SFUserAccountManager Class Reference
Inherits from | NSObject |
---|---|
Declared in | SFUserAccountManager.h |
Overview
Class used to manage the accounts functions used across the app. It supports multiple accounts and their associated credentials.
Other Methods
authCancelledByUserHandlerBlock
Completion block for when auth is cancelled.
@property (nonatomic, readwrite, copy, nullable) void ( ^ ) ( void ) authCancelledByUserHandlerBlock
Declared In
SFUserAccountManager.h
)
The current user account. This property may be nil if the user has never logged in.
@property (nonatomic, strong, nullable) SFUserAccount *NS_SWIFT_NAME ( currentUserAccount )
Declared In
SFUserAccountManager.h
currentUserAnonymous
Returns YES if the current user is anonymous, no otherwise
@property (nonatomic, readonly, getter=isCurrentUserAnonymous) BOOL currentUserAnonymous
Declared In
SFUserAccountManager.h
logoutSettingEnabled
Returns YES if the logout is requested by the app settings.
@property (nonatomic, readonly, getter=isLogoutSettingEnabled) BOOL logoutSettingEnabled
Declared In
SFUserAccountManager.h
additionalOAuthParameterKeys
An array of additional keys (NSString) to parse during OAuth
@property (nonatomic, strong) NSArray<NSString*> *additionalOAuthParameterKeys
Declared In
SFUserAccountManager.h
loginHost
The host that will be used for login.
@property (nonatomic, strong) NSString *loginHost
Declared In
SFUserAccountManager.h
brandLoginPath
The Branded Login path configured for this application.
@property (nonatomic, nullable, copy) NSString *brandLoginPath
Declared In
SFUserAccountManager.h
scopes
The OAuth scopes associated with the app.
@property (nonatomic, copy) NSSet<NSString*> *scopes
Declared In
SFUserAccountManager.h
idpLoginFlowSelectionAction
Use this block to replace the Login flow selection dialog
@property (nonatomic, copy, nullable) SFIDPLoginFlowSelectionBlock idpLoginFlowSelectionAction
Declared In
SFUserAccountManager.h
idpUserSelectionAction
Use this to replace the default User Selection Screen
@property (nonatomic, copy, nullable) SFIDPUserSelectionBlock idpUserSelectionAction
Declared In
SFUserAccountManager.h
navigationPolicyForAction
Use this to add handling for navigation actions like email and custom links on the login screen, return WKNavigationActionPolicyAllow for any other actions to make sure that the login flow isn’t interrupted
@property (nonatomic, copy, nullable) WKNavigationActionPolicy ( ^ ) ( WKWebView *webview , WKNavigationAction *action ) navigationPolicyForAction
Declared In
SFUserAccountManager.h
isIdentityProvider
Use this property to enable an app to become and IdentityProvider for other apps
@property (nonatomic, assign) BOOL isIdentityProvider
Declared In
SFUserAccountManager.h
idpAppURIScheme
Use this property to indicate the url scheme for the Identity Provider app
@property (nonatomic, copy, nullable) NSString *idpAppURIScheme
Declared In
SFUserAccountManager.h
appDisplayName
Use this property to indicate to provide a user-friendly name for your app. This name will be displayed in the user selection view of the identity provider app.
@property (nonatomic, copy) NSString *appDisplayName
Declared In
SFUserAccountManager.h
loginViewControllerConfig
Use this property to indicate to provide LoginViewController customizations for themes,navbar and settigs icon.
@property (nonatomic, strong) SFSDKLoginViewControllerConfig *loginViewControllerConfig
Declared In
SFUserAccountManager.h
shouldFallbackToWebAuthentication
Indicates that that web based authentication should be used instead of native login.
@property (nonatomic, assign) BOOL shouldFallbackToWebAuthentication
Declared In
SFUserAccountManager.h
showAuthWindowWhileLoading
If true, present the auth window while the webview is loading. Otherwise wait to present the auth window until the webview has finished loading
@property (nonatomic, assign) BOOL showAuthWindowWhileLoading
Declared In
SFUserAccountManager.h
– addDelegate:
Adds a delegate to this user account manager.
- (void)addDelegate:(id<SFUserAccountManagerDelegate>)delegate
Parameters
delegate |
The delegate to add. |
---|
Declared In
SFUserAccountManager.h
– removeDelegate:
Removes a delegate from this user account manager.
- (void)removeDelegate:(id<SFUserAccountManagerDelegate>)delegate
Parameters
delegate |
The delegate to remove. |
---|
Declared In
SFUserAccountManager.h
– loadAccounts:
Loads all the accounts.
- (BOOL)loadAccounts:(NSError **)error
Parameters
error |
On output, the error if the return value is NO |
---|
Return Value
YES if the accounts were loaded properly, NO in case of error
Declared In
SFUserAccountManager.h
– allUserAccounts
An NSArray of all the SFUserAccount instances for the app.
- (nullable NSArray<SFUserAccount*> *)allUserAccounts
Declared In
SFUserAccountManager.h
– allUserIdentities
Returns all the user identities sorted by Org ID and User ID.
- (nullable NSArray<SFUserAccountIdentity*> *)allUserIdentities
Declared In
SFUserAccountManager.h
– createUserAccount:
Create an account when necessary using the credentials provided.
- (SFUserAccount *)createUserAccount:(SFOAuthCredentials *)credentials
Parameters
credentials |
The credentials to use. |
---|
Declared In
SFUserAccountManager.h
– createNativeUserAccount:scene:
Create an account when necessary using token endpoint response data. This function is intented for internal use only.
- (void)createNativeUserAccount:(NSData *)data scene:(nullable UIScene *)scene
Parameters
data |
The token endpoint response to use. |
---|---|
scene |
Optional scene to identify Native Login View Controller. |
Declared In
SFUserAccountManager.h
– userAccountForUserIdentity:
Allows you to look up the user account associated with a given user identity.
- (nullable SFUserAccount *)userAccountForUserIdentity:(SFUserAccountIdentity *)userIdentity
Parameters
userIdentity |
The user identity of the user account to be looked up |
---|
Declared In
SFUserAccountManager.h
– accountsForOrgId:
Returns all accounts that have access to a particular org
- (NSArray<SFUserAccount*> *)accountsForOrgId:(NSString *)orgId
Parameters
orgId |
The org to match accounts against |
---|
Return Value
An array of accounts that can access that org
Declared In
SFUserAccountManager.h
– accountsForInstanceURL:
Returns all accounts that match a particular instance URL
- (NSArray<SFUserAccount*> *)accountsForInstanceURL:(NSURL *)instanceURL
Parameters
instanceURL |
The host parameter of a given instance URL |
---|
Return Value
An array of accounts that match that instance URL
Declared In
SFUserAccountManager.h
– userAccountsForDomain:
Returns all accounts that match a domain
- (NSArray<SFUserAccount*> *)userAccountsForDomain:(NSString *)domain
Parameters
domain |
The domain. |
---|
Return Value
An array of accounts that match that instance URL
Declared In
SFUserAccountManager.h
– saveAccountForUser:error:
Adds/Updates a user account
- (BOOL)saveAccountForUser:(SFUserAccount *)userAccount error:(NSError **)error
Parameters
userAccount |
The account to be added |
---|
Declared In
SFUserAccountManager.h
– accountForCredentials:
Lookup a user account
- (nullable SFUserAccount *)accountForCredentials:(SFOAuthCredentials *)credentials
Parameters
credentials |
used to up Account matching the credentials |
---|
Declared In
SFUserAccountManager.h
– deleteAccountForUser:error:
Allows you to remove the given user account.
- (BOOL)deleteAccountForUser:(SFUserAccount *)userAccount error:(NSError **)error
Parameters
userAccount |
The user account to remove. |
---|---|
error |
Output error parameter, populated if there was an error deleting the account (likely from the filesystem operations). |
Return Value
YES if the deletion was successful, NO otherwise. Note: If no persisted account matching the user parameter is found, no action will be taken, and deletion will be reported as successful.
Declared In
SFUserAccountManager.h
– clearAllAccountState
Clear all the accounts state (but do not change anything on the disk).
- (void)clearAllAccountState
Declared In
SFUserAccountManager.h
– setObjectForUserCustomData:forKey:andUser:
Apply custom data to the SFUserAccount that can be accessed outside that user’s sandbox. This data will be persisted between launches and should only be used for non-sensitive information. The NSDictionary should be NSCoder encodeable.
- (void)setObjectForUserCustomData:(NSObject<NSCoding> *)object forKey:(NSString *)key andUser:(SFUserAccount *)userAccount
Parameters
object |
The NScoding enabled object to set |
---|---|
key |
The key to retrieve this data for |
userAccount |
The SFUserAccount to apply this change to. |
Declared In
SFUserAccountManager.h
– switchToNewUserWithCompletion:
Switches to a new user. Sets the current user only if the login succeeds. Completion block is invoked if the login flow completes, or if any errors are encountered during the flow.
- (void)switchToNewUserWithCompletion:(void ( ^ ) ( NSError *_Nullable , SFUserAccount *_Nullable ))completion
Declared In
SFUserAccountManager.h
– switchToUser:
Switches away from the current user, to the given user account.
- (void)switchToUser:(nullable SFUserAccount *)userAccount
Parameters
userAccount |
The user to switch to. |
---|
Declared In
SFUserAccountManager.h
– loginWithCompletion:failure:
Kick off the login process for credentials that’s previously configured.
- (BOOL)loginWithCompletion:(nullable SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(nullable SFUserAccountManagerFailureCallbackBlock)failureBlock
Parameters
completionBlock |
The block of code to execute when the authentication process successfully completes. |
---|---|
failureBlock |
The block of code to execute when the authentication process has a fatal failure. |
Return Value
YES if this call kicks off the authentication process. NO if an authentication process has already started, in which case subsequent requests are queued up to have their completion or failure blocks executed in succession.
Declared In
SFUserAccountManager.h
– refreshCredentials:completion:failure:
Kick off the refresh process for the specified credentials.
- (BOOL)refreshCredentials:(nonnull SFOAuthCredentials *)credentials completion:(nullable SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(nullable SFUserAccountManagerFailureCallbackBlock)failureBlock
Parameters
credentials |
SFOAuthCredentials to be refreshed. |
---|---|
completionBlock |
The block of code to execute when the refresh process successfully completes. |
failureBlock |
The block of code to execute when the refresh process has a fatal failure. |
Return Value
YES if this call kicks off the authentication process. NO if an authentication process has already started, in which case subsequent requests are queued up to have their completion or failure blocks executed in succession.
Declared In
SFUserAccountManager.h
– loginWithJwtToken:completion:failure:
Login using the given JWT token to exchange with the service for credentials.
- (BOOL)loginWithJwtToken:(NSString *)jwtToken completion:(nullable SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(nullable SFUserAccountManagerFailureCallbackBlock)failureBlock
Parameters
jwtToken |
The JWT token (received out of band) to exchange for credentials. |
---|---|
completionBlock |
The block of code to execute when the authentication process successfully completes. |
failureBlock |
The block of code to execute when the authentication process has a fatal failure. |
Return Value
YES if this call kicks off the authentication process. NO if an authentication process has already started, in which case subsequent requests are queued up to have their completion or failure blocks executed in succession.
Declared In
SFUserAccountManager.h
– stopCurrentAuthentication:
Use this method to stop/clear any authentication which is has already been started
- (void)stopCurrentAuthentication:(nullable void ( ^ ) ( BOOL ))completionBlock
Parameters
completionBlock |
The completion block is called with YES if a session was cleared successfully. |
---|
Declared In
SFUserAccountManager.h
– logout
Forces a logout from the current account, redirecting the user to the login process. This throws out the OAuth refresh token.
- (void)logout
Declared In
SFUserAccountManager.h
– logout:
Forces a logout from the current account, redirecting the user to the login process. This throws out the OAuth refresh token.
- (void)logout:(SFLogoutReason)reason
Parameters
reason |
The reason that log out was initiated. |
---|
Declared In
SFUserAccountManager.h
– logoutUser:
Performs a logout on the specified user. Note that if the user is not the current user of the app, the specified user’s authenticated state will be removed, but no other action will otherwise interrupt the current app state.
- (void)logoutUser:(SFUserAccount *)user
Parameters
user |
The user to log out. |
---|
Declared In
SFUserAccountManager.h
– logoutUser:reason:
Performs a logout on the specified user. Note that if the user is not the current user of the app, the specified user’s authenticated state will be removed, but no other action will otherwise interrupt the current app state.
- (void)logoutUser:(SFUserAccount *)user reason:(SFLogoutReason)reason
Parameters
user |
The user to log out. |
---|---|
reason |
The reason that log out was initiated. |
Declared In
SFUserAccountManager.h
– logoutAllUsers
Performs a logout for all users of the app, including the current user.
- (void)logoutAllUsers
Declared In
SFUserAccountManager.h
– handleIDPAuthenticationResponse:options:
Handle an authentication response from the IDP application
- (BOOL)handleIDPAuthenticationResponse:(NSURL *)url options:(nonnull NSDictionary *)options
Parameters
url |
The URL response returned to the app from the IDP application. |
---|---|
options |
Dictionary of name-value pairs received from open URL |
Return Value
YES if this is a valid URL response from IDP authentication that should be handled, NO otherwise.
Declared In
SFUserAccountManager.h
– handleIDPAuthenticationCommand:options:completion:failure:
Handle an authentication request with auth code from the IDP application
- (BOOL)handleIDPAuthenticationCommand:(NSURL *)url options:(nonnull NSDictionary *)options completion:(nullable SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(nullable SFUserAccountManagerFailureCallbackBlock)failureBlock
Parameters
url |
The URL response returned to the app from the IDP application. |
---|---|
options |
Dictionary of name-value pairs received from open URL |
completionBlock |
called on successful login |
failureBlock |
called on failure during login flow |
Return Value
YES if this is a valid URL response from IDP authentication that should be handled, NO otherwise.
Declared In
SFUserAccountManager.h
– kickOffIDPInitiatedLoginFlowForSP:statusUpdate:failure:
Kick off IDP initiated login flow for given SP app
- (void)kickOffIDPInitiatedLoginFlowForSP:(SFSDKSPConfig *)config statusUpdate:(void ( ^ ) ( SFSPLoginStatus ))statusBlock failure:(void ( ^ ) ( SFSPLoginError ))failureBlock
Parameters
config |
Configuration for SP app |
---|---|
statusBlock |
called at different steps throughout the login flow |
failureBlock |
called on error, stops the login flow |
Declared In
SFUserAccountManager.h
URLHandlers Methods
– handleIdpAuthError:
Handle an error situation that occured in the IDP flow.
- (BOOL)handleIdpAuthError:(SFSDKAuthErrorCommand *_Nonnull)command
Parameters
command |
The Error URL request from the idp or SP App. |
---|
Return Value
YES if this is request is handled, NO otherwise.
Declared In
SFUserAccountManager+URLHandlers.h
– handleIdpInitiatedAuth:
Handle an IDP initiated auth flow.
- (BOOL)handleIdpInitiatedAuth:(SFSDKIDPLoginRequestCommand *_Nonnull)command
Parameters
command |
The URL request from the IDP APP. |
---|
Return Value
YES if this is request is handled, NO otherwise.
Declared In
SFUserAccountManager+URLHandlers.h
– handleAuthRequestFromSPApp:
Handle an IDP request initiated from an SP APP.
- (BOOL)handleAuthRequestFromSPApp:(SFSDKSPLoginRequestCommand *_Nonnull)request
Parameters
request |
The request from the SP APP. |
---|
Return Value
YES if this request is handled, NO otherwise.
Declared In
SFUserAccountManager+URLHandlers.h
– handleIdpResponse:sceneId:
Handle an IDP response received from an IDP APP.
- (BOOL)handleIdpResponse:(SFSDKSPLoginResponseCommand *_Nonnull)response sceneId:(nullable NSString *)sceneId
Parameters
response |
The URL response from the IDP APP. |
---|---|
sceneId |
The identifier for the scene that’s handling the response. |
Return Value
YES if this is request is handled, NO otherwise.
Declared In
SFUserAccountManager+URLHandlers.h
– handleIdpRequest:sceneId:completion:failure:
- (BOOL)handleIdpRequest:(SFSDKIDPAuthCodeLoginRequestCommand *_Nonnull)response sceneId:(nullable NSString *)sceneId completion:(nullable SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(nullable SFUserAccountManagerFailureCallbackBlock)failureBlock
Extension Methods
delegates
@property (nonatomic, strong, nonnull) NSHashTable<id<SFUserAccountManagerDelegate> > *delegates
userAccountMap
A map of user accounts by user ID
@property (nonatomic, strong, nullable) NSMutableDictionary *userAccountMap
Declared In
SFUserAccountManager+Internal.h
accountPersister
instance of accountPersister
@property (nonatomic, strong, nullable) id<SFUserAccountPersister> accountPersister
Declared In
SFUserAccountManager+Internal.h
authPreferences
instance of authPreferences
@property (nonatomic, strong, nonnull) SFSDKAuthPreferences *authPreferences
Declared In
SFUserAccountManager+Internal.h
alertView
SFSDKAlertView used to wrap display of SFSDKMessage using an AlertController.
@property (nonatomic, strong, nullable) SFSDKAlertView *alertView
Declared In
SFUserAccountManager+Internal.h
alertDisplayBlock
@property (nonatomic, copy, nonnull) void ( ^ ) ( SFSDKAlertMessage *, SFSDKWindowContainer *) alertDisplayBlock
errorManager
SFSDKAlertView used to wrap display of SFSDKMessage using an AlertController.
@property (nonatomic, strong, nullable) SFSDKAuthErrorManager *errorManager
Declared In
SFUserAccountManager+Internal.h
authSessions
@property (nonatomic, strong, nonnull) SFSDKSafeMutableDictionary<NSString*SFSDKAuthSession*> *authSessions
useBrowserAuth
Indicates if the app is configured to require browser based authentication.
@property (nonatomic, assign) BOOL useBrowserAuth
Declared In
SFUserAccountManager+Internal.h
authViewHandler
Set this block to handle presentation of the Authentication View Controller.
@property (nonatomic, strong) SFSDKAuthViewHandler *authViewHandler
Declared In
SFUserAccountManager+Internal.h
nativeLoginEnabled
Indicates if the app is configured for native login authentication.
@property (nonatomic, assign) BOOL nativeLoginEnabled
Declared In
SFUserAccountManager+Internal.h
– enumerateDelegates:
Executes the given block for each configured delegate.
- (void)enumerateDelegates:(nullable void ( ^ ) ( id<SFUserAccountManagerDelegate> _Nonnull ))block
Parameters
block |
The block to execute for each delegate. |
---|
Declared In
SFUserAccountManager+Internal.h
– allExistingAccountNames
NSSet enumeration of all account Names
- (nullable NSSet *)allExistingAccountNames
Return Value
NSSet enumeration of all account Names
Declared In
SFUserAccountManager+Internal.h
– uniqueUserAccountIdentifier:
Returns a unique identifier that can be used to create a new Account
- (nonnull NSString *)uniqueUserAccountIdentifier:(nonnull NSString *)clientId
Parameters
clientId |
OAuth Client Id |
---|
Return Value
A unique identifier
Declared In
SFUserAccountManager+Internal.h
– reload
Reload the accounts and reset the state of SFUserAccountManager. Use for tests only
- (void)reload
Declared In
SFUserAccountManager+Internal.h
– orgHasLoggedInUsers:
Check if user accounts exist for a given org.
- (BOOL)orgHasLoggedInUsers:(nonnull NSString *)orgId
Parameters
orgId |
for org |
---|
Return Value
YES if accounts exist, otherwise NO.
Declared In
SFUserAccountManager+Internal.h
– accountPersister
Get the Account Persister being used.
- (nullable id<SFUserAccountPersister>)accountPersister
Return Value
SFUserAccountPersister that is used.
Declared In
SFUserAccountManager+Internal.h
– applyCredentials:
Invoke this method to apply the specified credentials to the a user whose credentials match. If no user exists, a new one is created. Fire notifications. This will post user update notification.
- (SFUserAccount *)applyCredentials:(SFOAuthCredentials *)credentials
Parameters
credentials |
The credentials to apply |
---|
Declared In
SFUserAccountManager+Internal.h
– applyCredentials:withIdData:
Invoke this method to apply the specified credentials to the a user whose credentials match. If no user exists, a new one is created. Fire notifications. This will post user update notification.
- (SFUserAccount *)applyCredentials:(SFOAuthCredentials *)credentials withIdData:(nullable SFIdentityData *)identityData
Parameters
credentials |
The credentials to apply |
---|---|
identityData |
The identityData to apply |
Declared In
SFUserAccountManager+Internal.h
– encodeUserIdentity:
to use for encoding to String
- (NSString *_Nonnull)encodeUserIdentity:(SFUserAccountIdentity *_Nonnull)userIdentity
Parameters
userIdentity |
to use for encoding to String |
---|
Return Value
NSString userid:orgid
Declared In
SFUserAccountManager+Internal.h
– decodeUserIdentity:
encoded string
- (SFUserAccountIdentity *_Nullable)decodeUserIdentity:(NSString *_Nullable)userIdentityEncoded
Parameters
userIdentityEncoded |
encoded string |
---|
Return Value
SFUserAccountIdentity decoded from string
Declared In
SFUserAccountManager+Internal.h
– handleAdvancedAuthURL:options:
- (BOOL)handleAdvancedAuthURL:(NSURL *)advancedAuthURL options:(nullable NSDictionary *)options
– authenticateUsingIDP:completion:failure:
- (BOOL)authenticateUsingIDP:(SFSDKAuthRequest *)request completion:(SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(SFUserAccountManagerFailureCallbackBlock)failureBlock
– authenticateWithRequest:completion:failure:frontDoorBridgeUrl:codeVerifier:
- (BOOL)authenticateWithRequest:(SFSDKAuthRequest *)request completion:(SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(SFUserAccountManagerFailureCallbackBlock)failureBlock frontDoorBridgeUrl:(nullable NSURL *)frontDoorBridgeUrl codeVerifier:(nullable NSString *)codeVerifier
– loginWithCompletion:failure:scene:
- (BOOL)loginWithCompletion:(nullable SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(nullable SFUserAccountManagerFailureCallbackBlock)failureBlock scene:(nullable UIScene *)scene
– loginWithCompletion:failure:scene:frontDoorBridgeUrl:codeVerifier:
- (BOOL)loginWithCompletion:(nullable SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(nullable SFUserAccountManagerFailureCallbackBlock)failureBlock scene:(UIScene *)scene frontDoorBridgeUrl:(nullable NSURL *)frontDoorBridgeUrl codeVerifier:(nullable NSString *)codeVerifier