SFUserAccountManager Class Reference

Inherits from NSObject
Declared in SFUserAccountManager.h

Overview

Class used to manage the accounts functions used across the app. It supports multiple accounts and their associated credentials.

Other Methods

  authCancelledByUserHandlerBlock

Completion block for when auth is cancelled.

@property (nonatomic, readwrite, copy, nullable) void ( ^ ) ( void ) authCancelledByUserHandlerBlock

Declared In

SFUserAccountManager.h

  )

The current user account. This property may be nil if the user has never logged in.

@property (nonatomic, strong, nullable) SFUserAccount *NS_SWIFT_NAME ( currentUserAccount )

Declared In

SFUserAccountManager.h

  currentUserAnonymous

Returns YES if the current user is anonymous, no otherwise

@property (nonatomic, readonly, getter=isCurrentUserAnonymous) BOOL currentUserAnonymous

Declared In

SFUserAccountManager.h

  logoutSettingEnabled

Returns YES if the logout is requested by the app settings.

@property (nonatomic, readonly, getter=isLogoutSettingEnabled) BOOL logoutSettingEnabled

Declared In

SFUserAccountManager.h

  additionalOAuthParameterKeys

An array of additional keys (NSString) to parse during OAuth

@property (nonatomic, strong) NSArray<NSString*> *additionalOAuthParameterKeys

Declared In

SFUserAccountManager.h

  loginHost

The host that will be used for login.

@property (nonatomic, strong) NSString *loginHost

Declared In

SFUserAccountManager.h

  brandLoginPath

The Branded Login path configured for this application.

@property (nonatomic, nullable, copy) NSString *brandLoginPath

Declared In

SFUserAccountManager.h

  scopes

The OAuth scopes associated with the app.

@property (nonatomic, copy) NSSet<NSString*> *scopes

Declared In

SFUserAccountManager.h

  authClient

@property (nonatomic, copy, nullable) SFAuthClientFactoryBlock authClient

  idpLoginFlowSelectionAction

Use this block to replace the Login flow selection dialog

@property (nonatomic, copy, nullable) SFIDPLoginFlowSelectionBlock idpLoginFlowSelectionAction

Declared In

SFUserAccountManager.h

  idpUserSelectionAction

Use this to replace the default User Selection Screen

@property (nonatomic, copy, nullable) SFIDPUserSelectionBlock idpUserSelectionAction

Declared In

SFUserAccountManager.h

  navigationPolicyForAction

Use this to add handling for navigation actions like email and custom links on the login screen, return WKNavigationActionPolicyAllow for any other actions to make sure that the login flow isn’t interrupted

@property (nonatomic, copy, nullable) WKNavigationActionPolicy ( ^ ) ( WKWebView *webview , WKNavigationAction *action ) navigationPolicyForAction

Declared In

SFUserAccountManager.h

  isIdentityProvider

Use this property to enable an app to become and IdentityProvider for other apps

@property (nonatomic, assign) BOOL isIdentityProvider

Declared In

SFUserAccountManager.h

  idpAppURIScheme

Use this property to indicate the url scheme for the Identity Provider app

@property (nonatomic, copy, nullable) NSString *idpAppURIScheme

Declared In

SFUserAccountManager.h

  appDisplayName

Use this property to indicate to provide a user-friendly name for your app. This name will be displayed in the user selection view of the identity provider app.

@property (nonatomic, copy) NSString *appDisplayName

Declared In

SFUserAccountManager.h

  loginViewControllerConfig

Use this property to indicate to provide LoginViewController customizations for themes,navbar and settigs icon.

@property (nonatomic, strong) SFSDKLoginViewControllerConfig *loginViewControllerConfig

Declared In

SFUserAccountManager.h

  shouldFallbackToWebAuthentication

Indicates that that web based authentication should be used instead of native login.

@property (nonatomic, assign) BOOL shouldFallbackToWebAuthentication

Declared In

SFUserAccountManager.h

  showAuthWindowWhileLoading

If true, present the auth window while the webview is loading. Otherwise wait to present the auth window until the webview has finished loading

@property (nonatomic, assign) BOOL showAuthWindowWhileLoading

Declared In

SFUserAccountManager.h

– addDelegate:

Adds a delegate to this user account manager.

- (void)addDelegate:(id<SFUserAccountManagerDelegate>)delegate

Parameters

delegate

The delegate to add.

Declared In

SFUserAccountManager.h

– removeDelegate:

Removes a delegate from this user account manager.

- (void)removeDelegate:(id<SFUserAccountManagerDelegate>)delegate

Parameters

delegate

The delegate to remove.

Declared In

SFUserAccountManager.h

– loadAccounts:

Loads all the accounts.

- (BOOL)loadAccounts:(NSError **)error

Parameters

error

On output, the error if the return value is NO

Return Value

YES if the accounts were loaded properly, NO in case of error

Declared In

SFUserAccountManager.h

– allUserAccounts

An NSArray of all the SFUserAccount instances for the app.

- (nullable NSArray<SFUserAccount*> *)allUserAccounts

Declared In

SFUserAccountManager.h

– allUserIdentities

Returns all the user identities sorted by Org ID and User ID.

- (nullable NSArray<SFUserAccountIdentity*> *)allUserIdentities

Declared In

SFUserAccountManager.h

– createUserAccount:

Create an account when necessary using the credentials provided.

- (SFUserAccount *)createUserAccount:(SFOAuthCredentials *)credentials

Parameters

credentials

The credentials to use.

Declared In

SFUserAccountManager.h

– createNativeUserAccount:scene:

Create an account when necessary using token endpoint response data. This function is intented for internal use only.

- (void)createNativeUserAccount:(NSData *)data scene:(nullable UIScene *)scene

Parameters

data

The token endpoint response to use.

scene

Optional scene to identify Native Login View Controller.

Declared In

SFUserAccountManager.h

– userAccountForUserIdentity:

Allows you to look up the user account associated with a given user identity.

- (nullable SFUserAccount *)userAccountForUserIdentity:(SFUserAccountIdentity *)userIdentity

Parameters

userIdentity

The user identity of the user account to be looked up

Declared In

SFUserAccountManager.h

– accountsForOrgId:

Returns all accounts that have access to a particular org

- (NSArray<SFUserAccount*> *)accountsForOrgId:(NSString *)orgId

Parameters

orgId

The org to match accounts against

Return Value

An array of accounts that can access that org

Declared In

SFUserAccountManager.h

– accountsForInstanceURL:

Returns all accounts that match a particular instance URL

- (NSArray<SFUserAccount*> *)accountsForInstanceURL:(NSURL *)instanceURL

Parameters

instanceURL

The host parameter of a given instance URL

Return Value

An array of accounts that match that instance URL

Declared In

SFUserAccountManager.h

– userAccountsForDomain:

Returns all accounts that match a domain

- (NSArray<SFUserAccount*> *)userAccountsForDomain:(NSString *)domain

Parameters

domain

The domain.

Return Value

An array of accounts that match that instance URL

Declared In

SFUserAccountManager.h

– saveAccountForUser:error:

Adds/Updates a user account

- (BOOL)saveAccountForUser:(SFUserAccount *)userAccount error:(NSError **)error

Parameters

userAccount

The account to be added

Declared In

SFUserAccountManager.h

– accountForCredentials:

Lookup a user account

- (nullable SFUserAccount *)accountForCredentials:(SFOAuthCredentials *)credentials

Parameters

credentials

used to up Account matching the credentials

Declared In

SFUserAccountManager.h

– deleteAccountForUser:error:

Allows you to remove the given user account.

- (BOOL)deleteAccountForUser:(SFUserAccount *)userAccount error:(NSError **)error

Parameters

userAccount

The user account to remove.

error

Output error parameter, populated if there was an error deleting the account (likely from the filesystem operations).

Return Value

YES if the deletion was successful, NO otherwise. Note: If no persisted account matching the user parameter is found, no action will be taken, and deletion will be reported as successful.

Declared In

SFUserAccountManager.h

– clearAllAccountState

Clear all the accounts state (but do not change anything on the disk).

- (void)clearAllAccountState

Declared In

SFUserAccountManager.h

– setObjectForUserCustomData:forKey:andUser:

Apply custom data to the SFUserAccount that can be accessed outside that user’s sandbox. This data will be persisted between launches and should only be used for non-sensitive information. The NSDictionary should be NSCoder encodeable.

- (void)setObjectForUserCustomData:(NSObject<NSCoding> *)object forKey:(NSString *)key andUser:(SFUserAccount *)userAccount

Parameters

object

The NScoding enabled object to set

key

The key to retrieve this data for

userAccount

The SFUserAccount to apply this change to.

Declared In

SFUserAccountManager.h

– switchToNewUserWithCompletion:

Switches to a new user. Sets the current user only if the login succeeds. Completion block is invoked if the login flow completes, or if any errors are encountered during the flow.

- (void)switchToNewUserWithCompletion:(void ( ^ ) ( NSError *_Nullable , SFUserAccount *_Nullable ))completion

Declared In

SFUserAccountManager.h

– switchToUser:

Switches away from the current user, to the given user account.

- (void)switchToUser:(nullable SFUserAccount *)userAccount

Parameters

userAccount

The user to switch to.

Declared In

SFUserAccountManager.h

– loginWithCompletion:failure:

Kick off the login process for credentials that’s previously configured.

- (BOOL)loginWithCompletion:(nullable SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(nullable SFUserAccountManagerFailureCallbackBlock)failureBlock

Parameters

completionBlock

The block of code to execute when the authentication process successfully completes.

failureBlock

The block of code to execute when the authentication process has a fatal failure.

Return Value

YES if this call kicks off the authentication process. NO if an authentication process has already started, in which case subsequent requests are queued up to have their completion or failure blocks executed in succession.

Declared In

SFUserAccountManager.h

– refreshCredentials:completion:failure:

Kick off the refresh process for the specified credentials.

- (BOOL)refreshCredentials:(nonnull SFOAuthCredentials *)credentials completion:(nullable SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(nullable SFUserAccountManagerFailureCallbackBlock)failureBlock

Parameters

credentials

SFOAuthCredentials to be refreshed.

completionBlock

The block of code to execute when the refresh process successfully completes.

failureBlock

The block of code to execute when the refresh process has a fatal failure.

Return Value

YES if this call kicks off the authentication process. NO if an authentication process has already started, in which case subsequent requests are queued up to have their completion or failure blocks executed in succession.

Declared In

SFUserAccountManager.h

– loginWithJwtToken:completion:failure:

Login using the given JWT token to exchange with the service for credentials.

- (BOOL)loginWithJwtToken:(NSString *)jwtToken completion:(nullable SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(nullable SFUserAccountManagerFailureCallbackBlock)failureBlock

Parameters

jwtToken

The JWT token (received out of band) to exchange for credentials.

completionBlock

The block of code to execute when the authentication process successfully completes.

failureBlock

The block of code to execute when the authentication process has a fatal failure.

Return Value

YES if this call kicks off the authentication process. NO if an authentication process has already started, in which case subsequent requests are queued up to have their completion or failure blocks executed in succession.

Declared In

SFUserAccountManager.h

– stopCurrentAuthentication:

Use this method to stop/clear any authentication which is has already been started

- (void)stopCurrentAuthentication:(nullable void ( ^ ) ( BOOL ))completionBlock

Parameters

completionBlock

The completion block is called with YES if a session was cleared successfully.

Declared In

SFUserAccountManager.h

– logout

Forces a logout from the current account, redirecting the user to the login process. This throws out the OAuth refresh token.

- (void)logout

Declared In

SFUserAccountManager.h

– logout:

Forces a logout from the current account, redirecting the user to the login process. This throws out the OAuth refresh token.

- (void)logout:(SFLogoutReason)reason

Parameters

reason

The reason that log out was initiated.

Declared In

SFUserAccountManager.h

– logoutUser:

Performs a logout on the specified user. Note that if the user is not the current user of the app, the specified user’s authenticated state will be removed, but no other action will otherwise interrupt the current app state.

- (void)logoutUser:(SFUserAccount *)user

Parameters

user

The user to log out.

Declared In

SFUserAccountManager.h

– logoutUser:reason:

Performs a logout on the specified user. Note that if the user is not the current user of the app, the specified user’s authenticated state will be removed, but no other action will otherwise interrupt the current app state.

- (void)logoutUser:(SFUserAccount *)user reason:(SFLogoutReason)reason

Parameters

user

The user to log out.

reason

The reason that log out was initiated.

Declared In

SFUserAccountManager.h

– logoutAllUsers

Performs a logout for all users of the app, including the current user.

- (void)logoutAllUsers

Declared In

SFUserAccountManager.h

– handleIDPAuthenticationResponse:options:

Handle an authentication response from the IDP application

- (BOOL)handleIDPAuthenticationResponse:(NSURL *)url options:(nonnull NSDictionary *)options

Parameters

url

The URL response returned to the app from the IDP application.

options

Dictionary of name-value pairs received from open URL

Return Value

YES if this is a valid URL response from IDP authentication that should be handled, NO otherwise.

Declared In

SFUserAccountManager.h

– handleIDPAuthenticationCommand:options:completion:failure:

Handle an authentication request with auth code from the IDP application

- (BOOL)handleIDPAuthenticationCommand:(NSURL *)url options:(nonnull NSDictionary *)options completion:(nullable SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(nullable SFUserAccountManagerFailureCallbackBlock)failureBlock

Parameters

url

The URL response returned to the app from the IDP application.

options

Dictionary of name-value pairs received from open URL

completionBlock

called on successful login

failureBlock

called on failure during login flow

Return Value

YES if this is a valid URL response from IDP authentication that should be handled, NO otherwise.

Declared In

SFUserAccountManager.h

– kickOffIDPInitiatedLoginFlowForSP:statusUpdate:failure:

Kick off IDP initiated login flow for given SP app

- (void)kickOffIDPInitiatedLoginFlowForSP:(SFSDKSPConfig *)config statusUpdate:(void ( ^ ) ( SFSPLoginStatus ))statusBlock failure:(void ( ^ ) ( SFSPLoginError ))failureBlock

Parameters

config

Configuration for SP app

statusBlock

called at different steps throughout the login flow

failureBlock

called on error, stops the login flow

Declared In

SFUserAccountManager.h

URLHandlers Methods

– handleIdpAuthError:

Handle an error situation that occured in the IDP flow.

- (BOOL)handleIdpAuthError:(SFSDKAuthErrorCommand *_Nonnull)command

Parameters

command

The Error URL request from the idp or SP App.

Return Value

YES if this is request is handled, NO otherwise.

Declared In

SFUserAccountManager+URLHandlers.h

– handleIdpInitiatedAuth:

Handle an IDP initiated auth flow.

- (BOOL)handleIdpInitiatedAuth:(SFSDKIDPLoginRequestCommand *_Nonnull)command

Parameters

command

The URL request from the IDP APP.

Return Value

YES if this is request is handled, NO otherwise.

Declared In

SFUserAccountManager+URLHandlers.h

– handleAuthRequestFromSPApp:

Handle an IDP request initiated from an SP APP.

- (BOOL)handleAuthRequestFromSPApp:(SFSDKSPLoginRequestCommand *_Nonnull)request

Parameters

request

The request from the SP APP.

Return Value

YES if this request is handled, NO otherwise.

Declared In

SFUserAccountManager+URLHandlers.h

– handleIdpResponse:sceneId:

Handle an IDP response received from an IDP APP.

- (BOOL)handleIdpResponse:(SFSDKSPLoginResponseCommand *_Nonnull)response sceneId:(nullable NSString *)sceneId

Parameters

response

The URL response from the IDP APP.

sceneId

The identifier for the scene that’s handling the response.

Return Value

YES if this is request is handled, NO otherwise.

Declared In

SFUserAccountManager+URLHandlers.h

– handleIdpRequest:sceneId:completion:failure:

- (BOOL)handleIdpRequest:(SFSDKIDPAuthCodeLoginRequestCommand *_Nonnull)response sceneId:(nullable NSString *)sceneId completion:(nullable SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(nullable SFUserAccountManagerFailureCallbackBlock)failureBlock

Extension Methods

  delegates

@property (nonatomic, strong, nonnull) NSHashTable<id<SFUserAccountManagerDelegate> > *delegates

  userAccountMap

A map of user accounts by user ID

@property (nonatomic, strong, nullable) NSMutableDictionary *userAccountMap

Declared In

SFUserAccountManager+Internal.h

  accountPersister

instance of accountPersister

@property (nonatomic, strong, nullable) id<SFUserAccountPersister> accountPersister

Declared In

SFUserAccountManager+Internal.h

  authPreferences

instance of authPreferences

@property (nonatomic, strong, nonnull) SFSDKAuthPreferences *authPreferences

Declared In

SFUserAccountManager+Internal.h

  alertView

SFSDKAlertView used to wrap display of SFSDKMessage using an AlertController.

@property (nonatomic, strong, nullable) SFSDKAlertView *alertView

Declared In

SFUserAccountManager+Internal.h

  alertDisplayBlock

@property (nonatomic, copy, nonnull) void ( ^ ) ( SFSDKAlertMessage *, SFSDKWindowContainer *) alertDisplayBlock

  errorManager

SFSDKAlertView used to wrap display of SFSDKMessage using an AlertController.

@property (nonatomic, strong, nullable) SFSDKAuthErrorManager *errorManager

Declared In

SFUserAccountManager+Internal.h

  authSessions

@property (nonatomic, strong, nonnull) SFSDKSafeMutableDictionary<NSString*SFSDKAuthSession*> *authSessions

  useBrowserAuth

Indicates if the app is configured to require browser based authentication.

@property (nonatomic, assign) BOOL useBrowserAuth

Declared In

SFUserAccountManager+Internal.h

  authViewHandler

Set this block to handle presentation of the Authentication View Controller.

@property (nonatomic, strong) SFSDKAuthViewHandler *authViewHandler

Declared In

SFUserAccountManager+Internal.h

  nativeLoginEnabled

Indicates if the app is configured for native login authentication.

@property (nonatomic, assign) BOOL nativeLoginEnabled

Declared In

SFUserAccountManager+Internal.h

– setCurrentUserInternal:

- (void)setCurrentUserInternal:(SFUserAccount *_Nullable)user

– enumerateDelegates:

Executes the given block for each configured delegate.

- (void)enumerateDelegates:(nullable void ( ^ ) ( id<SFUserAccountManagerDelegate> _Nonnull ))block

Parameters

block

The block to execute for each delegate.

Declared In

SFUserAccountManager+Internal.h

– allExistingAccountNames

NSSet enumeration of all account Names

- (nullable NSSet *)allExistingAccountNames

Return Value

NSSet enumeration of all account Names

Declared In

SFUserAccountManager+Internal.h

– uniqueUserAccountIdentifier:

Returns a unique identifier that can be used to create a new Account

- (nonnull NSString *)uniqueUserAccountIdentifier:(nonnull NSString *)clientId

Parameters

clientId

OAuth Client Id

Return Value

A unique identifier

Declared In

SFUserAccountManager+Internal.h

– reload

Reload the accounts and reset the state of SFUserAccountManager. Use for tests only

- (void)reload

Declared In

SFUserAccountManager+Internal.h

– orgHasLoggedInUsers:

Check if user accounts exist for a given org.

- (BOOL)orgHasLoggedInUsers:(nonnull NSString *)orgId

Parameters

orgId

for org

Return Value

YES if accounts exist, otherwise NO.

Declared In

SFUserAccountManager+Internal.h

– accountPersister

Get the Account Persister being used.

- (nullable id<SFUserAccountPersister>)accountPersister

Return Value

SFUserAccountPersister that is used.

Declared In

SFUserAccountManager+Internal.h

– applyCredentials:

Invoke this method to apply the specified credentials to the a user whose credentials match. If no user exists, a new one is created. Fire notifications. This will post user update notification.

- (SFUserAccount *)applyCredentials:(SFOAuthCredentials *)credentials

Parameters

credentials

The credentials to apply

Declared In

SFUserAccountManager+Internal.h

– applyCredentials:withIdData:

Invoke this method to apply the specified credentials to the a user whose credentials match. If no user exists, a new one is created. Fire notifications. This will post user update notification.

- (SFUserAccount *)applyCredentials:(SFOAuthCredentials *)credentials withIdData:(nullable SFIdentityData *)identityData

Parameters

credentials

The credentials to apply

identityData

The identityData to apply

Declared In

SFUserAccountManager+Internal.h

– encodeUserIdentity:

to use for encoding to String

- (NSString *_Nonnull)encodeUserIdentity:(SFUserAccountIdentity *_Nonnull)userIdentity

Parameters

userIdentity

to use for encoding to String

Return Value

NSString userid:orgid

Declared In

SFUserAccountManager+Internal.h

– decodeUserIdentity:

encoded string

- (SFUserAccountIdentity *_Nullable)decodeUserIdentity:(NSString *_Nullable)userIdentityEncoded

Parameters

userIdentityEncoded

encoded string

Return Value

SFUserAccountIdentity decoded from string

Declared In

SFUserAccountManager+Internal.h

– handleAdvancedAuthURL:options:

- (BOOL)handleAdvancedAuthURL:(NSURL *)advancedAuthURL options:(nullable NSDictionary *)options

– authenticateUsingIDP:completion:failure:

- (BOOL)authenticateUsingIDP:(SFSDKAuthRequest *)request completion:(SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(SFUserAccountManagerFailureCallbackBlock)failureBlock

– authenticateWithRequest:completion:failure:frontDoorBridgeUrl:codeVerifier:

- (BOOL)authenticateWithRequest:(SFSDKAuthRequest *)request completion:(SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(SFUserAccountManagerFailureCallbackBlock)failureBlock frontDoorBridgeUrl:(nullable NSURL *)frontDoorBridgeUrl codeVerifier:(nullable NSString *)codeVerifier

– defaultAuthRequest

- (SFSDKAuthRequest *)defaultAuthRequest

– loginWithCompletion:failure:scene:

- (BOOL)loginWithCompletion:(nullable SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(nullable SFUserAccountManagerFailureCallbackBlock)failureBlock scene:(nullable UIScene *)scene

– loginWithCompletion:failure:scene:frontDoorBridgeUrl:codeVerifier:

- (BOOL)loginWithCompletion:(nullable SFUserAccountManagerSuccessCallbackBlock)completionBlock failure:(nullable SFUserAccountManagerFailureCallbackBlock)failureBlock scene:(UIScene *)scene frontDoorBridgeUrl:(nullable NSURL *)frontDoorBridgeUrl codeVerifier:(nullable NSString *)codeVerifier