For Solid developers who do not develop using the Apple platform but do have a recent Macbook, Get tokens can be downloaded from the Apple App Store.
This code produces an iOS app and a macOS app. It has two basic functions:
- the app itself displays a read-out of a Solid-OIDC flow using a selection of Solid OIDC Providers
- the code may be useful to developers creating Solid apps using the Apple ecosytem and the Swift programming language
There is further info on the Wiki pages.
Code architecture is based on the VIP (View-Interactor-Presenter) pattern.
-
(V): The main UI view is
ContentViewwhich works withContentInteractorandContentPresenter. -
(I):
ContentInteractoris responsible for interacting with the data model and the network. -
(P):
ContentPresenteris responsible for formatting data it receives fromContentInteractorso that it is ready for presentation byContentView.ContentViewinitialisesContentPresenteras a@StateObjectto ensure there is only one instance.ContentPresenternotifies new content through publishers.
Data we want to track is kept in AuthState in the State folder. There is no persistent storage of data.
ContentInteractor makes network requests and receives responses. Models for these requests and responses are kept as separate files in the Models folder.
The Utilities folder contains the JOSESwift library and other utilities used by the main code.
The specifications relevant to each stage.
- OpenID Connect Discovery
- OpenID Connect Dynamic Client Registration 1.0
- RFC 6749 The OAuth 2.0 Authorization Framework - 2.0 Client registration
- RFC 7591 OAuth 2.0 Dynamic Client Registration Protocol
- RFC 8252 OAuth 2.0 for Native Apps - 8.4 Registration of Native App Clients
- Solid-OIDC 5.3 OIDC Registration
- OpenID Connect Core 1.0 3.1 Authentication using the Authorization Code Flow
- RFC 6749 The OAuth 2.0 Authorization Framework - 4.1. Authorization Code Grant
- RFC 8252 OAuth 2.0 for Native Apps
- RFC 7636 Proof Key for Code Exchange by OAuth Public Clients
- Solid-OIDC (nothing about getting getting authenticated and receiving authorization code)
- OpenID Connect Core 1.0 3.1.3 Token endpoint
- RFC 6749 The OAuth 2.0 Authorization Framework - 4.1.3 Access token request
- RFC 8693 OAuth 2.0 Token exchange
- IETF draft OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)
- Solid-OIDC 6. Token instantiation
"Get tokens" makes use of the JOSESwift library for managing JSON Web Tokens (JWT).
OpenID's AppAuth for iOS was very useful for the iOS implementation of OIDC.
Solid specific specifications as contained in:
"Get tokens" does not store any personal information. The purpose of the app is to display authentication data, including access tokens. Such tokens grant access to protected resources and so users must be careful to not allow unauthorized access to the display or copies of the display.
MIT License
Copyright (c) 2021 Warwick McNaughton
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.