iOS - Full OAuth
Under the full OAuth, SDK handles the entire OAuth process, requiring your app to only establish the necessary connections between the SDK and iOS.
Prerequisites
- See Overview of the Clover platform.
- Create a global developer account with a default test merchant account.
- Create additional test merchants, if needed.
- Order a Clover Go reader Developer Kit (Dev Kit) and set it up.
- Use Xcode 14 or higher.
- Install CocoaPods.
- Use an iOS Device (iOS 14+).
- Use an iOS Developer Account.
- Install CloverPayments SDK from CocoaPods.
- Charge Clover Go reader—Device battery charging requirement. Several operations on your Clover Go reader require at least 30% battery. Charge your device before you configure your iOS project using the instructions in this guide.
OAuth authentication
Clover uses OAuth to authenticate the users of your app to Clover servers. Use the steps in this topic to:
- Create a Clover app and install it on your test merchant to enable OAuth. The Clover app has an associated App ID and App Secret that Clover transfers to the iOS app to give it permission to perform OAuth.
- Use Associated Domains in the iOS app and an
apple-app-site-association
file on a server you control to enable OAuth callbacks from Clover login servers to your app.
Steps
- Add a token change callback using the
CloverPaymentSDK.shared.addOnTokenChangeCallback
. - Initialize the SDK by calling
CloverPaymentSDK.shared.setup
and passing in your configuration object. Include aCloverPaymentSDK.FullOAuth
object in the configuration for full OAuth support. CloverPaymentSDK
attempts to recover a valid token stored securely in the Keychain. If a valid token is found, it completes initialization and calls your success callback registered in step 2.- If no valid token is found,
CloverPaymentSDK
initiates OAuth login using the device's default browser. This opens the login page in your configured environment for the user to log in. Identifying information from your configuration is passed to ensure your app can log in for the merchant and employee. - Upon successful login, a code is provided via a callback to your registered associated domain. This returns to your app using the scene delegate or another appropriate path. Refer to Apple documentation for options. Pass the full URL containing the code back to your handler using
CloverPaymentSDK.shared.receivedOAuthCodeOrToken
. CloverPaymentSDK
exchanges the code for a token, stores the token in the Keychain for the next launch, and then calls your token change callback registered in step 1. In your callback, callCloverPaymentSDK.shared.setup
to retry initialization with the valid token.
When you use full OAuth
The following are the advantages and disadvantages when you use full OAuth:
Advantages
- The SDK manages refresh tokens to ensure you always have a usable token.
- The SDK opens an external browser with the Clover login page.
Disadvantages
- Monitor incoming URLs in your Scene Delegate and pass them to the SDK. After a successful login, the URL contains the code used to obtain the auth token.
- Branding the login screen is not possible.
- The app exits to the default browser for login and then returns using the redirect URL and your app links definition.
Updated 4 months ago