diff --git a/component/Details.md b/component/Details.md index dd118c201..383b40ecd 100644 --- a/component/Details.md +++ b/component/Details.md @@ -1,76 +1,27 @@ -# Details +Xamarin.Auth helps you authenticate users via standard authentication mechanisms +(e.g. OAuth 1.0 and 2.0), and store user credentials. It's also straightforward +to add support for non-standard authentication schemes. The library is cross-platform, +so once you learn it on iOS, you're all set on Android. -## JSch Using +```csharp +using Xamarin.Auth; -Simple method to start SSH shell and execute command: +var auth = new OAuth2Authenticator ( + clientId: "App ID from https://developers.facebook.com/apps", + scope: "", + authorizeUrl: new Uri ("https://m.facebook.com/dialog/oauth/"), + redirectUrl: new Uri ("http://www.facebook.com/connect/login_success.html")); - private void Execute (string command) - { - string value = null; +auth.Completed += (sender, eventArgs) => { + DismissViewController (true, null); + if (eventArgs.IsAuthenticated) { + // Use eventArgs.Account to do wonderful things + } +} - System.Threading.Tasks.Task t = null; - t = System.Threading.Tasks.Task.Run - ( - () - => - { - jsch = new JCraft.JSch.JSch(); - - - config = new Java.Util.Properties(); - // Avoid asking for key confirmation - config.SetProperty("StrictHostKeyChecking", "no"); - config.SetProperty("compression.s2c", "zlib,none"); - config.SetProperty("compression.c2s", "zlib,none"); +PresentViewController (auth.GetUI (), true, null); +``` - string OnProvideAssistData = null; - JCraft.JSch.Session session = null; - try - { - session = jsch.GetSession(username, ip_address, port); - session.SetConfig(config); - session.SetPassword(pwd); - session.Connect(); - } - catch (JCraft.JSch.JSchException e) - { - asd = "NOT_Executed"; - System.Console.WriteLine("NOT_executed"); - System.Console.WriteLine(e.Message); - value = asd; - - return value; - } - - JCraft.JSch.ChannelExec channel = null; - channel = (JCraft.JSch.ChannelExec)session.OpenChannel("exec"); - channel.SetCommand(command); - channel.Connect(); - - //InputStream input = channel.getInputStream(); - System.IO.Stream input = channel.InputStream; - - using (var reader = new System.IO.StreamReader(input, System.Text.Encoding.UTF8)) - { - value = reader.ReadToEnd(); - // Do something with the value - } - channel.Disconnect(); - - return value; - } - ); - - value = t.Result; - - editTextCommandOutput.Text = value; - - return; - } - - -Note: JSch usage on UI thread will cause exception, thus async/await Task.Run(); - - -### +It's that easy to authenticate users! +*Some screenshots assembled with [PlaceIt](http://placeit.breezi.com/).* diff --git a/component/GettingStarted.md b/component/GettingStarted.md index e57ed8be3..1371c549a 100644 --- a/component/GettingStarted.md +++ b/component/GettingStarted.md @@ -1,32 +1,136 @@ -# Getting Started +## 1. Create and configure an authenticator -## JSch - Java/Android SSH2 library +Let's authenticate a user to access Facebook: -JSch for Xamarin.Android is component with Xamarin.Android bindings for JSch - SSH -implementation in Java by JCraft. +```csharp +using Xamarin.Auth; +... +var auth = new OAuth2Authenticator ( + clientId: "App ID from https://developers.facebook.com/apps", + scope: "", + authorizeUrl: new Uri ("https://m.facebook.com/dialog/oauth/"), + redirectUrl: new Uri ("http://www.facebook.com/connect/login_success.html")); +``` -JSch is a pure Java implementation of SSH2. -JSch allows users to +Facebook uses OAuth 2.0 authentication, so we create an `OAuth2Authenticator`. +Authenticators are responsible for managing the user interface and communicating with +authentication services. - * connect to an sshd server and use - * port forwarding, - * X11 forwarding, - * file transfer, etc. +Authenticators take a variety of parameters; in this case, the application's ID, its +authorization scope, and Facebook's various service locations are required. -Developers can integrate its functionality into Java (and Android of course) programs -## Links/References +## 2. Authenticate the user -More about the library: +While authenticators manage their own UI, it's up to you to initially present the +authenticator's UI on the screen. This lets you control how the authentication UI is +displayed–modally, in navigation controllers, in popovers, etc. -* [http://www.jcraft.com/jsch/](http://www.jcraft.com/jsch/) +Before we present the UI, we need to start listening to the `Completed` event which fires +when the user successfully authenticates or cancels. You can find out if the authentication +succeeded by testing the `IsAuthenticated` property of `eventArgs`: -The Java (Android) sample that served as base for Xamarin.Android sample: +```csharp +auth.Completed += (sender, eventArgs) => { + // We presented the UI, so it's up to us to dimiss it on iOS. + DismissViewController (true, null); -* [http://kennethsfrequency.com/2013/03/19/android-ssh/](http://kennethsfrequency.com/2013/03/19/android-ssh/) + if (eventArgs.IsAuthenticated) { + // Use eventArgs.Account to do wonderful things + } else { + // The user cancelled + } +}; +``` +All the information gathered from a successful authentication is available in +`eventArgs.Account`. +Now we're ready to present the login UI from `ViewDidAppear` on iOS: +```csharp +PresentViewController (auth.GetUI (), true, null); +``` + +The `GetUI` method returns `UINavigationControllers` on iOS, and `Intents` on Android. +On Android, we would write the following code to present the UI from `OnCreate`: + +```csharp +StartActivity (auth.GetUI (this)); +``` + + + +## 3. Making requests + +Since Facebook is an OAuth2 service, we'll make requests with `OAuth2Request` providing +the account we retrieved from the `Completed` event. Assuming we're authenticated, we'll +grab the user's info to demonstrate: + +```csharp +var request = new OAuth2Request ("GET", new Uri ("https://graph.facebook.com/me"), null, eventArgs.Account); +request.GetResponseAsync().ContinueWith (t => { + if (t.IsFaulted) + Console.WriteLine ("Error: " + t.Exception.InnerException.Message); + else { + string json = t.Result.GetResponseText(); + Console.WriteLine (json); + } +}); +``` + + +## 4. Store the account + +Xamarin.Auth securely stores `Account` objects so that you don't always have to reauthenticate +the user. The `AccountStore` class is responsible for storing `Account` information, backed by +the [Keychain](https://developer.apple.com/library/ios/#documentation/security/Reference/keychainservices/Reference/reference.html) +on iOS and a [KeyStore](http://developer.android.com/reference/java/security/KeyStore.html) on +Android: + +```csharp +// On iOS: +AccountStore.Create ().Save (eventArgs.Account, "Facebook"); + +// On Android: +AccountStore.Create (this).Save (eventArgs.Account, "Facebook"); +``` + +Saved Accounts are uniquely identified using a key composed of the account's +`Username` property and a "Service ID". The "Service ID" is any string that is +used when fetching accounts from the store. + +If an `Account` was previously saved, calling `Save` again will overwrite it. +This is convenient for services that expire the credentials stored in the account +object. + + +## 5. Retrieve stored accounts + +You can fetch all `Account` objects stored for a given service: + +```csharp +// On iOS: +IEnumerable accounts = AccountStore.Create ().FindAccountsForService ("Facebook"); + +// On Android: +IEnumerable accounts = AccountStore.Create (this).FindAccountsForService ("Facebook"); +``` + +It's that easy. + + + + +## 6. Make your own authenticator + +Xamarin.Auth includes OAuth 1.0 and OAuth 2.0 authenticators, providing support for thousands +of popular services. For services that use traditional username/password authentication, you +can roll your own authenticator by deriving from `FormAuthenticator`. + +If you want to authenticate against an ostensibly unsupported service, fear not – Xamarin.Auth +is extensible! It's very easy to create your own authenticators – just derive from any of the +existing authenticators and start overriding methods. diff --git a/component/License.md b/component/License.md index 334f4063f..b77846431 100644 --- a/component/License.md +++ b/component/License.md @@ -1,23 +1,174 @@ -The MIT License (MIT) +# Apache License +Version 2.0, January 2004
+[http://www.apache.org/licenses/](http://www.apache.org/licenses/) -Copyright (c) 2013, 2014 Xamarin Inc +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION +1. Definitions. -Permission is hereby granted, free of charge, to any person obtaining a -copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. -The above copyright notice and this permission notice shall be included -in all copies or substantial portions of the Software. + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS -OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + +2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + +3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + +4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + +5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + +6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + +7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + +8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + +9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. \ No newline at end of file