Reputation: 181
IOS - Handling Token Authentication in HTTP headers
My organization has a number of different authentication methods used. One that I have been struggling with has been our apps that use Oath2 that will be expecting the Authorization header to have the token information to be stored in the HTTP Headers. I can manually put the Authorization header information for each request, but I would like this information to be automatically populated instead of manually adding it for every NSURLSession, NSURLConnection, UIWebView or [UIImage: imageFromUrl]. In Apples documentation for NSURLConnection class and NSURLSession it says that it will handle are designed to handle various aspects >of the HTTP protocol for you, including the Authentication header and they recommend not to alter this property, but it does not seem to get set for me. At a minimum I would expect that for the NSURLSession object I should only need to set it once by accessing the sharedSession and adding the header info via a setHTTPAdditionalHeaders call, but it does not seem to hold the info on the next time I access the sharedSession.
I there something I am missing here or do I need to manually populate the HTTP Header on all calls?
EDIT:
Below is a code snippet showing how I try to set the header for the session.
NSURLSession *session = [NSURLSession sharedSession];
NSURLSessionConfiguration *config = [NSURLSessionConfiguration defaultSessionConfiguration];
NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults];
id jSONObj = [defaults objectForKey: kTokenInformation];
[config setHTTPAdditionalHeaders:@{@"Authorization": [NSString stringWithFormat:@"Bearer %@",[jSONObj valueForKeyPath:@"access_token"]]}];
session = [NSURLSession sessionWithConfiguration:config];
However, it doesn't appear that the token is present the next time I call [NSURLSession sharedSession]. So right now I have to do that every time I call the shared session. I also am unsure from the documentation how you would handle apps that maintain multiple sessions which may each require separate Auth tokens. Any thoughts what I am missing hear.
Upvotes: 4
Views: 4112
Answers (1)
Reputation: 14886
Have a look at NSURLSessionConfiguration.
For example, you could set up a singleton class that provides an NSURLSession:
// Session setup
NSString *tokenString = ...;
NSURLSessionConfiguration *sessionConfiguration = [NSURLSessionConfiguration defaultSessionConfiguration];
[sessionConfiguration setHTTPAdditionalHeaders:@{ @"X-Auth-Token" : tokenString" }];
self.session = [NSURLSession sessionWithConfiguration:sessionConfiguration];
Now, every time you need to make a request you use your session:
// Send Request
NSURLSession *session = [[SessionManager sharedManager] session];
[[session dataTaskWithURL:url
completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
}] resume];
Here's a great tutorial: http://code.tutsplus.com/tutorials/networking-with-nsurlsession-part-1--mobile-21394
Upvotes: 4
Related Questions
- How to set a 'Token xxxxxxxxxx' for 'Authorization' in HTTP header in URLSession
- OAuth 2 bearer Authorization header
- HTTP Request headers
- Objective C - HTTP POST REQUEST handle with header and params
- How to pass authorization token header objective c?
- IOS - Token Authentication in HTTP headers with NSURLRequest
- how to call web api service from ipad application using basic authentication through http headers?
- set http header asihttprequest
- Http Authentication in Objective C
- HTTP Authentication for iPhone