Authentication

The VPN SDK for Apple requires authentication before establishing a VPN connection. This article covers common authentication methods supported by the SDK.

OAuth Authentication

OAuth is a popular authentication protocol that allows users to grant limited access to their resources on one site to another site, without sharing their credentials. To use OAuth with the VPN SDK:

import VPNApplicationSDK
// ...

// Choose one of the following SDKs:
// let sdk = HydraSDK(...)
// let sdk = IPSecSDK(...)
// let sdk = WireguardSDK(...)

let authMethod = AuthMethod(type: .oauth, token: "YOUR_OAUTH_TOKEN")

sdk.login(method: authMethod) { (error, user) in
    if let error = error {
        print("Login failed with error: \(error)")
    } else {
        print("User logged in successfully")
        // Handle the authenticated user object here
    }

}

In the example above:

1. Obtain an OAuth access token from your OAuth provider. This typically involves presenting an OAuth dialog to the user to authorize your application.

2. Create an instance of AuthMethod with the .oauth type and provide the OAuth access token.

3. Call the login function of the SDK, passing the authMethod object.

The completion handler will be called with an error parameter and a user object. If the login is successful, error will be nil, and you can handle the authenticated user object. If the login fails, error will contain the error details.

Anonymous Authentication

For scenarios where user-specific authentication is not required, the SDK also supports anonymous login:

sdk.login(method: .anonymous()) { [vpnService] loginError, _ in
    if let loginError = loginError {
        completion?(loginError)
        return
    }
    // use vpnService.start() here
}

With anonymous login, no credentials are needed.

References

For more information on other available authentication methods, please refer to the AuthMethod reference documentation.