Instructions to upgrade iOS SDK version to 10.0.0

MSP compatibility

This version of the SDK requires:

• the Token Server 12.6.0 or newer in case when the app is not using the optional Payload Encryption feature
• the Token Server 12.8.0 or newer and the Security Proxy 5.4.0 or newer when the app is using the optional Payload Encryption feature

New security controls

The security controls implementation has been modified, making the tampering protection optional. The application thumbprint (formerly known as application signature) can be calculated with two integrity levels:

• FULL - the SDK will perform a full binary check to be sure that the app was not modified.
• NONE - will skip the binary check, while still making basic application sanity checks.

The level of the integrity check can be set in the Token Server configuration

Cerificate pinning

Certificate pinning does no longer require including .cer files to the application bundle. It is recommended to use SDK Configurator version 5.0.0 or later.

Payload encryption

Now Payload Encryption feature requires to provide server public key in the configuration. The key is in the zip file of application version exported from the Token Server. That property can be configured using the SDK Configurator (version 5.0.0 or later) or manually using the setServerPublicKey: method on ONGClientBuilder.

Removed deprecated API's

ONGUserClient

• canHandlePushMobileAuthRequest: - please use pendingMobileAuthRequestFromUserInfo: method instead.
• handlePushMobileAuthRequest:delegate: - please use handlePendingPushMobileAuthRequest:delegate: method instead.
• authenticateUser:delegate: - please use authenticateUser:authenticator:delegate: method instead.
• authenticateUserWithAuthenticator:profile:delegate: - please use authenticateUser:authenticator:delegate: method instead.

ONGResourceRequest

• ONGParametersEncodingPropertyList - it is no longer supported.

ONGRegistrationDelegate

• userClient:didRegisterUser:info: - please use userClient:didRegisterUser:userProfile:identityProvider:info: method instead.
• userClient:didFailToRegisterWithError: - please use userClient:didFailToRegisterWithIdentityProvider:error: method instead.

ONGBrowserRegistrationChallenge

• userProfile - it is no longer necessary.

ONGAuthenticationDelegate

• userClient:didStartAuthenticationForUser: - please use -[ONGAuthenticationDelegate userClient:didStartAuthenticationForUser:authenticator:] method instead.
• userClient:didReceiveFingerprintChallenge: - please use -[ONGAuthenticationDelegate userClient:didReceiveBiometricChallenge:] method instead.
• userClient:didAuthenticateUser:info: - please use -[ONGAuthenticationDelegate userClient:didAuthenticateUser:authenticator:info:] method instead.
• userClient:didFailToAuthenticateUser:error: -please use -[ONGAuthenticationDelegate userClient:didFailToAuthenticateUser:authenticator:error:] method instead.

ONGMobileAuthRequestDelegate

• userClient:didReceiveFingerprintChallenge:forRequest: - please use userClient:didReceiveBiometricChallenge:forRequest: method instead.
• userClient:didHandleMobileAuthRequest:info: - please use userClient:didHandleMobileAuthRequest:authenticator:info: method instead.
• userClient:didFailToHandleMobileAuthRequest:error: - please use userClient:didFailToHandleMobileAuthRequest:authenticator:error: method instead."

ONGFingerprintChallenge

• ONGFingerprintChallenge was removed, please use ONGBiometricChallenge

Changed API's nullablility

ONGUserClient

• implicitlyAuthenticateUser:scopes:completion: now error parameter in completion block can be nil.
• logoutUser: now user profile parameter in completion block can be nil.