// AFOAuthCredential.h // // Copyright (c) 2012-2014 AFNetworking (http://afnetworking.com) // // Permission is hereby granted, free of charge, to any person obtaining a copy // of this software and associated documentation files (the "Software"), to deal // in the Software without restriction, including without limitation the rights // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell // copies of the Software, and to permit persons to whom the Software is // furnished to do so, subject to the following conditions: // // The above copyright notice and this permission notice shall be included in // all copies or substantial portions of the Software. // // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN // THE SOFTWARE. #import NS_ASSUME_NONNULL_BEGIN /** `AFOAuthCredential` models the credentials returned from an OAuth server, storing the token type, access & refresh tokens, and whether the token is expired. OAuth credentials can be stored in the user's keychain, and retrieved on subsequent launches. */ @interface AFOAuthCredential : NSObject ///-------------------------------------- /// @name Accessing Credential Properties ///-------------------------------------- /** The OAuth access token. */ @property (readonly, nonatomic, copy) NSString *accessToken; /** The OAuth token type (e.g. "bearer"). */ @property (readonly, nonatomic, copy) NSString *tokenType; /** The OAuth refresh token. */ @property (readonly, nonatomic, copy) NSString *refreshToken; /** Whether the OAuth credentials are expired. */ @property (readonly, nonatomic, assign, getter = isExpired) BOOL expired; ///-------------------------------------------- /// @name Creating and Initializing Credentials ///-------------------------------------------- /** Create an OAuth credential from a token string, with a specified type. @param token The OAuth token string. @param type The OAuth token type. */ + (instancetype)credentialWithOAuthToken:(NSString *)token tokenType:(NSString *)type; /** Initialize an OAuth credential from a token string, with a specified type. @param token The OAuth token string. @param type The OAuth token type. */ - (id)initWithOAuthToken:(NSString *)token tokenType:(NSString *)type; ///---------------------------- /// @name Setting Refresh Token ///---------------------------- /** Set the credential refresh token, without a specific expiration @param refreshToken The OAuth refresh token. */ - (void)setRefreshToken:(NSString *)refreshToken; /** Set the expiration on the access token. If no expiration is given by the OAuth2 provider, you may pass in [NSDate distantFuture] @param expiration The expiration of the access token. This must not be `nil`. */ - (void)setExpiration:(NSDate *)expiration; /** Set the credential refresh token, with a specified expiration. @param refreshToken The OAuth refresh token. @param expiration The expiration of the access token. This must not be `nil`. */ - (void)setRefreshToken:(NSString *)refreshToken expiration:(NSDate *)expiration; ///----------------------------------------- /// @name Storing and Retrieving Credentials ///----------------------------------------- /** Stores the specified OAuth credential for a given web service identifier in the Keychain. with the default Keychain Accessibilty of kSecAttrAccessibleWhenUnlocked. @param credential The OAuth credential to be stored. @param identifier The service identifier associated with the specified credential. @return Whether or not the credential was stored in the keychain. */ + (BOOL)storeCredential:(AFOAuthCredential *)credential withIdentifier:(NSString *)identifier; /** Stores the specified OAuth token for a given web service identifier in the Keychain. @param credential The OAuth credential to be stored. @param identifier The service identifier associated with the specified token. @param securityAccessibility The Keychain security accessibility to store the credential with. @return Whether or not the credential was stored in the keychain. */ + (BOOL)storeCredential:(AFOAuthCredential *)credential withIdentifier:(NSString *)identifier withAccessibility:(id)securityAccessibility; /** Retrieves the OAuth credential stored with the specified service identifier from the Keychain. @param identifier The service identifier associated with the specified credential. @return The retrieved OAuth credential. */ + (nullable AFOAuthCredential *)retrieveCredentialWithIdentifier:(NSString *)identifier; /** Deletes the OAuth credential stored with the specified service identifier from the Keychain. @param identifier The service identifier associated with the specified credential. @return Whether or not the credential was deleted from the keychain. */ + (BOOL)deleteCredentialWithIdentifier:(NSString *)identifier; @end NS_ASSUME_NONNULL_END