Home

78.1.1+

Authentication Status

The Truvideo SDK provides two properties that serve to check the authentication status:

  • isAuthenticated() : Returns true or false indicating whether the client is authenticated. Please note that authentication may be expired.

  • isAuthenticationExpired() : Return true or false indicating whether the authentication is expired. If the client is not authenticated, it always returns false.

let isAuthenticated = TruvideoSdk.isAuthenticated()
let isAuthenticationExpired = TruvideoSdk.isAuthenticationExpired()

How to authenticate

The authenticate method requires the following inputs:

  1. ApiKey: A string provided by Truvideo upon registration.

  2. Payload: Essential data containing device information, generated internally using the generatePayload() function.

  3. Signature: Encrypt the payload with the provided secret key using the SHA256 algorithm to regenerate the signature.

Upon completion, it triggers the onReady callback or the onError callback in case of an error.

Note
The API key and Secret key are provided by the TRUVideo SDK team.

Algorithm for encoding the signature

To encode the payload, utilize the following function for conversion: The string undergoes conversion using the SHA256 algorithm, incorporating the provided secret key.

import Foundation
import CommonCrypto
extension String {
    /// Calculates the HMAC-SHA256 value for a given message using a key.
    ///
    /// - Parameters:
    ///    - msg: The message for which the HMAC will be calculated.
    ///    - key: The secret key used to calculate the HMAC.
     /// - Returns: The calculated HMAC-SHA256 value in hexadecimal format.
    func toSha256String(using key: String) -> String {
        let hmac256 = CCHmacAlgorithm(kCCHmacAlgSHA256)
        var macData = Data(count: Int(CC_SHA256_DIGEST_LENGTH))
        
        key.withCString { keyCString in
            withCString { msgCString in
                macData.withUnsafeMutableBytes { macDataBytes in
                    guard let keyBytes = UnsafeRawPointer(keyCString)?.assumingMemoryBound(to: UInt8.self),
                          let msgBytes = UnsafeRawPointer(msgCString)?.assumingMemoryBound(to: UInt8.self) else {
                        return
                    }
                    
                    CCHmac(
                        hmac256,
                        keyBytes, Int(strlen(keyCString)),
                        msgBytes, Int(strlen(msgCString)),
                        macDataBytes.bindMemory(to: UInt8.self).baseAddress
                    )
                }
            }
        }
        
        return macData.map { String(format: "%02x", $0) }
            .joined()
    }
}

The syntax for utilizing this encoding process appears as follows:

payload.toSha256String(using: Constant.secretKey)
Note 
We suggest avoiding storing the secret within the host application. Instead, set up a private backend owned by you. This backend will handle the payload from the Truvideo SDK and generate the signature. By doing this, you can prevent the secret from being exposed, reducing the risk of security issues

Authentication process

import TruvideoSdk
class CoreModule: NSObject{
    
    /// Authentication process
    func authenticate() async {
            let isAuthenticated = TruvideoSdk.isAuthenticated
            let isAuthenticationExpired = TruvideoSdk.isAuthenticationExpired

            let apiKey = "your-api-key"
            let secretKey = "your-secret-key"
            do {
                let  payload = try TruvideoSdk.generatePayload()

                /// The payload string is transformed into an encrypted string using the SHA256 algorithm.
                let signature = payload.toSha256String(using: secretKey)
                if try isAuthenticated() || isAuthenticationExpired() {
                    ///   Initialize a session when the user is not authenticated.
                    /// - Parameters:
                    ///     - API_Key : Provided by TruVideo team
                    ///     - Payload : generated by sdk TruvideoSdk.generatePayload() every time you have to create new payload
                    ///     - Signature: encrypted string payload using the SHA256 algorithm with "secret key"
                    ///     - Secret_Key: secret key is also provided by TruVideo team
                    try await TruvideoSdk.authenticate(
                        apiKey: apiKey,
                        payload: payload,
                        signature: signature
                        
                    )
                }

                /// Initialize a session when the user is already authenticated.
                try await TruvideoSdk.initAuthentication()
            } catch {
                print("Error")
            }
    }
}

Clear Authentication

To delete the current session and erase all associated authentication data, utilize the clearAuthentication method

TruvideoSdk.clearAuthentication()

This command will remove all authentication data and reset the session.

PreviousCoreNextCamera

Last updated

Was this helpful?