Password Login

Documentation Description

This document explains how to integrate the password login functionality into the iOS client.

Process Description

Login Scenarios:

1. Username + Password Login: The user enters their username and password. The IDaaSSDK verifies the username and password and returns a session_token and id_token to the APP client.

2. Phone Number + Password Login: The user enters their phone number and password. The IDaaSSDK verifies the phone number and password and returns a session_token and id_token to the APP client.

3. Email + Password Login: The user enters their email and password. The IDaaSSDK verifies the email and password and returns a session_token and id_token to the APP client.

4. Unified User Password Login Interface: Allows implementing username/phone number/email + password login on a single page, returning a session_token and id_token to the APP client.

Processes serving the login scenario:

1. After clicking the login button, the system indicates the password is about to expire, prompting the user to change it. This can be ignored or the user can be redirected to a password change page.

2. After clicking the login button, the system indicates the password has expired, forcing the user to change it.

3. Forgot password before login, retrieve password via phone number.

Login Process

Integration Process Description

1. Enter username + password / phone number + password / email + password, and click the login button.

2. The APP client calls the login method (4 types).

3. The IDaaS SDK calls the IDaaS server for authentication. The authentication result is divided into four types (success, password about to expire, password expired, failure).

4. In case of success, the IDaaS server returns a session_token and id_token.

5. The IDaaS SDK returns the session_token and id_token to the APP client.

6. If the password is about to expire, the IDaaS server returns the "password about to expire" parameter.

7. The IDaaS SDK returns "password about to expire" to the APP client.

8. The user can choose to skip changing the password or change the password directly.

9. Based on the button clicked by the user, the APP client calls the skip password change method or the change password method.

10. The IDaaS SDK calls the IDaaS server's skip password change interface or the change password interface.

11. If successful, the IDaaS server returns a session_token and id_token; if failed, it returns an error code.

12. The IDaaS SDK returns the success/failure parameters to the APP client.

13. If the password has already expired, the IDaaS server returns the "force password change" parameter to the IDaaS SDK.

14. The IDaaS SDK returns the "force password change" parameter to the client APP.

15. The user is forced to change their password. The APP client calls the change password method.

16. The IDaaS SDK calls the IDaaS server's change password interface.

17. If the password change is successful, the IDaaS server returns a session_token and id_token to the IDaaS SDK / if the password change fails, it returns an error code.

18. If the password change is successful, the IDaaS SDK returns a session_token and id_token to the APP client / if the password change fails, it returns an error code.

19. The client can use the id_token to verify login validity and obtain basic user information.

20. The client can use the session_token to refresh the id_token.

Password Recovery Process

Integration Process Description

1. The user clicks the "Forgot Password" button.

2. The APP client displays the password recovery page, which must be provided by the APP itself.

3. The user enters their phone number and clicks the "Get Verification Code" button.

4. The APP calls the slider verification method.

5. The IDaaS SDK requests the IDaaS server's slider verification interface.

6. The IDaaS server returns slider verification parameters.

7. The IDaaS SDK launches and displays the slider verification window.

8. The user drags the slider to verify.

9. The IDaaS SDK sends the slider verification to the IDaaS server.

10. The IDaaS server returns the slider verification result.

11. The IDaaS SDK returns the slider verification result to the APP client.

12. The APP client uses the slider token to call the IDaaS SDK's method for sending an SMS verification code.

13. The IDaaS SDK calls the IDaaS server's interface for sending verification codes.

14. The IDaaS server returns the result of sending the verification code to the IDaaS SDK.

15. The IDaaS SDK returns the result of sending the verification code to the APP client.

16. The user receives the SMS verification code, enters it, and clicks the "Recover Password" button.

17. The APP client calls the IDaaS SDK's password recovery method using phone number + verification code + new password.

18. The IDaaS SDK calls the IDaaS server's password recovery interface.

19. The IDaaS server returns the password recovery result to the IDaaS SDK.

20. The IDaaS SDK returns the password recovery result to the APP client.

Environment Setup

Obtain clientID

Log in to the IDaaS Enterprise Center platform, click "Resources -> Applications", select the relevant application and click to view it.

Password Policy Settings

This setting configures password expiration time and reminder duration. First, navigate to the password policy module as shown in the path below.

Password expiration can be enabled below:

After enabling, you can set how long the password expires and the number of days for advance notification as shown below.

This setting is for the IDaaS server to detect, after login, how long the currently used password needs to be changed, and to prompt the user to modify it several days in advance. After enabling password expiration check, it will be checked according to the configured parameters each time you log in.

Import Dependencies

No third-party SDK dependencies

Add Main Libraries

AuthnCenter_common_2C.framework
AuthnCenter_PWLogin_2C.framework
AuthnCenter_PWLogin_2C.bundle

Drag the IDaaSSDK into the project and import it as follows:

And import the Pod dependency.

pod 'JWT', '~> 3.0.0-beta.14'

Targets Settings

• The IDaaS password login SDK minimum version is compatible with iOS 10.

• Add the main libraries and dependencies in Framework, Libraries, and Embedded Content, and add -ObjC in Other Linker Flags.

  

• In the menu bar, select TARGETS > Info > Custom iOS Target Properties > App Transport Security Settings > Allow Arbitrary Loads, as shown below.

  

• Configure bitcode, as shown below, set bitcode to NO.

  

Development Integration

Built-in API Introduction

• Integration selects one login method (username password / phone number password / email password / unified username password), requiring forced password change or skipping password change calls (change password method / skip password change).
• Password recovery via phone number can be used. The APP client builds its own password recovery page, requiring three elements: phone number input field, verification code input field, get verification code button, and recover button. Clicking the get verification code button calls IDaaS:
  • SDK slider verification method and calls IDaaS.
  • SDK sends SMS method. After receiving the verification code, click the recover button, and the APP client calls IDaaS.
  • SDK password recovery method.

SDK Initialization

Place the initialization method in the appdelegate's didFinishLaunchingWithOptions method for initialization:

Reference in appdelegate as follows
#import <AuthnCenter_common_2C /BCIDACommonManager.h>

//1. Basic configuration initialization
[[[[[BCIDACommonManager sharedInstance] initWithDomain:@"https://your.server.tenant.com"] initWithClientID:@"Server tenant clientID"] initWithSSLCerVerification:NO] setLogEnabled:YES] ;

Introduction to the basic configuration initialization main class BCIDACommonManager methods:

/**
  * Function name: sharedInstance
   * @param None
   * @return Singleton object instance class
 */
+ (instancetype )sharedInstance ;

/**
  * Function name: initWithDomain
   * @param domain, starts with https:// and ends with .com.
   * @return Instance class
 */
-(BCIDACommonManager)initWithDomain:(NSString)domain

/**
  * Function name: initWithClientID
   * @param client id.
   * @return Instance class
 */
-(BCIDACommonManager)initWithClientID:(NSString)clientID;

/**
  * Function name: setLogEnabled
   * @param Boolean value indicating whether to enable log.
   * @return Instance class
 */
-(void)setLogEnabled:(BOOL)enable;

/**
  * Function name: initWithSSLCerVerification
   * @param Boolean value to set whether SSL certificate verification is enabled.
   * @return Instance class
 */
-(BCIDACommonManager*)initWithSSLCerVerification:(bool)sslCerVerification;

Mobile International Dialing Code Retrieval

If international number support is enabled, you must first call the international dialing code retrieval API. This API returns a configured list of international dialing codes, along with regular expressions for phone numbers. The image below illustrates how to configure the international dialing code list and the preferred code.

The IDaaS SDK provides an API for retrieving international dialing codes:

Example code for retrieving the international dialing code list:

#import <AuthnCenter_common_2C/BCIDAInternationalPhoneCodeManager.h>


[BCIDAInternationalPhoneCodeManager getInternaltionalAreaCodeWithCompletionHandler:^(NSString * _Nonnull code, id  _Nonnull data) {
        __strong __typeof(weakSelf)strongSelf = weakSelf;
        dispatch_async(dispatch_get_main_queue(), ^{
            NSDictionary* dic=(NSDictionary*)data;
        //Check if the phone number matches the regular expression
 BOOL flag=  [strongSelf parseDictionary:dic andWithMoile:mobile];
            
        });
    }];

Main class method introduction:

/**
* Function name: getInternaltionalAreaCodeWithCompletionHandler
* @brief: Method to retrieve international dialing codes
* @param 
*@param 
* @param BCSMSGetInternationalAreaCodeHandlerBlock () Result callback function, code=0, data returns an NSDictionary result
**/
+(void)getInternaltionalAreaCodeWithCompletionHandler:(BCSMSGetInternationalAreaCodeHandlerBlock)resultHander;

Successful example where code=0, data value:

{
	"phoneAreaCodeDefinitions": [
		{
			"areaCode": "86",
			"displayMapping": {
				"zh-TW": "中國大陸",
				"en": "China",
				"zh-CN": "中国大陆"
			},
			"countryCode": "CN",
			"mobileRegex": "^(\\+86){0,1}\\-?1\\d{10}$",
			"areaCodeSuffixes": []
		},
		{
			"areaCode": "852",
			"displayMapping": {
				"zh-TW": "中國香港",
				"en": "Hong Kong",
				"zh-CN": "中国香港"
			},
			"countryCode": "HK",
			"mobileRegex": "^(\\+852){1}\\-?0{0,1}[1,4,5,6,7,8,9](?:\\d{7}|\\d{8}|\\d{12})$",
			"areaCodeSuffixes": []
		},
		{
			"areaCode": "886",
			"displayMapping": {
				"zh-TW": "中國臺灣",
				"en": "Taiwan",
				"zh-CN": "中国台湾"
			},
			"countryCode": "TW",
			"mobileRegex": "^(\\+886){1}\\-?[6,7,9](?:\\d{7}|\\d{8})$",
			"areaCodeSuffixes": []
		},
		{
			"areaCode": "853",
			"displayMapping": {
				"zh-TW": "中國澳門",
				"en": "Macau",
				"zh-CN": "中国澳门"
			},
			"countryCode": "MO",
			"mobileRegex": "^(\\+853){1}\\-?0{0,1}[1,4,5,6,7,8,9](?:\\d{7}|\\d{8}|\\d{12})$",
			"areaCodeSuffixes": []
		},
		{
			"areaCode": "93",
			"displayMapping": {
				"zh-TW": "阿富汗",
				"en": "Afghanistan",
				"zh-CN": "阿富汗"
			},
			"countryCode": "AF",
			"mobileRegex": "^(\\+93){1}\\-\\d{6,11}",
			"areaCodeSuffixes": []
		}
	],
	"preferredAreaCode": "CN"
}

Return parameter format:

Parameter Name	Chinese Name	Type	Description
preferredAreaCode	Preferred International Area Code	String	The preferred international area code configured for the current enterprise center.
countryCode	Country/Region Code	String	Country/Region Code
areaCode	International Telephone Area Code	String	International Telephone Area Code
areaCodeSuffixes	International Telephone Area Code Suffix	String	International Telephone Area Code Suffix
mobileRegex	Mobile Number Format Regular Expression	String	Mobile Number Format Regular Expression
displayMapping	Multi-language Display Name Mapping	String	Multi-language Display Name Mapping

Built-in Slider Verification {/examples/}

This slider verification is required for the two methods used in conjunction with the "Retrieve Password via Mobile Number" and "Mobile Number SMS Verification Code Registration" pages.

1. Please perform mobile number format validation before calling this method.

2. Upon clicking (triggering) the send verification code event, the App client calls the IDaaS SDK's slider verification method, as shown in the example below:

// Import header file
#import <AuthnCenter_PWLogin_2C/BCPWSlideVerifyCodeManager.h>

// Click (trigger) the send verification code event
 [BCPWSlideVerifyCodeManager startSlidingVerifyCodePageWithMobileNumber:mobile andWithResultHandler:^(NSString * _Nonnull code, id  _Nonnull data) {

    // Result processing

    }];

Introduction to BCPWSlideVerifyCodeManager Object Methods:

/**
* Function name: startSlidingVerifyCodePageWithMobileNumber
* @brief: Click to launch the slide verification
* @param mobile phone number: Both formats with area code "+86-13800000000" and without area code "13800000000" are acceptable.
* @param complete: Asynchronous result callback:
1. When slide verification is successful, returns code=0 data=slide token
2. When slide verification fails, returns code=other (refer to error codes)
3. code=105, data="User closed" indicates the close button of the slide verification box was clicked, allowing the APP client to receive the user's action of closing the slider.
**/

+(void)startSlidingVerifyCodePageWithMobileNumber:(NSString*)mobile andWithResultHandler:(BCPWSlideCodeHandlerBlock)resultHandler;

Code example for sending SMS when slide verification code=0 is successful:

// When forgetting password (changing password via mobile number) choose type:
   pwSlideSMSSendType     type= pwSlideSMSForgetPassword;
 // When registering a new user via mobile number choose type:
  pwSlideSMSSendType      type= pwSlideSMSRegist;

[BCPWSlideVerifyCodeManager sendSMSWithSlideResultWithToken:token andMobile:mobile andWithType:type andWithCallBack:^(NSString * _Nonnull code, id  _Nonnull data) {
        if ([code isEqualToString:@"0"]) {
            NSLog(@"SMS sent successfully--code=%@   data=%@",code,data);
        }else{
            NSLog(@"SMS sending failed--code=%@   data=%@",code,data);

        }
        
    }];

Introduction to the BCPWSlideVerifyCodeManager method for sending SMS:

/**
* Function name: sendSMSWithSlideResultWithToken
* @brief: Call this method to send SMS,
* @param token the token obtained after successful slide verification from the previous method
* @param mobile phone number
* @param mobile (pwSlideSMSSendType enum) type
When sending SMS verification code for forgotten password: input parameter type= pwSlideSMSForgetPassword
When sending SMS verification code for registering a new user: input parameter type= pwSlideSMSRegist

* @param complete: Asynchronous result callback, returns code=0 when SMS is sent successfully, code=other indicates SMS sending failure.
**/

+(void)sendSMSWithSlideResultWithToken:(NSString*)token andMobile:(NSString*)mobile andWithType:(pwSlideSMSSendType)type andWithCallBack:(BCPWSendSMSHandlerBlock)callBack;

Username and Password Login

Code example:

// Import the request header
#import <AuthnCenter_PWLogin_2C/BCUserNamePWLoginManager.h>

// Click (trigger) the send verification code event
[[BCUserNamePWLoginManager sharedInstance] loginByUserName:userName andWithPassword:passWord andWithCallBackHandler:^(NSString * _Nonnull code, id  _Nonnull data) {            
 dispatch_async(dispatch_get_main_queue(), ^{
            NSLog(@"Result==%@==%@",code,data);
            
            });
 }];

Introduction to BCUserNamePWLoginManager Object Methods:

/**
  * Function name: sharedInstance
   * @param None
   * @return Singleton object instance class
 */
+ (instancetype )sharedInstance ;

/**
* Function name: loginByUserName
* @brief: Username + password login.
Successful login code=0 data=session_token.
If unsuccessful, returns code=error code, data returns error reason.
*@ param username The username.
*@ param password The password.
*@param BCUserNamePWLoginHandlerBlock: Asynchronous result callback containing two return parameters NSString code, and id type data:
1. code=0 success, data returns session_token and id_token,
2. code=101 indicates a prompt to change the password or the password is about to expire, a jump should be performed
data =【status= PASSWORD_WARN】Password not expired but about to expire
             【status= PASSWORD_EXPIRED】Password expired and must be changed
3. code=1 error data (NSDictionary type) returns "error_code" and "error_msg"
**/

-(void)loginByUserName:(NSString*)username andWithPassword:(NSString*)password andWithCallBackHandler:(BCUserNamePWLoginHandlerBlock)callBack;

Return Parameter List:

Success Example 1 (Successfully matched user returns session_token):
code=0
data=
{
    "session_token": "btsiBjx85prcZu6I6Ki057Tmw3nSF2VO",
    "id_token": content,
    "expire": 432000,
    "status": "SUCCESS"
}
Success Example 2 (Returns password about to expire process):
code=101
data=
{
    "status": "PASSWORD_WARN",
	"state_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ7XCJ1c2VySWRcIjpcIjIwMjIwMjExMTY0NDUwNjk5LTE2M0QtNTVFMEI1RTRCXCIsXCJzdGF0dXNcIjpcIlBBU1NXT1JEX0VYUElSRURcIn0iLCJleHAiOjE2NDQ1NzEzNjAsImlhdCI6MTY0NDU2OTU2MCwianRpIjoiMTY0NDU2OTU2MDIwNDAifQ.WGk9GGQGmKsmo4UmCzKfiC9x1Fj0WBowdO7jEStMvB4",
	"data": "{\"maxLength\":18,\"minLength\":8,\"regEx\":\"^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![a-z0-9]+$)(?![a-z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)[a-zA-Z0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]{1,}$\",\"tip\":\"至少包含数字、大写字母、小写字母和特殊字符中的3种\"}"
}
Success Example 3 (Returns password expired process):
Code=101,
data=
{
    "status": "PASSWORD_EXPIRED",
    "state_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWJqZWN0Ijoie1wic3RhdGVcIjpcIlBBU1NXT1JEX1dBUk5cIixcInVzZXJJZFwiOlwiMjAyMTA3MjYxNzQwNTgxNDUtOTFCQy0xM0UwMTRBQkJcIn0iLCJpZCI6IjIwMjEwNzI2MTc0MDU4MTQ1LTkxQkMtMTNFMDE0QUJCIiwiZXhwIjoxNjI43MTkwLCJpYXQiOjEasd2Mjg4NDY1OTB9.-egHWNfNPIxNnM540_wTYMtFwB4C9ymznEPRiIC4we0",
    "data": "{\"maxLength\":18,\"minLength\":8,\"regEx\":\"^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![a-z0-9]+$)(?![a-z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)[a-zA-Z0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]{1,}$\",\"tip\":\"至少包含数字、大写字母、小写字母和特殊字符中的3种\"}"
}

Error Example
{
    "error_code": "IDAAS.SDK.COMMON.1001",
    "error_msg": "Parameter X-client-id cannot be left blank."
}

Mobile Number and Password Login {/examples/}

Code Example:

// Import header file
#import <AuthnCenter_PWLogin_2C/BCPhonePWLoginManager.h>

// Click (trigger) the login button
[[BCPhonePWLoginManager sharedInstance] loginByPhoneNumber:phoneStr andWithPassword:passWord andWithCallBackHandler:^(NSString * _Nonnull code, id  _Nonnull data) {           

            dispatch_async(dispatch_get_main_queue(), ^{
            NSLog(@"Result==%@==%@",code,data);
            
            });
        }];

Introduction to BCPhonePWLoginManager instance methods:

/**
  * Function name: sharedInstance
   * @param None
   * @return Singleton object instance class
 */
+ (instancetype )sharedInstance ;


/**
* Function name: loginByPhoneNumber
* @brief: Mobile number + password login
*@ param username Username.
*@ param password Password.
*@param BCPhonePWLoginHandlerBlock: Asynchronous result callback containing two return parameters NSString code, and id type data:
1. code=0 success, data returns session_token and id_token,
2. code=101 indicates a prompt that the password needs to be changed or is about to expire, a redirect should be performed
data =【status= PASSWORD_WARN】Password not expired but about to expire
             【status= PASSWORD_EXPIRED】Password has expired and must be changed
3. code=1 error data (NSDictionary type) returns "error_code" and "error_msg"

**/
-(void) loginByPhoneNumber:(NSString*)mobile andWithPassword:(NSString*)password andWithCallBackHandler:(BCPhonePWLoginHandlerBlock)callBack;

Return Parameter List:

Success Example 1 (Successfully matched user returns session_token):
code=0
data=
{
    "session_token": "btsiBjx85prcZu6I6Ki057Tmw3nSF2VO",
    "id_token": content,
    "expire": 432000,
    "status": "SUCCESS"
}
Success Example 2 (Returns password about to expire flow):
code=101
data=
{
    "status": "PASSWORD_WARN",
	"state_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ7XCJ1c2VySWRcIjpcIjIwMjIwMjExMTY0NDUwNjk5LTE2M0QtNTVFMEI1RTRCXCIsXCJzdGF0dXNcIjpcIlBBU1NXT1JEX0VYUElSRURcIn0iLCJleHAiOjE2NDQ1NzEzNjAsImlhdCI6MTY0NDU2OTU2MCwianRpIjoiMTY0NDU2OTU2MDIwNDAifQ.WGk9GGQGmKsmo4UmCzKfiC9x1Fj0WBowdO7jEStMvB4",
	"data": "{\"maxLength\":18,\"minLength\":8,\"regEx\":\"^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![a-z0-9]+$)(?![a-z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)[a-zA-Z0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]{1,}$\",\"tip\":\"至少包含数字、大写字母、小写字母和特殊字符中的3种\"}"
}
Success Example 3 (Returns password expired flow):
Code=101,
data=
{
    "status": "PASSWORD_EXPIRED", 
    "state_token":"eyJhbGciOiJIUzI1NitFwmznEPRiIC4we0",
    "data": "{\"maxLength\":18,\"minLength\":8,\"regEx\":\"^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![a-z0-9]+$)(?![a-z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)[a-zA-Z0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]{1,}$\",\"tip\":\"至少包含数字、大写字母、小写字母和特殊字符中的3种\"}"
}

Error Example
{
    "error_code": "IDAAS.SDK.COMMON.1001",
    "error_msg": "Parameter X-client-id cannot be left blank."
}

Email Password Login

Code Example:

// Import the request header
#import <AuthnCenter_PWLogin_2C/BCEmailPWLoginManager.h>

// Click (trigger) the login button
[[BCEmailPWLoginManager sharedInstance] loginByEmail:emailStr andPassword:passWord andWithCallBackHandler:^(NSString * _Nonnull code, id  _Nonnull data) {          
            dispatch_async(dispatch_get_main_queue(), ^{
            NSLog(@"Result==%@==%@",code,data);
            
            });
        }];

Introduction to BCEmailPWLoginManager Object Methods:

/**
  * Function name: sharedInstance
   * @param None
   * @return Singleton object instance class
 */
+ (instancetype )sharedInstance ;


/**
* Function name: loginByEmail
* @brief: Email + password login. Returns code=error code if unsuccessful, data returns the error reason. Returns code=0 data=session_token on successful password submission.
*@ param email Username.
*@ param password Password.
*@param BCEmailPWLoginHandlerBlock: Asynchronous result callback containing two return parameters NSString code, and id type data:
1.code=0 success, data returns session_token and id_token,
2.code=101 indicates a need to change the password or that the password is about to expire, a redirect should be performed
data =【status= PASSWORD_WARN】Password not expired but about to expire
             【status= PASSWORD_EXPIRED】Password has expired and must be changed
3.code=1 error data (NSDictionary type) returns "error_code" and "error_msg"

**/

-(void)loginByEmail:(NSString*)email andPassword:(NSString*)password andWithCallBackHandler:(BCEmailPWLoginHandlerBlock)callBack;

Return Parameter List:

Success Example 1 (Successfully matched user returns session_token):
code=0
data=
{
    "session_token": "btsiBjx85prcZu6I6Ki057Tmw3nSF2VO",
    "id_token":"xxxxxx",
    "expire": 432000,
    "status": "SUCCESS"
}

Success Example 2 (Returns password about to expire process):
code=101
data=
{
    "status": "PASSWORD_WARN",
	"state_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ7XCJ1c2VySWRcIjpcIjIwMjIwMjExMTY0NDUwNjk5LTE2M0QtNTVFMEI1RTRCXCIsXCJzdGF0dXNcIjpcIlBBU1NXT1JEX0VYUElSRURcIn0iLCJleHAiOjE2NDQ1NzEzNjAsImlhdCI6MTY0NDU2OTU2MCwianRpIjoiMTY0NDU2OTU2MDIwNDAifQ.WGk9GGQGmKsmo4UmCzKfiC9x1Fj0WBowdO7jEStMvB4",
	"data": "{\"maxLength\":18,\"minLength\":8,\"regEx\":\"^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![a-z0-9]+$)(?![a-z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)[a-zA-Z0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]{1,}$\",\"tip\":\"至少包含数字、大写字母、小写字母和特殊字符中的3种\"}"
}

Success Example 3 (Returns password expired process):
Code=101,
data=
{
    "status": "PASSWORD_EXPIRED",
    "state_token":"e_wTYMtFwB4C9ymznEPRiIC4we0",
    "data": "{\"maxLength\":18,\"minLength\":8,\"regEx\":\"^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![a-z0-9]+$)(?![a-z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)[a-zA-Z0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]{1,}$\",\"tip\":\"至少包含数字、大写字母、小写字母和特殊字符中的3种\"}"
}

Error Example
{
    "error_code": "IDAAS.SDK.COMMON.1001",
    "error_msg": "Parameter X-client-id cannot be left blank."
}

Unified Username/Password Login

Code Example:

// Import the request header
#import <AuthnCenter_PWLogin_2C/BCAllInOnePWLoginManager.h>

// Click (trigger) the login button
[[BCAllOnePWLoginManager sharedInstance] loginByAllInOneString:userName andWithPassword:passWord andWithCallBackHandler:^(NSString * _Nonnull code, id  _Nonnull data) {

            dispatch_async(dispatch_get_main_queue(), ^{
            NSLog(@"Result==%@==%@",code,data);

            });
        }];

Introduction to BCAllInOnePWLoginManager Object Methods:

/**
  * Function name: sharedInstance
   * @param None
   * @return Singleton object instance class
 */
+ (instancetype )sharedInstance ;

/**
* Function name: loginByAllInOneString
* @brief: Unified login field + password login. Returns code=error code if unsuccessful, data returns error reason. Returns code=0 data=session_token if password is sent successfully.
*@ param allStr Unified login field.
*@ param password Password.
*@param BCAllInOnePWLoginHandlerBlock: Asynchronous result callback containing two return parameters NSString code, and id type data:
1. code=0 success, data returns session_token and id_token,
2. code=101 indicates password needs to be changed or is about to expire, should proceed to redirect
data =【status= PASSWORD_WARN】Password not expired but about to expire
             【status= PASSWORD_EXPIRED】Password expired and must be changed
3. code=1 error data (NSDictionary type) returns "error_code" and "error_msg"

**/
-(void)loginByAllInOneString:(NSString*)allStr andWithPassword:(NSString*)password andWithCallBackHandler:(BCAllInOnePWLoginHandlerBlock)callBack;

Return Parameter List:

Success Example 1 (Successfully matches user and returns session_token):
code=0
data=
{
    "session_token": "btsiBjx85prcZu6I6Ki057Tmw3nSF2VO",
    "id_token": content,
    "expire": 432000,
    "status": "SUCCESS"
}

Success Example 2 (Returns password about to expire flow):
code=101
data=
{
    "status": "PASSWORD_WARN",
	"state_token": "eyJhFj0WBowdO7jEStMvB4",
	"data": "{\"maxLength\":18,\"minLength\":8,\"regEx\":\"^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![a-z0-9]+$)(?![a-z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)[a-zA-Z0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]{1,}$\",\"tip\":\"At least include 3 types from numbers, uppercase letters, lowercase letters, and special characters\"}"
}
Success Example 3 (Returns password expired flow):
Code=101,
data=
{
    "status": "PASSWORD_EXPIRED",
    "state_token":"eyJhbGciHWNfNPIxNnM540_wTYMtFwB4C9ymznEPRiIC4we0",
    "data": "{\"maxLength\":18,\"minLength\":8,\"regEx\":\"^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![a-z0-9]+$)(?![a-z~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)(?![0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]+$)[a-zA-Z0-9~!#$%&+\\\\-,*:;<=>@_?^、`~\\\\./]{1,}$\",\"tip\":\"At least include 3 types from numbers, uppercase letters, lowercase letters, and special characters\"}"
}

Error Example
{
    "error_code": "IDAAS.SDK.COMMON.1001",
    "error_msg": "Parameter X-client-id cannot be left blank."
}

Skip Password Modification

Code Example:

// Import header
#import <AuthnCenter_PWLogin_2C/BCPWPassWordUpdateManager.h>

// Click (trigger) login button
[[BCPWPassWordUpdateManager sharedInstance] skipPassWordModifyWithStateToken:state_token andWithCallBackHandler:^(NSString * _Nonnull code, id  _Nonnull data) {
        NSString* msg=[NSString stringWithFormat:@"Result after skipping password modification: code=%@-------data=%@",code,data];
          }];

Introduction to BCPWPassWordUpdateManager object methods:

/**
  * Function name: sharedInstance
   * @param None
   * @return Singleton object instance class
 */
+ (instancetype )sharedInstance ;

/**
* Function name: skipPassWordModifyWithStateToken
* @brief: Skip password modification, only used when the login interface returns status: "PASSWORD_WARN" (when login interface code=101)
*@ param state_token The state_token field returned by the login interface (when login interface code=101).
*@param BCSkipPasswordModifyHandlerBlock: Asynchronous result callback
code=0 success, code=other indicates failure
**/
-(void)skipPassWordModifyWithStateToken:(NSString*)state_token andWithCallBackHandler:(BCSkipPasswordModifyHandlerBlock)callBack;

Return Parameters:

Code	Description
code=0 Success	data returns NSDictionary: data=@{@"session_token":sessionToken content,@"id_token":idToken content};
code=Other	data=Failure description

Modify Password

Code Example:

// Import header
#import <AuthnCenter_PWLogin_2C/BCPWPassWordUpdateManager.h>

// Click (trigger) login button
[[BCPWPassWordUpdateManager sharedInstance] modifyPasswordWithStateToken:_state_token andWithNewPassword:nePass andWithOldPassword:oldPass andWithCallBackHandler:^(NSString * _Nonnull code, id  _Nonnull data) {
        NSString* str=[NSString stringWithFormat:@"code=%@-----data=%@",code,data];
        

    }];

Introduction to BCPWPassWordUpdateManager object methods:

/**
  * Function name: sharedInstance
   * @param None
   * @return Singleton object instance class
 */
+ (instancetype )sharedInstance ;

/**
* Function name: modifyPasswordWithStateToken
* @brief: Modify password, only used when the login interface returns status: " PASSWORD_EXPIRED " (when login interface code=101)
*@ param state_token The state_token field returned by the login interface.
*@param newPassword
*@param oldPassword
*@param BCPWModifyPasswordHandlerBlock: Asynchronous result callback
code=0 success, code=other indicates failure
**/

-(void)modifyPasswordWithStateToken:(NSString*)state_token andWithNewPassword:(NSString*)newPassword andWithOldPassword:(NSString*)oldPassword andWithCallBackHandler:(BCPWModifyPasswordHandlerBlock)callBack;

Return Parameters:

Code	Description
code=0 Success	data returns NSDictionary: data=@{@"session_token":sessionToken content,@"id_token":idToken content};
code=Other	data=failure description

Retrieve Password via Phone Number

The App client needs to build its own interface including a phone number input field, a "Get Verification Code" button, a verification code input field, a new password input field, and a submit button. After clicking "Get Verification Code", please call the method for obtaining the verification code via slider verification described in this document.

//Import the request header
#import <AuthnCenter_PWLogin_2C/BCPWForgetPassWordManager.h>

//Click (trigger) the send verification code event
[[BCPWForgetPassWordManager sharedInstance] forgetPasswordChangePassWordByPhone:mobile andVerifyCode:verifyC andWithNewPassword:newPassword andWithCompletionHandler:^(NSString * _Nonnull code, id  _Nonnull data) {
        dispatch_async(dispatch_get_main_queue(), ^{
        NSString* str=[NSString stringWithFormat:@"code=%@------data=%@",code,data];
        });
        
    }];

Introduction to BCPWForgetPassWordManager object methods:

/**
  * Function name: sharedInstance
   * @param None
   * @return Singleton object instance class
 */
+ (instancetype )sharedInstance ;


/**
* Function name: forgetPasswordChangePassWordByPhone
* @brief: Retrieve password via phone number
*@ param mobile phone number: Both with area code "+86-13800000000" or without area code "13800000000" are acceptable.
*@ param verifyCode SMS verification code
*@ param  newPassword new password
*@param complete: BCPWforgetPasswordModifyByPhoneHandlerBlock asynchronous result callback, code=0 password change successful, code=other indicates failure.
**/
-(void)forgetPasswordChangePassWordByPhone:(NSString*)mobile andVerifyCode:(NSString*)verifyCode andWithNewPassword:(NSString*)newPassword andWithCompletionHandler:(BCPWforgetPasswordModifyByPhoneHandlerBlock)callBack;

Return Parameters:

Code	Description
code=0 Success	data=Success
code=Other	data=failure description

Mobile Phone SMS Verification Code Registration {/examples/}

Users build their own interface. The mobile phone number and verification code are required fields. The IDaaS SDK's slider verification can be used to obtain the verification code via two methods for sending SMS. Other personal information parameters are optional. Registration success means login success, returning a session_token and id_token.

Code Example:

// Import header
#import <AuthnCenter_SMSLogin_2C/BCPWRegistByPhoneNumManager.h>

// Click to register
  [[BCPWRegistManager sharedInstance] registUserByPhone:mobile andWithVerifyCode:verifyCode andWithUserName:username andWithName:name andWithEmail:email andWithPassword:password andWithHeadImageURLStr:headIma andWithGender:gender andWithBirthDay:birthDay andWithNickName:nickName andWithAddress:address andWithZipCode:zipCode andWithFirstName:FirstNAme andWithMiddleName:middleName andWithLastName:lastName andWithIndustry:industry andWithExtension:nil andWithCompletionHandler:^(NSString * _Nonnull code, id  _Nonnull data) {
   }];

Introduction to BCPWRegistManager object method:

/**
* Function name: registUserByPhone
* @brief: Register a new user with a mobile phone number
*@ param mobile phone number (required): Both formats with area code "+86-13800000000" or without area code "13800000000" are acceptable.
*@ param verifyCode (required): SMS verification code
*@param complete: BCPWRegistByPhoneHandlerBlock asynchronous result callback, code=0 success data returns session_token and id_token, code=other indicates failure.
**/

-(void)registUserByPhone:(NSString*)mobile andWithVerifyCode:(NSString*)verifyCode andWithUserName:(NSString*)userName andWithName:(NSString*)name andWithEmail:(NSString*)email andWithPassword:(NSString*)password andWithHeadImageURLStr:(NSString*)headImageUrlStr andWithGender:(NSString*)gender andWithBirthDay:(NSString*)birthday andWithNickName:(NSString*)nickName andWithAddress:(NSString*)address andWithZipCode:(NSString*)zipCode andWithFirstName:(NSString*)firstName andWithMiddleName:(NSString*)middleName andWithLastName:(NSString*)lastName andWithIndustry:(NSString*)industry andWithExtension:(NSDictionary*)extendDic andWithCompletionHandler:(BCPWRegistByPhoneHandlerBlock)callBack;

Input Parameter Description:

Parameter Name	Type	Required	Code Example
mobile	NSString	Yes	Both formats with area code "+86-13800000000" or without area code "13800000000" are acceptable
verifyCode	NSString	Yes	Subject to the verification code received via SMS
userName	NSString	No	Username, English letters and numbers
name	NSString	No	Chinese, English, numbers
email	NSString	No	Email
password	NSString	No	Password
headImageUrlStr	NSString	No	Avatar URL address "https://thirdwx.qlogo.cn/mmopen/vi_32/Q0j4TwGTfTIQ8QOTSn3y4cYHLlMC3sv6RCBmeMkxtOog47Zr3v2Afbqc2bmP0WibUIUskX39eJlJ"
gender	NSString	No	Optional values: female: female; male: male; unknow: confidential. This parameter will be validated for format. If it does not match, the callback function will return an error.
birthday	NSString	No	Format: yyyy-MM-dd. This parameter will be validated for format. If it does not match, the callback function will return an error.
nickName	NSString	No	Nickname, Chinese, English, numbers
address	NSString	No	Address
zipCode	NSString	No	Postal code
firstName	NSString	No	First name
middleName	NSString	No	Middle name
lastName	NSString	No	Last name
industry	NSString	No	Industry
extendDic	NSDictionary	No	Pass additional parameters added to the backend in the following format, where 'age' is the parameter name newly configured in the enterprise center. { "age":"18" }

Return Parameters:

Code	Description
code=0 Success	Data returns NSDictionary: data= {"session_token":sessionToken content,"id_token":idToken content};
code=Other	data=Failure description

param Input Parameter Example:

{
  "user_name": "zhangsan",
  "name": "张三",
  "email": "15200000000@qq.com",
  "pwd": "QWE@qwe123",
  "head_img": "https://thirdwx.qlogo.cn/mmopen/vi_32/Q0j4TwGTfTIQ8QOTSn3y4cYHLlMC3sv6RCBmeMkxtOog47Zr3v2Afbqc2bmP0WibUIUskX39eJlJ",
  "attr_gender":"male",
  "attr_birthday": "2022-02-17",
  "attr_nick_name": "张三",
  "mailing_address": "湖北省武汉市",
  "zip_code": "430000",
  "first_name": "zhangsan",
  "middle_name": "zhangsan",
  "last_name": "zhangsan",
  "industry": "事业单位",
  "extension": {
    "age":"18"
  }
}

IDToken Verification and User Information Retrieval

Upon successful login, a session_token and an id_token will be returned. The id_token can be used to retrieve user information and verify the login validity period.

Process:

1. Verify the idToken
2. Retrieve user information from the idtoken (This method can be called directly without verification)

Verify id_token

Call Example:

  [[BCIDAIDTokenManager sharedInstance] verifySignWithIdToken:idToken andWithCallBack:^(NSString * _Nonnull code, id  _Nonnull data) {
          }];

Main Class BCIDAIDTokenManager Introduction:

/**
   * Function Name: sharedInstance
   * @param No input parameters
   * @return Returns the singleton instance of the object
*/
+ (instancetype )sharedInstance;

/**
* Function Name: verifySignWithIdToken
* @brief: Method to verify if the idtoken is within the login validity period and matches the application
* @param idToken returned during login
* @param BCIDAIdTokenVerifyHandlerBlock callback function:
NSString code
id       data
**/
-(void)verifySignWithIdToken:(NSString*)idToken andWithCallBack:(BCIDAIdTokenVerifyHandlerBlock)callback;

Return Values:

code(NSString)	data	data Type and Description
0	success	[NSString] Signature verification successful
1	Error description	[NSString] Input parameter is empty, SDK initialization parameters domain and clientID are not set
106	Time expired	[NSString] Expired idtoken
107	clientID mismatch	[NSString] Possibly used clientID from another application
103	Signature verification failed	[NSString] Signature verification process failed
102	Public key retrieval is empty	[NSString] Error during signature verification process
See error code collection at the end	See error code collection at the end	May also return error codes listed at the end

Parsing User Information from idToken

Call example:

[[BCIDAIDTokenManager sharedInstance] getUserInfoFromIdTokenWithIdToken:idToken andWithCallBack:^(NSString * _Nonnull code, id  _Nonnull data) {
            
}];

Introduction to the main class BCIDAIDTokenManager:

/**
   * Function name: sharedInstance
   * @param No input parameters
   * @return Returns the singleton instance of the object
*/
+ (instancetype )sharedInstance;

/**
* Function name: getUserInfoFromIdTokenWithIdToken
* @brief: Parse user information from idToken
* @param idToken returned from login
* @param BCIDAIdTokenGetInfoHandlerBlock callback function:
NSString code
id       data

**/
-(void)getUserInfoFromIdTokenWithIdToken:(NSString*)idToken andWithCallBack:(BCIDAIdTokenGetInfoHandlerBlock)callback;

User information parameter description:

Parameter Name	Description
iss	Token issuer
aud	Token recipient, the clientId of the application
exp	Token expiration time
jti	Token id
iat	Token issuance time
sub	Fixed as subject
name	User's name
mobile	User's mobile number
id	User's id
userName	Username
email	User's email

Callback Function Return Value:

Success Example:
code=0
data=
{
	"id": "20220729174957176-2C7F-A2C54C293",
	"exp": 1659407592,
	"nbf": 1659407172,
	"mobile": "+86-13808603636",
	"jti": "7iwCYPo8EYcmLAD18x-CAw",
	"iss": "https:\/\/sdk2c.idaas-test-alpha.bccastle.com\/api\/v1\/oauth2",
	"userName": "zhangrui1",
	"sub": "20220729174957176-2C7F-A2C54C293",
	"aud": "S1ScicdIVR1QUbNs8TBz6BYVd2Zt8Adc",
	"iat": 1659407292,
	"email": "",
	"name": "zhangrui1"
}

Failure Example
code=102

Refresh IDToken

Call Example:

[[BCIDAIDTokenRefreshManager sharedInstance] refreshIdTokenWithSessionToken:sessionToken andWithCallBack:^(NSString * _Nonnull code, id  _Nonnull data) {
            NSString* jsonS=(NSString*)data;
         NSDictionary* dict=  [self dictionaryWithJsonString:jsonS];//Parse jsonStr to NSDictionary
          NSString* idTok= [dict objectForKey:@"id_token"];
            NSString* session_tok=[dict objectForKey:@"session_token"];
            NSString* expr=[dict objectForKey:@"expire"];
                  }];

Introduction to Main Class BCIDAIDTokenManager:

/**
   * Function name: sharedInstance
   * @param No input parameters
   * @return Returns the singleton instance of the object
*/
+ (instancetype )sharedInstance;

/**
* Function name: refreshIdTokenWithSessionToken
* @brief: Refresh idToken
* @param sessionToken returned from login
* @param BCIDAIdTokenRefreshIDTokenHandlerBlock callback function:
NSString code
id       data

**/
-(void)refreshIdTokenWithSessionToken:(NSString*)sessionToken andWithCallBack:(BCIDAIdTokenRefreshIDTokenHandlerBlock)callBack;

Callback Function Return Value:

Success Example:
code=0
data=
{
  "id_token" : "eyJraWQiOiJhODJkzJjLmlkYWFzLXRllKp6w",
  "session_token" : "apcOKuyry7kASh9h6mtf2G2GbettkyiU",
  "expire" : 7200
}

Failure Example (Failed to retrieve data)
code=1

Return Codes

Status Code	Error Code (error_code)	Error Description (error_msg)	Handling Measures
400	IDAAS.SDK.COMMON.1001	Parameter {0} cannot be left blank
		Parameter {0} cannot be empty
400	IDAAS.SDK.COMMON.1002	The {0} parameter format is incorrect
		Parameter {0} format error
400	IDAAS.SDK.COMMON.1003	Device information is incomplete
		Device information incomplete
400	IDAAS.SDK.COMMON.1004	Signature decryption error
		Signature decryption error
400	IDAAS.SDK.COMMON.1005	The {0} has failed
		{0} has expired
400	IDAAS.SDK.COMMON.1006	The {0} parameter error
		{0} parameter error
400	IDAAS.SDK.COMMON.1007	The {0} parameter type error
		{0} parameter type error
500	IDAAS.SDK.COMMON.1008	The system is busy. Try again later
		System busy. Please try again later
400	IDAAS.SDK.COMMON.1009	Unknown authentication configuration
		Unknown authentication configuration
400	IDAAS.SDK.COMMON.1010	Failed to obtain the enterprise center global configuration
		Failed to obtain enterprise center global configuration
400	IDAAS.SDK.COMMON.1011	Failed to obtain the international area code configuration
		Failed to obtain international area code configuration
400	IDAAS.SDK.COMMON.1012	The x-client-ID is incorrect and the corresponding application cannot be found
		X-client-id error, corresponding application not found
400	IDAAS.SDK.COMMON.1013	The corresponding user is not found
		Corresponding user not found
400	IDAAS.SDK.COMMON.1014	Application private key not found
		Application private key not found
400	IDAAS.SDK.LOGIN.1001	Error calling interface {0}
		Error calling interface {0}
400	IDAAS.SDK.LOGIN.1002	User not bound
		User not bound
400	IDAAS.SDK.LOGIN.1003	The user has been locked due to too many unsuccessful login attempts. It will be unlocked in {0} minutes and {1} seconds
		User locked due to multiple failed login attempts. Will be unlocked in {0} minutes and {1} seconds
400	IDAAS.SDK.LOGIN.1004	Failed to obtain the password policy
		Failed to obtain password policy
400	IDAAS.SDK.LOGIN.1005	Invalid username or password. Remaining login attempts: {0}
		Invalid username or password. Remaining login attempts: {0}
400	IDAAS.SDK.LOGIN.1006	Configuration error, unable to find wechat authentication source
		Configuration error, unable to find WeChat authentication source
400	IDAAS.SDK.LOGIN.1007	Configuration error, unable to find alipay authentication source
		Configuration error, unable to find Alipay authentication source
400	IDAAS.SDK.LOGIN.1008	The configuration is incorrect. The one-click login authentication source cannot be found
		Configuration error, unable to find one-click login authentication source
400	IDAAS.SDK.SMS.1001	{0} slide base map is not initialized successfully, please check the path
		{0} slide base map not initialized successfully, please check the path
400	IDAAS.SDK.SMS.1002	{0} verification code coordinate resolution failed
		{0} verification code coordinate resolution failed
400	IDAAS.SDK.SMS.1003	{0} verification code coordinate verification fails
		{0} verification code coordinate verification failed
400	IDAAS.SDK.SMS.1004	The graphic verification code is incorrect
		Graphic verification code verification error
400	IDAAS.SDK.SMS.1005	SMS verification code verification is incorrect
		SMS verification code verification error
400	IDAAS.SDK.SMS.1006	The email verification code is incorrect
		Email verification code verification error
400	IDAAS.SDK.SMS.1007	Sending scenario does not exist
		Sending scenario does not exist
400	IDAAS.SDK.SMS.1008	Failed to send the verification code
		Failed to send verification code
400	IDAAS.SDK.SOCIAL.1001	The social account is unbound incorrectly
		Social account unbinding error
400	IDAAS.SDK.SOCIAL.1002	The social account has been bound, please unbind it first
		Social account already bound, please unbind first
400	IDAAS.SDK.PWD.1001	The password length is incorrect
		Password length error
400	IDAAS.SDK.PWD.1002	The password cannot be the username
		Password cannot be the username
400	IDAAS.SDK.PWD.1003	Your password complexity is low
		Your password complexity is low
400	IDAAS.SDK.PWD.1004	The password is weak
		Password is weak
400	IDAAS.SDK.PWD.1005	The password is used before, cannot be used again
		Password has been used before, cannot be used again
400	IDAAS.SDK.PWD.1006	Password cannot username in reverse order
		Password cannot be username in reverse order
400	IDAAS.SDK.PWD.1007	The number of repeated password characters exceeded the upper limit
		Number of repeated password characters exceeds limit
400	IDAAS.SDK.PWD.1008	Password cannot contain :username, phone number, email prefix, name in PinYing
		Password cannot contain: username, phone number, email prefix, name in Pinyin
400	IDAAS.SDK.MFA.1001	The mobile doesn't match the user
		Mobile number does not match the user
400	IDAAS.SDK.MFA.1002	The access control policy is incorrect
		Access control policy configuration error
400	IDAAS.SDK.MFA.1003	Access control authentication source type conversion error
		Access control authentication source type conversion error

Please paste the Markdown content you would like me to translate.