I’ve been experimenting for a while integrating OpenID (Wikipedia) with an iOS application. The iOS application uses a split view controller, though that shouldn’t matter.
I started by registering with MyOpenId. In fact I did this a week or so ago. I’ve linked my OpenID with a few other sites that I use (StackOverflow, Toodledo etc). OpenID is an implementation of a decentralized authentication mechanism, which means users of my application would be able to authenticate using their OpenID credentials rather than needing to have special credentials for my application.
MyOpenId is partnered with Janrain, whose product Janrain Engage allows you to integrate OpenID with various application platforms. I registered with Janrain – using their Basic package, since I’m just trialling the mechanism for now. My Janrain registration is tied to my OpenID. I registered a new application there too, which has an application Id that I will use from my iApp. Janrain produce an Objective C library that I cloned from github.
It was a simple task to clone the github repository and include it in my application. I then modified my AppDelegate header to include the JREngage header and added a function that would make an authentication call:
JREngage *jrEngage = [JREngage jrEngageWithAppId:@"abcdefghijklmnopqrst"
I linked this code to a login button. I also provided the necessary JREngageDelegate functions, specifically jrAuthenticationDidSucceedForUser.
The application now starts up with a blank screen, and the user must select Login. In the login action function I make a call to the jrEngage library. This pops up a dialog and asks for an OpenID provider. I select MyOpenID and type my OpenID. I’m then redirected to the MyOpenID page and asked to type in my MyOpenID password. The result of this is sent back to the jrAuthenticationDidSucceedForUser function in my application. Here I verify that the user information that MyOpenID have sent back corresponds to a user who’s allowed to use my application, and I render my applications UI. To check the OpenId matches one of my users, I’d maintain a list of users for my system and the OpenId for each one. I can visualise how I’d set up new users; I’d take the OpenId information returned by MyOpenID (this contains an email address and an OpenID); I’d ask the user to sign up for my application, and send a validation email – maybe it would contain a secret code that they’d have to type into my app. I would not be holding any passwords, since I’d be authenticating people based on their OpenID credentials