, e.g.: FF4F4A |
Each time it is called, the theme will be overwritten. If no theme is set, the page will use the default style. If only a part of the theme is set, the set part will be saved, and the unset properties will adopt the default color styles.
# Integration Method via API Calls
This chapter introduces how to integrate Alipay login in the form of an API. The client APP needs to build a binding/registration interface.
# Call Sequence Description
- Project configuration.
- Initialize in the AppDelegate.
- Integrate the Alipay SDK.
- Obtain the callback Alipay authorization ticket code.
- Call the IDaaS SDK Alipay login method.
- Navigate to the binding or registration page to complete binding or registration.
# SDK Initialization
Example of the IDaaS SDK initialization method:
Import the header file in the AppDelegate as follows
#import <AuthnCenter_common_2C/BCIDACommonManager.h>
// Initialize in the didFinishLaunchingWithOptions method
[[[[[BCIDACommonManager sharedInstance] initWithDomain:@"https://your-backend-tenant.com"] initWithClientID:@"Backend tenant clientID"] initWithSSLCerVerification:NO] setLogEnabled:YES];
1
2
3
4
5
2
3
4
5
# Alipay Login Method
Example of using the Alipay authorization ticket to log in to the IDaaS SDK:
// Call after obtaining the Alipay authorization login ticket code
[[BCAlipayApiLoginManager sharedInstance] loginAlipayByCode:code andWithCallBack:^(NSString * _Nonnull code, id _Nonnull data) {
}];
1
2
3
4
2
3
4
BCAlipayApiLoginManager:
/**
* Function name: sharedInstance
* @param No input parameters
* @return Returns the singleton instance of the object
*/
+ (instancetype )sharedInstance ;
/**
* Function name: loginAlipayByCode
* @param code: Alipay authorization login ticket, obtained from the Alipay App scheme callback.
* @return BCAlipayAPILoginCallBackHandler callback function NSString* code ,id data.
*/
-(void) loginAlipayByCode:(NSString*)code andWithCallBack: (BCAlipayAPILoginCallBackHandler)callBack;
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Summary of the BCAlipayAPILoginCallBackHandler callback function:
Success Example 1 (Successfully matches user and returns session_token):
code=0
data=
{
"session_token": "btsiBjx85prcZu6I6Ki057Tmw3nSF2VO",
"id_token": content,
"expire": 432000, // NSNumber type
"status": "SUCCESS"
}
Success Example 2 (Returns automatic registration and binding flow, please refer to section 3.5.3.4):
code=101
data=
{
"state_token": "ey0zMDzKMMZtPBv2VPS8",
"data": "{\"socialBindOrRegisterFlow\":[\"VERIFY_PHONE\",\"VERIFY_EMAIL\"]}",
"status": "USER_REGISTER"
}
Success Example 3 (Returns binding flow, please refer to section 3.5.3.3):
code=101
data=
{
"state_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ7XCJzb2NpYWxVaWRcIjpcIm8zRHVFNVNySXVodTlIZHFucHd0c3Y5a2dkSFFcIixcInN0YXR1c1wiOlwiVVNFUl9SRUdJU1RFUlwifSIsImV4cCI6MTY0NjcwNTcwNCwiaWF0IjoxNjQ2NzAzOTA0LCJqdGkiOiIxNjQ2NzAzOTA0NTEwMCJ9.tLEpS-9jrXwiJI3GlZw4RGg_z0zMDzKMMZtPBv2VPS8",
"data": "{\"socialBindOrRegisterFlow\":[\"VERIFY_PHONE\",\"VERIFY_EMAIL\"]}",
"status": " SOCIAL_BIND"
}
Error Example:
code=1
data=
{
"error_code": "IDAAS.SDK.COMMON.1001",
"error_msg": "Parameter X-client-id cannot be left blank."
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
# Binding or Registration Flow Methods {/binding-or-registration-flow-methods/}
Mobile Number Regular Expression Validation for Obtaining International Area Code {/mobile-number-regular-expression-validation-for-obtaining-international-area-code/}
If international number support is enabled, you must first call the international area code acquisition interface. The international area code acquisition interface returns a configured list of international area codes, along with regular expressions for phone numbers. The following image shows how to configure the international area code list.
Example code for obtaining the international area code list:
#import <AuthnCenter_common_2C/BCIDAInternationalPhoneCodeManager.h>
[BCIDAInternationalPhoneCodeManager getInternaltionalAreaCodeWithCompletionHandler:^(NSString * _Nonnull code, id _Nonnull data) {
__strong __typeof(weakSelf)strongSelf = weakSelf;
dispatch_async(dispatch_get_main_queue(), ^{
NSDictionary* dic=(NSDictionary*)data;
//Check if the phone number matches the regular expression
BOOL flag= [strongSelf parseDictionary:dic andWithMoile:mobile];
});
}];
1
2
3
4
5
6
7
8
9
10
11
12
2
3
4
5
6
7
8
9
10
11
12
Main class method introduction:
/**
* Function name: getInternaltionalAreaCodeWithCompletionHandler
* @brief: Method to obtain international area codes
* @param
*@param
* @param BCSMSGetInternationalAreaCodeHandlerBlock () Result callback function code=0, data returns NSDictionary result
**/
+(void)getInternaltionalAreaCodeWithCompletionHandler:(BCSMSGetInternationalAreaCodeHandlerBlock)resultHander;
1
2
3
4
5
6
7
8
2
3
4
5
6
7
8
Success example code=0, data value:
{
"phoneAreaCodeDefinitions": [
{
"areaCode": "86",
"displayMapping": {
"zh-TW": "中國大陸",
"en": "China",
"zh-CN": "中国大陆"
},
"countryCode": "CN",
"mobileRegex": "^(\\+86){0,1}\\-?1\\d{10}$",
"areaCodeSuffixes": []
},
{
"areaCode": "852",
"displayMapping": {
"zh-TW": "中國香港",
"en": "Hong Kong",
"zh-CN": "中国香港"
},
"countryCode": "HK",
"mobileRegex": "^(\\+852){1}\\-?0{0,1}[1,4,5,6,7,8,9](?:\\d{7}|\\d{8}|\\d{12})$",
"areaCodeSuffixes": []
},
{
"areaCode": "886",
"displayMapping": {
"zh-TW": "中國臺灣",
"en": "Taiwan",
"zh-CN": "中国台湾"
},
"countryCode": "TW",
"mobileRegex": "^(\\+886){1}\\-?[6,7,9](?:\\d{7}|\\d{8})$",
"areaCodeSuffixes": []
},
{
"areaCode": "853",
"displayMapping": {
"zh-TW": "中國澳門",
"en": "Macau",
"zh-CN": "中国澳门"
},
"countryCode": "MO",
"mobileRegex": "^(\\+853){1}\\-?0{0,1}[1,4,5,6,7,8,9](?:\\d{7}|\\d{8}|\\d{12})$",
"areaCodeSuffixes": []
},
{
"areaCode": "93",
"displayMapping": {
"zh-TW": "阿富汗",
"en": "Afghanistan",
"zh-CN": "阿富汗"
},
"countryCode": "AF",
"mobileRegex": "^(\\+93){1}\\-\\d{6,11}",
"areaCodeSuffixes": []
}
],
"preferredAreaCode": "CN"
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Return Parameters:
| Parameter Name | Chinese Name | Type | Description |
|---|---|---|---|
| preferredAreaCode | Preferred International Area Code | String | The preferred international area code configured for the current enterprise center. |
| countryCode | Country/Region Code | String | Country/Region Code |
| areaCode | International Telephone Area Code | String | International Telephone Area Code |
| areaCodeSuffixes | International Telephone Area Code Suffix | String | International Telephone Area Code Suffix |
| mobileRegex | Mobile Number Format Regex | String | Mobile Number Format Regex |
| displayMapping | Multi-language Display Name Mapping | String | Multi-language Display Name Mapping |
Slider Verification
Please perform mobile number format validation before calling this method.
Click (trigger) the send verification code event, and the App client calls the IDaaS SDK's slider verification method. Example as follows:
//Import header
#import <AuthnCenter_Alipay_2C/BCAlipaySlideVerifyCodeManager.h>
//Click (trigger) the send verification code event
[BCAlipaySlideVerifyCodeManager startSlidingVerifyCodePageWithMobileNumber:mobile andWithResultHandler:^(NSString * _Nonnull code, id _Nonnull data) {
dispatch_async(dispatch_get_main_queue(), ^{
NSLog(@"Slider verification result==%@==%@",code,data);
});
}];
1
2
3
4
5
6
7
8
9
10
2
3
4
5
6
7
8
9
10
Introduction to BCAlipaySlideVerifyCodeManager Object Methods:
/**
* Function name: startSlidingVerifyCodePageWithMobileNumber
* @brief: Click to launch the slide verification
* @param mobile phone number: Can be with area code "+86-13800000000" or without area code "13800000000".
* @param complete: Asynchronous result callback:
1. When slide verification is successful, returns code=0 data=slide token
2. code=other indicates slide verification failure (refer to error codes)
3. code=105, data="User closed" indicates the close button of the slide verification box was clicked
**/
+(void)startSlidingVerifyCodePageWithMobileNumber:(NSString*)mobile andWithResultHandler:(BCAlipaySlideCodeHandlerBlock)resultHandler;
1
2
3
4
5
6
7
8
9
10
11
2
3
4
5
6
7
8
9
10
11
When slide verification code=0 is successful, SMS sending code example:
alipaySlideSMSSendType type;
if([_status isEqualToString:@"USER_REGISTER"]){
type=alipaySlideSMSRegist;
}else if([_status isEqualToString:@"SOCIAL_BIND"]){
type=alipaySlideSMSBind;
}
[BCAlipaySlideVerifyCodeManager sendSMSWithSlideResultWithToken:token andMobile:mobile andWithType:type andWithCallBack:^(NSString * _Nonnull code, id _Nonnull data) {
if ([code isEqualToString:@"0"]) {
NSLog(@"SMS sent successfully--code=%@ data=%@",code,data);
}else{
NSLog(@"SMS sending failed--code=%@ data=%@",code,data);
}
}];
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Introduction to the sendSMS method of the BCAlipaySlideVerifyCodeManager object:
/**
* Function name: sendSMSWithSlideResultWithToken
* @brief: Call this method to send SMS,
* @param token The token obtained after the previous slide verification method succeeded
* @param mobile phone number
* @param mobile (alipaySlideSMSSendType enumeration) type, obtained from the Alipay login method's status field,
status= SOCIAL_BIND is for binding, here the input parameter type=alipaySlideSMSBind
status= USER_REGISTER is for registration, here the input parameter type=alipaySlideSMSRegist
* @param complete: Asynchronous result callback, returns code=0 when SMS is sent successfully, code=other indicates SMS sending failure, please refer to IDaaS error codes and the returned data (string error description)
**/
+(void)sendSMSWithSlideResultWithToken:(NSString*)token andMobile:(NSString*)mobile andWithType:(alipaySlideSMSSendType)type andWithCallBack:(BCAlipaySendSMSHandlerBlock)callBack;
1
2
3
4
5
6
7
8
9
10
11
2
3
4
5
6
7
8
9
10
11
Binding Method
Alipay login method returns:
Success example 3 (returns binding flow):
code=101
data=
{
"state_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ7XCJzb2NpYWxVaWRcIjpcIm8zRHVFNVNySXVodTlIZHFucHd0c3Y5a2dkSFFcIixcInN0YXR1c1wiOlwiVVNFUl9SRUdJU1RFUlwifSIsImV4cCI6MTY0NjcwNTcwNCwiaWF0IjoxNjQ2NzAzOTA0LCJqdGkiOiIxNjQ2NzAzOTA0NTEwMCJ9.tLEpS-9jrXwiJI3GlZw4RGg_z0zMDzKMMZtPBv2VPS8",
"data": "{\"socialBindOrRegisterFlow\":[\"VERIFY_PHONE\",\"VERIFY_EMAIL\"]}",
"status": " SOCIAL_BIND"
}
1
2
3
4
5
6
7
8
2
3
4
5
6
7
8
The user receives the SMS verification code, enters it into the verification code field, and clicks the bind button (or triggers the event). The APP client calls the bind method as follows:
[[BCAlipayBindOrRegistManager sharedInstance] alipayBindWithMobile:mobile andWithVerifyCode:verifyCode andWithStateToken:_state_token andWithCompletionHandler:^(NSString * _Nonnull code, id _Nonnull data){
__strong __typeof(weakSelf)strongSelf = weakSelf;
dispatch_async(dispatch_get_main_queue(), ^{
});
}];
1
2
3
4
5
6
7
8
2
3
4
5
6
7
8
Introduction to the methods of the main class BCAlipayBindOrRegistManager:
/**
* Function name: sharedInstance
* @param No input parameters
* @return Returns the singleton instance of the object
*/
+ (instancetype )sharedInstance ;
/**
* Function name: alipayBindWithMobile
* @brief: Alipay login binding method
* @param mobile Phone number
*@param StateToken The state_token field obtained from the Alipay login method
*@param verifyCode SMS verification code
* @param BCAlipayBindCompleteHandler Login result callback function
**/
-(void)alipayBindWithMobile:(NSString*)mobile andWithVerifyCode:(NSString*)verifyCode andWithStateToken: (NSString*)StateToken andWithCompletionHandler:(BCAlipayBindCompleteHandler)completeHandler;
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
BCAlipayBindCompleteHandler callback function return codes:
| Code | Description |
|---|---|
| code=0 | Login successful, data= { "session_token": "btsiBjx85prcZu6I6Ki057Tmw3nSF2VO", "id_token":content, "expire": 432000,//NSNumber type "status": "SUCCESS" } |
| code=1 | Login failed, data returns a string describing the error |
| code=Error code (please refer to IDaaS return codes) | Login unsuccessful, data returns an error description |
Register and Bind Method
When the Alipay login method returns:
Successful example 2 (returns the automatic registration and binding process):
code=101
data=
{
"state_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ7XCJzb2NpYWxVaWRcIjpcIm8zRHVFNVNySXVodTlIZHFucHd0c3Y5a2dkSFFcIixcInN0YXR1c1wiOlwiVVNFUl9SRUdJU1RFUlwifSIsImV4cCI6MTY0NjcwNTcwNCwiaWF0IjoxNjQ2NzAzOTA0LCJqdGkiOiIxNjQ2NzAzOTA0NTEwMCJ9.tLEpS-9jrXwiJI3GlZw4RGg_z0zMDzKMMZtPBv2VPS8",
"data": "{\"socialBindOrRegisterFlow\":[\"VERIFY_PHONE\",\"VERIFY_EMAIL\"]}",
"status": "USER_REGISTER"
}
1
2
3
4
5
6
7
8
2
3
4
5
6
7
8
After the user receives the SMS verification code, enters it into the verification code box, and clicks the registration button (or triggers the event), the APP client calls the registration and binding method as follows:
[[BCAlipayBindOrRegistManager sharedInstance] alipayRegistWithMobile:mobile andWithVerifyCode:verifyCode andWithStateToken:_state_token andWithCompletionHandler:^(NSString * _Nonnull code, id _Nonnull data) { __strong __typeof(weakSelf)strongSelf = weakSelf;
dispatch_async(dispatch_get_main_queue(), ^{
});
}];
1
2
3
4
5
6
2
3
4
5
6
Introduction to the main class BCAlipayBindOrRegistManager methods:
/**
* Function name: sharedInstance
* @param No input parameters
* @return Returns the singleton instance of the object
*/
+ (instancetype )sharedInstance ;
/**
* Function name: alipayRegistWithMobile
* @brief: Automatic registration and binding method after Alipay login
* @param mobile Phone number
*@param StateToken The state_token field obtained from the Alipay login method
*@param verifyCode SMS verification code
* @param BCAlipayRegistCompleteHandler Login result callback function
**/
-(void)alipayRegistWithMobile:(NSString*)mobile andWithVerifyCode:(NSString*)verifyCode andWithStateToken: (NSString*)StateToken andWithCompletionHandler:(BCAlipayRegistCompleteHandler)completeHandler;
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
BCAlipayRegistCompleteHandler callback function return codes:
| code | Description |
|---|---|
| code=0 | Login successful, data= { "session_token": "btsiBjx85prcZu6I6Ki057Tmw3nSF2VO", "id_token": content, "expire": 432000,//NSNumber type "status": "SUCCESS" } |
| code=1 | Login failed, data returns string describing the error |
| code=Error code (please refer to IDaaS return codes) | Login unsuccessful, data returns error description |
# IDToken Verification and Obtaining User Information
After a successful login, session_token and id_token are returned. The id_token can be used to obtain user information and verify login validity.
Process:
- Verify idToken
- Obtain user information from idtoken (this method can be called directly without verification)
# Verify id_token
Call example:
[[BCIDAIDTokenManager sharedInstance] verifySignWithIdToken:idToken andWithCallBack:^(NSString * _Nonnull code, id _Nonnull data) {
}];
1
2
2
Introduction to the main class BCIDAIDTokenManager:
/**
* Function name: sharedInstance
* @param No parameters
* @return Returns the singleton instance of the object
*/
+ (instancetype )sharedInstance;
/**
* Function name: verifySignWithIdToken
* @brief: Method to verify if the idtoken is within the login validity period and matches the application
* @param idToken returned during login
* @param BCIDAIdTokenVerifyHandlerBlock callback function:
NSString code
id data
**/
-(void)verifySignWithIdToken:(NSString*)idToken andWithCallBack:(BCIDAIdTokenVerifyHandlerBlock)callback;
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Return Values:
| code(NSString) | data | Data type and description of data |
|---|---|---|
| 0 | success | [NSString] Signature verification successful |
| 1 | Error description | [NSString] Input parameter is empty, SDK initialization parameters domain and clientID are not set |
| 106 | Time expired | [NSString] Expired idtoken |
| 107 | clientID mismatch | [NSString] Possibly using the clientID of another application |
| 103 | Signature verification failed | [NSString] Signature verification process failed |
| 102 | Public key retrieval empty | [NSString] Error during signature verification process |
| See error code collection at the end | See error code collection at the end | May also return error codes listed at the end |
# Parsing User Information from idToken
Call Example:
[[BCIDAIDTokenManager sharedInstance] getUserInfoFromIdTokenWithIdToken:idToken andWithCallBack:^(NSString * _Nonnull code, id _Nonnull data) {
}];
1
2
3
2
3
Introduction to the main class BCIDAIDTokenManager:
/**
* Function name: sharedInstance
* @param No input parameters
* @return Returns the singleton instance of the object
*/
+ (instancetype )sharedInstance;
/**
* Function name: getUserInfoFromIdTokenWithIdToken
* @brief: Parse user information from idToken
* @param idToken returned from login
* @param BCIDAIdTokenGetInfoHandlerBlock callback function:
NSString code
id data
**/
-(void)getUserInfoFromIdTokenWithIdToken:(NSString*)idToken andWithCallBack:(BCIDAIdTokenGetInfoHandlerBlock)callback;
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
User Information Parameter Description:
| Parameter Name | Description |
|---|---|
| iss | Token Issuer |
| aud | Token Audience, the app's clientId |
| exp | Token Expiration Time |
| jti | Token ID |
| iat | Token Issuance Time |
| sub | Fixed as subject |
| name | User's Name |
| mobile | User's Mobile Number |
| id | User's ID |
| userName | Username |
| User's Email |
Callback function return value:
Success example:
code=0
data=
{
"id": "20220729174957176-2C7F-A2C54C293",
"exp": 1659407592,
"nbf": 1659407172,
"mobile": "+86-13808603636",
"jti": "7iwCYPo8EYcmLAD18x-CAw",
"iss": "https:\/\/sdk2c.idaas-test-alpha.bccastle.com\/api\/v1\/oauth2",
"userName": "zhangrui1",
"sub": "20220729174957176-2C7F-A2C54C293",
"aud": "S1ScicdIVR1QUbNs8TBz6BYVd2Zt8Adc",
"iat": 1659407292,
"email": "",
"name": "zhangrui1"
}
Failure example
code=102
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# Refresh IDToken
Call example:
[[BCIDAIDTokenRefreshManager sharedInstance] refreshIdTokenWithSessionToken:sessionToken andWithCallBack:^(NSString * _Nonnull code, id _Nonnull data) {
NSString* jsonS=(NSString*)data;
NSDictionary* dict= [self dictionaryWithJsonString:jsonS];//Parse jsonStr to NSDictionary
NSString* idTok= [dict objectForKey:@"id_token"];
NSString* session_tok=[dict objectForKey:@"session_token"];
NSString* expr=[dict objectForKey:@"expire"];
}];
1
2
3
4
5
6
7
2
3
4
5
6
7
Introduction to main class BCIDAIDTokenManager:
/**
* Function name: sharedInstance
* @param No input parameters
* @return Returns the singleton instance of the object
*/
+ (instancetype )sharedInstance;
/**
* Function name: refreshIdTokenWithSessionToken
* @brief: Refresh idToken
* @param sessionToken returned from login
* @param BCIDAIdTokenRefreshIDTokenHandlerBlock callback function:
NSString code
id data
**/
-(void)refreshIdTokenWithSessionToken:(NSString*)sessionToken andWithCallBack:(BCIDAIdTokenRefreshIDTokenHandlerBlock)callBack;
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
Callback function return value:
Success example:
code=0
data=
{
"id_token" : "eyJraWQiOiJhODJkzJjLmlkYWFzLXRllKp6w",
"session_token" : "apcOKuyry7kASh9h6mtf2G2GbettkyiU",
"expire" : 7200
}
Failure example (failed to obtain data)
code=1
1
2
3
4
5
6
7
8
9
10
11
2
3
4
5
6
7
8
9
10
11
# Return Codes
| Status Code | Error Code (error_code) | Error Description (error_msg) | Handling Measures |
|---|---|---|---|
| 400 | IDAAS.SDK.COMMON.1001 | Parameter {0} cannot be left blank | |
| Parameter {0} cannot be empty | |||
| 400 | IDAAS.SDK.COMMON.1002 | The {0} parameter format is incorrect | |
| Parameter {0} format error | |||
| 400 | IDAAS.SDK.COMMON.1003 | Device information is incomplete | |
| Device information incomplete | |||
| 400 | IDAAS.SDK.COMMON.1004 | Signature decryption error | |
| Signature decryption error | |||
| 400 | IDAAS.SDK.COMMON.1005 | The {0} has failed | |
| {0} has expired | |||
| 400 | IDAAS.SDK.COMMON.1006 | The {0} parameter error | |
| {0} parameter error | |||
| 400 | IDAAS.SDK.COMMON.1007 | The {0} parameter type error | |
| {0} parameter type error | |||
| 500 | IDAAS.SDK.COMMON.1008 | The system is busy. Try again later | |
| System busy. Please try again later | |||
| 400 | IDAAS.SDK.COMMON.1009 | Unknown authentication configuration | |
| Unknown authentication configuration | |||
| 400 | IDAAS.SDK.COMMON.1010 | Failed to obtain the enterprise center global configuration | |
| Failed to obtain enterprise center global configuration | |||
| 400 | IDAAS.SDK.COMMON.1011 | Failed to obtain the international area code configuration | |
| Failed to obtain international area code configuration | |||
| 400 | IDAAS.SDK.COMMON.1012 | The x-client-ID is incorrect and the corresponding application cannot be found | |
| X-client-id error, corresponding application not found | |||
| 400 | IDAAS.SDK.COMMON.1013 | The corresponding user is not found | |
| Corresponding user not found | |||
| 400 | IDAAS.SDK.COMMON.1014 | Application private key not found | |
| Application private key not found | |||
| 400 | IDAAS.SDK.LOGIN.1001 | Error calling interface {0} | |
| Error calling interface {0} | |||
| 400 | IDAAS.SDK.LOGIN.1002 | User not bound | |
| User not bound | |||
| 400 | IDAAS.SDK.LOGIN.1003 | The user has been locked due to too many unsuccessful login attempts. It will be unlocked in {0} minutes and {1} seconds | |
| The user has been locked due to too many failed login attempts. It will be unlocked in {0} minutes and {1} seconds | |||
| 400 | IDAAS.SDK.LOGIN.1004 | Failed to obtain the password policy | |
| Failed to obtain password policy | |||
| 400 | IDAAS.SDK.LOGIN.1005 | Invalid username or password. Remaining login attempts: {0} | |
| Invalid username or password. Remaining login attempts: {0} | |||
| 400 | IDAAS.SDK.LOGIN.1006 | Configuration error, unable to find wechat authentication source | |
| Configuration error, unable to find Alipay authentication source | |||
| 400 | IDAAS.SDK.LOGIN.1007 | Configuration error, unable to find alipay authentication source | |
| Configuration error, unable to find Alipay authentication source | |||
| 400 | IDAAS.SDK.LOGIN.1008 | The configuration is incorrect. The one-click login authentication source cannot be found | |
| Configuration error, one-click login authentication source not found | |||
| 400 | IDAAS.SDK.SMS.1001 | {0} slide base map is not initialized successfully, please check the path | |
| {0} slide base map initialization failed, please check the path | |||
| 400 | IDAAS.SDK.SMS.1002 | {0} verification code coordinate resolution failed | |
| {0} verification code coordinate resolution failed | |||
| 400 | IDAAS.SDK.SMS.1003 | {0} verification code coordinate verification fails | |
| {0} verification code coordinate verification failed | |||
| 400 | IDAAS.SDK.SMS.1004 | The graphic verification code is incorrect | |
| Graphic verification code verification error | |||
| 400 | IDAAS.SDK.SMS.1005 | SMS verification code verification is incorrect | |
| SMS verification code verification error | |||
| 400 | IDAAS.SDK.SMS.1006 | The email verification code is incorrect | |
| Email verification code verification error | |||
| 400 | IDAAS.SDK.SMS.1007 | Sending scenario does not exist | |
| Sending scenario does not exist | |||
| 400 | IDAAS.SDK.SMS.1008 | Failed to send the verification code | |
| Failed to send verification code | |||
| 400 | IDAAS.SDK.SOCIAL.1001 | The social account is unbound incorrectly | |
| Social account unbinding error | |||
| 400 | IDAAS.SDK.SOCIAL.1002 | The social account has been bound, please unbind it first | |
| Social account already bound, please unbind first | |||
| 400 | IDAAS.SDK.PWD.1001 | The password length is incorrect | |
| Password length error | |||
| 400 | IDAAS.SDK.PWD.1002 | The password cannot be the username | |
| Password cannot be the username | |||
| 400 | IDAAS.SDK.PWD.1003 | Your password complexity is low | |
| Your password complexity is too low | |||
| 400 | IDAAS.SDK.PWD.1004 | The password is weak | |
| Password is weak | |||
| 400 | IDAAS.SDK.PWD.1005 | The password is used before, cannot be used again | |
| This password has been used before and cannot be used again | |||
| 400 | IDAAS.SDK.PWD.1006 | Password cannot username in reverse order | |
| Password cannot be the reverse of the username | |||
| 400 | IDAAS.SDK.PWD.1007 | The number of repeated password characters exceeded the upper limit | |
| Number of repeated password characters exceeds limit | |||
| 400 | IDAAS.SDK.PWD.1008 | Password cannot contain :username, phone number, email prefix, name in PinYing | |
| Password cannot contain: username, phone number, email prefix, name in Pinyin | |||
| 400 | IDAAS.SDK.MFA.1001 | The mobile doesn't match the user | |
| Mobile number does not match the user | |||
| 400 | IDAAS.SDK.MFA.1002 | The access control policy is incorrect | |
| Access control policy configuration error | |||
| 400 | IDAAS.SDK.MFA.1003 | Access control authentication source type conversion error | |
| Access control authentication source type conversion error |
I am ready to receive the Markdown content for translation. Please paste it.