iOS Authenticators

HYPR SDK for iOS

For information on individual authenticator methods, see the appropriate articles in this section.

This header article discusses the generic administrative tasks that apply to individual authenticator methods:

Multi-authenticator Interstitial Screens

HYPR SDK for iOS offers the option to use multiple FIDO Authenticators, which in turn requires some additional screens for both the administrators and users.

The alert view controller is an example of an interstitial screen.

1242

These screens will pop up between each authenticator screen during authentication.

The multi-authenticator interstitial screen is disabled by default. To enable this screen, you'll need to have a class subclass HYPRInterstitialDelegateProtocol, to implement the interstitialViewModel(forUserInfo:) method, and to set the delegate.

Below the keys for the entries in the userInfo parameter are listed with a description for each.

kHYPRInterstitialDelegateProtocolTotalAuthenticatorsReturns the total number of authenticators in this authentication operation.
kHYPRInterstitialDelegateProtocolAuthenticatorIndexThe current authenticator index.
kHYPRInterstitialDelegateProtocolNextAAIDThe authenticator ID (AAID) of the next authenticator.
class ViewController: UIViewController, HYPRInterstitialDelegateProtocol {
	override func viewDidLoad() {
  	super.viewDidLoad()
  	HYPRUserAgent.setInterstitialViewDelegate(self)
  }
  
  func interstitialViewModel(forUserInfo userInfo: [String : Any] = [:]) -> HYPRInterstitialViewModel? {
  	let interstitialViewModel = HYPRInterstitialViewModel()
    if let currentAAID = userInfo[kHYPRInterstitialDelegateProtocolNextAAID] as? String {
    	switch currentAAID {
      case HYPR_UAF_AAID_FACEID:
      	interstitialViewModel.title = "Native Face Authentication"
      case HYPR_UAF_AAID_FINGERPRINT:
      	interstitialViewModel.title = "Native Touch Authentication"
      case HYPR_UAF_AAID_PIN:
      	interstitialViewModel.title = "PIN Authentication"
      case HYPR_UAF_AAID_FACE:
      	interstitialViewModel.title = "Face Authentication"
      case HYPR_UAF_AAID_VOICE:
      	interstitialViewModel.title = "Voice Authentication"
      default:
      	interstitialViewModel.title = "Additional Authentication"
      }
    }
    interstitialViewModel.message = "To fully experience this app, we need you to enroll another authenticator"
    return interstitialViewModel
  }
}

Disable the Authenticator Selection Screen

If you would like to skip the Authenticator Chooser screen during registration and authentication, making it so users don’t have to select the desired method of authentication, you must disable it from the AppDelegate method. If set to enabled it will present the Authenticator Chooser for registration calls.

If the setAAIDPickerViewEnabled method is set to YES/true, you can specify if you want to see Authenticator Chooser during authentication. Enable it by calling for the setAAIDPickerViewEnabledForAuthentication method with the YES/true argument.

Example implementation references follow.

- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
  // AAID picker enabled 
  [HYPRUserAgent setAAIDPickerViewEnabled:NO];
}
internal func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?) -> Bool {
  // AAID picker disabled 
  HYPRUserAgent.setAAIDPickerViewEnabled(false)
}

Enable the Authenticator Selection Screen

  1. In the AppDelegate method, change the arguments for both the setAAIDPickerViewEnabled and setAAIDPickerViewEnabledForAuthentication to YES.
- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
  // AAID picker enabled for registration only
  [HYPRUserAgent setAAIDPickerViewEnabled:YES];
  // AAID picker enabled for authentication
  [HYPRUserAgent setAAIDPickerViewEnabledForAuthentication:YES];

}
internal func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?) -> Bool {
  // AAID picker enabled for registration only
  HYPRUserAgent.setAAIDPickerViewEnabled(true)
  // AAID picker enabled for authentication
  HYPRUserAgent.setAAIDPickerViewEnabled(forAuthentication:false);
}
  1. Set the picker object itself by calling the following method with the UIViewController object, which conforms to the UIViewController (HYPRAuthenticatorPicker) category from the header file UIViewController+HYPRAuthenticatorPicker.h.

πŸ“˜

Note

An error will be returned if UIViewController doesn't conform to this category.

-(NSError* _Nullable)setAAIDPickerViewController:(UIViewController* _Nonnull)viewController;

Here is the category provided by HYPR:

@interface PickerViewAuthenticatorInfo : NSObject

@property (nonatomic, strong) NSString* _Nonnull title;
@property (nonatomic, strong) NSString* _Nonnull authenticatorDescription;
@property (nonatomic, strong) NSString* _Nonnull aaid;
@property (nonatomic, strong) UIImage* _Nullable icon;

@end
/**
 This category implements the interface for getting the authenticators info from the Fido Client for presenting it on the UI and sending back to the Fido Client adapter the user's choice.
 */
@interface UIViewController (HYPRAuthenticatorPicker)

/**
 @property authenticatorInfoArray - The NSArray of NSArrays of PickerViewAuthenticatorInfo objects with authenticators' information: title, authenticatorDescription, AAID and icon.
 */
@property (nonatomic, strong) NSArray<NSArray<PickerViewAuthenticatorInfo*>*>* _Nonnull authenticatorInfoArray;
/**
 Method to be called when user picked one of the presented options
 @param index - index of the picked object in the original authenticatorInfoArray
 */
- (void)pickedItemAtIndex:(NSUInteger)index;
/**
 Method to be called when user cancelled the action
 */
- (void)cancelled;

@end

When you import it to your custom UIViewController class, on the viewDidLoad method, the authenticatorInfoArray will include the array of arrays of PickerViewAuthenticatorInfo objects with the information needed to present to the final customer. According to FIDO specs the application should present the array of options which can include one AAID or multiple AAIDs each.

If the user decides to cancel the choosing process, call the cancelled method.

If the user picks something from the array, call the pickedItemAtIndex method with the index from the original array.

Here is an overview of the information stored in PickerViewAuthenticatorInfo objects:

640