CD2H gitForager

auth0/SimpleKeychain

Name: SimpleKeychain

Owner: Auth0

Description: A Keychain helper for iOS to make it very simple to store/obtain values from iOS Keychain

Created: 2014-10-16 21:53:59.0

Updated: 2018-01-15 07:11:49.0

Pushed: 2017-07-14 21:40:24.0

Homepage:

Size: 358

Language: Objective-C

GitHub Committers

User	Most Recent Commit	# Commits

Other Committers

User	Email	Most Recent Commit	# Commits

README

SimpleKeychain

A wrapper to make it really easy to deal with iOS Keychain and store your user's credentials securely.

Key Features

Simple interface to store user's credentials (e.g. JWT) in the Keychain.
Store credentials under an Access Group to enable Keychain Sharing.
Support for iOS 8 Access Control for fine grained access control. (Only for iOS 8+)
TouchID and Keychain integration with iOS 8 new accessibility field kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly. (Only for iOS 8+)

Requirements

At least iOS 7, if you want to use kSecAttrAccessControl with the flag useAccessControl you need to have iOS 8+.

Installation

CocoaPods

SimpleKeychain is available through CocoaPods. To install it, simply add the following line to your Podfile:

"SimpleKeychain"

Or you can add A0SimpleKeychain.h and A0SimpleKeychain.m to your project.

Carthage

In your Cartfile add

ub "auth0/SimpleKeychain"

Before Getting Started

Objective-C

Just import in your source file's header:

ort <SimpleKeychain/SimpleKeychain.h>

Swift

Import Lock module in your swift file:

rt SimpleKeychain

Usage

Save a JWT token or password

ring *jwt = //user's JWT token obtained after login
SimpleKeychain keychain] setString:jwt forKey:@"auth0-user-jwt"];

wift
jwt = //user's JWT token obtained after login
mpleKeychain().setString(jwt, forKey:"auth0-user-jwt")

Obtain a JWT token or password

ring *jwt = [[A0SimpleKeychain keychain] stringForKey:@"auth0-user-jwt"];

wift
jwt = A0SimpleKeychain().string(forKey: "auth0-user-jwt")

Share JWT Token with other apps using iOS Access Group

ring *jwt = //user's JWT token obtained after login
mpleKeychain *keychain = [A0SimpleKeychain keychainWithService:@"Auth0" accessGroup:@"ABCDEFGH.com.mydomain.myaccessgroup"];
chain setString:jwt forKey:@"auth0-user-jwt"];

wift
jwt = //user's JWT token obtained after login
keychain = A0SimpleKeychain(service: "Auth0", accessGroup: "ABCDEFGH.com.mydomain.myaccessgroup")
hain.setString(jwt, forKey:"auth0-user-jwt")

Store and retrieve JWT token using TouchID and Keychain AcessControl attribute (iOS 8 Only).

Let's save the JWT first:

ring *jwt = //user's JWT token obtained after login
mpleKeychain *keychain = [A0SimpleKeychain keychain];
hain.useAccessControl = YES;
hain.defaultAccessiblity = A0SimpleKeychainItemAccessibleWhenPasscodeSetThisDeviceOnly;
chain setString:jwt forKey:@"auth0-user-jwt"];

wift
jwt = //user's JWT token obtained after login
keychain = A0SimpleKeychain()
hain.useAccessControl = true
hain.defaultAccessiblity = .whenPasscodeSetThisDeviceOnly
hain.setString(jwt, forKey:"auth0-user-jwt")

If there is an existent value under the key auth0-user-jwt saved with AccessControl and A0SimpleKeychainItemAccessibleWhenPasscodeSetThisDeviceOnly, iOS will prompt the user to enter their passcode or fingerprint before updating the value.

Then let's obtain the value

ring *message = NSLocalizedString(@"Please enter your passcode/fingerprint to login with awesome App!.", @"Prompt TouchID message");
mpleKeychain *keychain = [A0SimpleKeychain keychain];
ring *jwt = [keychain stringForKey:@"auth0-user-jwt" promptMessage:message];

wift
message = NSLocalizedString("Please enter your passcode/fingerprint to login with awesome App!.", comment: "Prompt TouchID message")
keychain = A0SimpleKeychain()
jwt = keychain.string(forKey: "auth0-user-jwt", promptMessage:message)

Remove a JWT token or password

SimpleKeychain keychain] deleteEntryForKey:@"auth0-user-jwt"];

wift
mpleKeychain().deleteEntry(forKey: "auth0-user-jwt")

Contributing

Just clone the repo, and run pod install from the Example directory and you're ready to contribute!.

Issue Reporting

If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

License

SimpleKeychain is available under the MIT license. See the [LICENSE file](LICENSE file) for more info.

Author

Auth0

What is Auth0?

Auth0 helps you to:

Add authentication with multiple authentication sources, either social like Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, amont others, or enterprise identity systems like Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider.
Add authentication through more traditional username/password databases.
Add support for linking different user accounts with the same user.
Support for generating signed Json Web Tokens to call your APIs and flow the user identity securely.
Analytics of how, when and where users are logging in.
Pull data from other sources and add it to the user profile, through JavaScript rules.

Create a free account in Auth0

Go to Auth0 and click Sign Up.
Use Google, GitHub or Microsoft Account to login.

This work is supported by the National Institutes of Health's National Center for Advancing Translational Sciences, Grant Number U24TR002306. This work is solely the responsibility of the creators and does not necessarily represent the official views of the National Institutes of Health.