0
我使用AFNetworking 2.0認證對我的移動服務器+ GROAuth2SessionManager(包括AFOAuthCredential)(安全框架,包括...)ios7 - 不能使用存儲身份驗證憑據後AFOAuthCredential
在認證成功時,令牌存儲進入憑據:
- (void)authorizeUser:(NSString *)login password:(NSString *)password onSuccess:(void (^)())success onFailure:(void (^)(NSString *))failure {
NSURL *url = self.base_url;
GROAuth2SessionManager *sessionManager = [GROAuth2SessionManager managerWithBaseURL:url clientID:self.client_key secret:self.client_secret];
sessionManager.responseSerializer = [AFHTTPResponseSerializer serializer];
[sessionManager authenticateUsingOAuthWithPath:self.token_path
login:login
password:password
scope:nil
success:^(AFOAuthCredential *credential) {
[AFOAuthCredential storeCredential:credential
withIdentifier:[url host]];
self.creds = credential;
success();
}
failure:^(NSError *error) {
NSLog(@"OAuth client authorization error: %@", error);
NSDictionary *uinfo = [error userInfo];
NSHTTPURLResponse *response = [uinfo valueForKey:AFNetworkingOperationFailingURLResponseErrorKey];
NSInteger status = response.statusCode;
if (400 <= status && status < 500) {
[self resignAuthorization];
}
failure([uinfo valueForKey:NSLocalizedRecoverySuggestionErrorKey]);
}];
}
,但我在控制檯中的錯誤:
Unable to fetch credential with identifier "localhost" (Error -25300)
我看入T他AFOAuthCredential,我可以看到一些關於安全性的塊..
我錯過了我的應用程序設置中的任何東西來應付它嗎? ...
#ifdef _SECURITY_SECITEM_H_
NSString * const kAFOAuth2CredentialServiceName = @"AFOAuthCredentialService";
static NSMutableDictionary * AFKeychainQueryDictionaryWithIdentifier(NSString *identifier) {
NSMutableDictionary *queryDictionary = [NSMutableDictionary dictionaryWithObjectsAndKeys:(__bridge id)kSecClassGenericPassword, kSecClass, kAFOAuth2CredentialServiceName, kSecAttrService, nil];
[queryDictionary setValue:identifier forKey:(__bridge id)kSecAttrAccount];
return queryDictionary;
}
#endif
...
#pragma mark Keychain
#ifdef _SECURITY_SECITEM_H_
+ (BOOL)storeCredential:(AFOAuthCredential *)credential withIdentifier:(NSString *)identifier {
return [self storeCredential:credential withIdentifier:identifier useICloud:NO];
}
+ (BOOL)storeCredential:(AFOAuthCredential *)credential withIdentifier:(NSString *)identifier useICloud:(BOOL)shouldUseICloud {
id securityAccessibility;
#if (defined(__IPHONE_OS_VERSION_MAX_ALLOWED) && __IPHONE_OS_VERSION_MAX_ALLOWED >= 43000) || (defined(__MAC_OS_X_VERSION_MAX_ALLOWED) && __MAC_OS_X_VERSION_MAX_ALLOWED >= 1090)
securityAccessibility = (__bridge id)kSecAttrAccessibleWhenUnlocked;
#endif
return [self storeCredential:credential withIdentifier:identifier withAccessibility:securityAccessibility useICloud:shouldUseICloud];
}
+ (BOOL)storeCredential:(AFOAuthCredential *)credential
withIdentifier:(NSString *)identifier withAccessibility:(id)securityAccessibility useICloud:(BOOL)shouldUseICloud {
NSMutableDictionary *queryDictionary = AFKeychainQueryDictionaryWithIdentifier(identifier);
if (!credential) {
return [self deleteCredentialWithIdentifier:identifier useICloud:shouldUseICloud];
}
NSMutableDictionary *updateDictionary = [NSMutableDictionary dictionary];
NSData *data = [NSKeyedArchiver archivedDataWithRootObject:credential];
[updateDictionary setObject:data forKey:(__bridge id)kSecValueData];
if (securityAccessibility) {
[updateDictionary setObject:securityAccessibility forKey:(__bridge id)kSecAttrAccessible];
}
if (shouldUseICloud && &kSecAttrSynchronizable != NULL) {
[queryDictionary setObject:@YES forKey:(__bridge id)kSecAttrSynchronizable];
[updateDictionary setObject:@YES forKey:(__bridge id)kSecAttrSynchronizable];
}
OSStatus status;
BOOL exists = ([self retrieveCredentialWithIdentifier:identifier] != nil);
if (exists) {
status = SecItemUpdate((__bridge CFDictionaryRef)queryDictionary, (__bridge CFDictionaryRef)updateDictionary);
} else {
[queryDictionary addEntriesFromDictionary:updateDictionary];
status = SecItemAdd((__bridge CFDictionaryRef)queryDictionary, NULL);
}
if (status != errSecSuccess) {
NSLog(@"Unable to %@ credential with identifier \"%@\" (Error %li)", exists ? @"update" : @"add", identifier, (long int)status);
}
return (status == errSecSuccess);
}