Created
March 3, 2017 17:48
-
-
Save lukaspili/40de30c7140329ff659e5d60ef70bba3 to your computer and use it in GitHub Desktop.
Login avec ADFS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// CONFIGURATION | |
let authorityUrl = "https://sts.ophtalmic.fr/adfs" | |
let redirectUri = "http://anarbitraryreturnuri" | |
let resourceUri = "http://myadfsblister/webapi" | |
let clientId = "E1CF1107-FF90-4228-93BF-26052DD2C714" | |
// STEP 1: AUTHENTIFICATION | |
let authContext = ADAuthenticationContext(authority: authorityUrl, validateAuthority: false, error: nil) | |
authContext?.acquireToken(withResource: resourceUri, clientId: clientId, redirectUri: NSURL(string: redirectUri) as URL!, completionBlock: { (res) in | |
// STEP 2: RESULTAT DE L'AUTHENTIFICATION | |
guard let result = res else { | |
// AUTHENTIFICATION ECHEC | |
return | |
} | |
if (result.status != AD_SUCCEEDED) { | |
// AUTHENTIFICATION ECHEC | |
return; | |
} | |
// AUTHENTIFICATION SUCCES | |
// CECI EST LE TOKEN QUI PERMET D'EFFECTUER LES FUTURES REQUETES QUI NECESSITENT D'ETRE AUTHENTIFIE | |
let token = result.accessToken! | |
// CECI EST UN BOOLEAN QUI INDIQUE SI DANS LA REPONSE DE L'AUTHENTIFICATION IL Y'A DES INFORMATIONS SUR LE USER AUTHENTIFIE | |
// CE BOOLEAN EST TOUJOURS FAUX | |
let isUserInformationAvailalbeInAuthResponse = !result.tokenCacheItem.isEmptyUser() | |
// LOGIQUEMENT, SI ON VEUT RECUPERER LE "TENANT ID", CA NE CONTIENT RIEN | |
let userTenantId = result.tokenCacheItem.userInformation?.tenantId | |
// STEP 3: EFFECTUER UNE REQUETE AUTHENTIFIEE SUR "LensMarmottes" | |
// URL DE LA REQUETE | |
let url = "http://212.234.19.163/BlisterWebApi/api/LensMarmottes" | |
// HEADER DE LA REQUETE QUI CONTIENT LE TOKEN PRECEDEMMENT RECUPERE (TEL QUE INDIQUE DANS LA DOC). LE FORMAT EST "Bearer <le token>" | |
let authenticationHeader = "Bearer \(token)" | |
let request = NSMutableURLRequest(url: NSURL(string: url) as! URL) | |
request.addValue(authenticationHeader, forHTTPHeaderField: "Authorization") | |
// LANCER LA REQUETE | |
let queue = OperationQueue() | |
NSURLConnection.sendAsynchronousRequest(request as URLRequest, queue: queue, completionHandler: { (response, data, error) in | |
// STEP 4: RESULTAT DE LA REQUETE | |
// LA REQUETE A ECHOUE, LA VARIABLE ERROR CONTIENT LES DETAILS DE L'ERREUR, QUI CORRESPOND A L'ERREUR "Authorization has been denied for this request" | |
}) | |
}) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment