Merge remote-tracking branch 'miracl/master'
diff --git a/README.md b/README.md
index 8f33792..48e365b 100644
--- a/README.md
+++ b/README.md
@@ -63,6 +63,11 @@
##### `(void) Destroy;`
This method clears the SDK object so it can be re-initialized again, possibly with different parameters.
+##### `(void) SetClientId: (NSString *) clientId;`
+This method will set a specific _Client ID_ which the SDK should use when sending requests to the backend.
+As an example, the MIRACL MFA Platform issues _Client IDs_ for registered applications, which use the platform for authenticating users.
+When the SDK is used to authenticate users specifically for this registered application, the _Client ID_ should be set by the app using this method.
+
##### `(MpinStatus*) TestBackend: (const NSString*) url;`
##### `(MpinStatus*) TestBackend: (const NSString*) url rpsPrefix: (const NSString*) rpsPrefix;`
This method will test whether `url` is a valid back-end URL by trying to retrieve Client Settings from it.
@@ -233,6 +238,13 @@
* `INCORRECT_PIN` - The authentication failed because of incorrect PIN. After the 3rd (configurable in the RPS) unsuccessful authentication attempt, the method will still return `INCORRECT_PIN` but the User State will be set to `BLOCKED`.
* `INCORRECT_ACCESS_NUMBER` - The authentication failed because of incorrect Access Number.
+##### `(MpinStatus*) FinishAuthenticationMFA: (id<IUser>)user pin: (NSString *) pin authzCode: (NSString **) authzCode;`
+This method is almost identical to the standard `FinishAuthentication`, but it returns back an _Authorization Code_, which should be used further by the app back-end to validate the authenticated user.
+This method is useful when authenticating users against the MIRACL MFA Platform.
+For this flow to work, the app should also set a _Client ID_ through the `SetClientId` method.
+The Platform will provide the _Authorization Code_ as a result from the authentication.
+This code should be then passed by the app to the back-end, where it should be verified using one of the MFA Paltform SDK flavors.
+
##### `(Boolean) CanLogout: (const id<IUser>) user;`
This method is used after authentication with an Access Number/Code through `FinishAuthenticationAN`.
After such an authentication, the Mobile Device can log out the end-user from the Browser session, if the RPA supports that functionality.
diff --git a/mpin-sdk-core b/mpin-sdk-core
index 5a6c03f..a035239 160000
--- a/mpin-sdk-core
+++ b/mpin-sdk-core
@@ -1 +1 @@
-Subproject commit 5a6c03fa0ace77c3c1ae3e497bdca6f78c31b0a8
+Subproject commit a0352396e1a77e5ce2dbc071ec73e15157b6b195
diff --git a/src/MPin.h b/src/MPin.h
index b9425b6..fc66121 100644
--- a/src/MPin.h
+++ b/src/MPin.h
@@ -55,6 +55,9 @@
+ (MpinStatus*) FinishAuthenticationOTP:(id<IUser>)user pin:(NSString *) pin otp:(OTP**)otp;
+ (MpinStatus*) FinishAuthenticationAN:(id<IUser>)user pin:(NSString *) pin accessNumber:(NSString *)an;
++ (void) SetClientId:(NSString *) clientId;
++ (MpinStatus*) FinishAuthenticationMFA:(id<IUser>)user pin:(NSString *) pin authzCode:(NSString **) authzCode;
+
+ (Boolean) Logout:(const id<IUser>)user;
+ (Boolean) CanLogout:(const id<IUser>)user;
diff --git a/src/MPin.mm b/src/MPin.mm
index f6f2c80..d95c77f 100644
--- a/src/MPin.mm
+++ b/src/MPin.mm
@@ -231,14 +231,29 @@
return [[MpinStatus alloc] initWith:(MPinStatus)s.GetStatusCode() errorMessage:[NSString stringWithUTF8String:s.GetErrorMessage().c_str()]];
}
-+ (Boolean) Logout:(const id<IUser>) user {
++ (void) SetClientId:(NSString *) clientId {
+ [lock lock];
+ mpin.SetClientId([clientId UTF8String]);
+ [lock unlock];
+}
+
++ (MpinStatus*) FinishAuthenticationMFA:(id<IUser>)user pin:(NSString *) pin authzCode:(NSString **) authzCode {
+ MPinSDK::String c_authzCode;
+ [lock lock];
+ Status s = mpin.FinishAuthenticationMFA( [((User *) user) getUserPtr], [pin UTF8String], c_authzCode);
+ [lock unlock];
+ *authzCode = [NSString stringWithUTF8String:c_authzCode.c_str()];
+ return [[MpinStatus alloc] initWith:(MPinStatus)s.GetStatusCode() errorMessage:[NSString stringWithUTF8String:s.GetErrorMessage().c_str()]];
+}
+
++ (Boolean) Logout:(const id<IUser>) user {
[lock lock];
Boolean b = mpin.Logout([((User *) user) getUserPtr]);
[lock unlock];
return b;
}
-+ (Boolean) CanLogout:(const id<IUser>) user {
++ (Boolean) CanLogout:(const id<IUser>) user {
[lock lock];
Boolean b = mpin.CanLogout([((User *) user) getUserPtr]);
[lock unlock];
