Hello, OpenCraft wants to add Okta <https://www.okta.com/> authentication to the edX iOS application (and eventually to the Android app) for one of our clients. There's a couple of options for this, and we'd appreciate guidance on which is most likely to be accepted upstream.
*SAML* Okta supports SAML, and so that's what we're currently using to authenticate to the platform. Issue#632 <https://github.com/edx/edx-app-ios/issues/632#issuecomment-191914776> discusses authenticating to the app with SAML, and converting the SAML token to an OAuth2 token on the platform. And there's also an edX meeting agenda item <https://openedx.atlassian.net/wiki/plugins/viewsource/viewpagesrc.action?pageId=161758041> about Appsembler adding SAML SSO support. But I've been unable to find any code or examples of how to do this? We'd be very interested to hear how this works, and about any progress made on this front. *OpenID Connect* Okta supports OpenID Connect, and provides an iOS SDK <https://github.com/okta/okta-sdk-appauth-ios> based on AppAuth <https://github.com/openid/AppAuth-iOS> that handles the kick out to the browser to login, and redirects back to the app to finish. Okta SDK <https://github.com/okta/okta-sdk-appauth-android> and AppAuth <https://github.com/openid/AppAuth-Android> also work on Android. So this seems like a better-supported option, but we've encountered some issues: - Would edX accept the addition of Okta to the pods currently used by the iOS app, or is this something we'd need to maintain as a patch? - Okta's iOS SDK is all Swift, so it needs to be built as a framework. But we can't do that due to the static Google binaries. There's an open issue <https://github.com/CocoaPods/CocoaPods/issues/6899> to add static support for Swift pods, but I'm not sure what to do about it right now. Someone said the workaround was to use Carthage instead <https://github.com/CocoaPods/CocoaPods/issues/3839#issuecomment-275455572>, but it only supports building static frameworks <https://github.com/Carthage/Carthage/blob/master/Documentation/StaticFrameworks.md>, not compiling with static binaries, and moving to Carthage seems political. Are there any other options? - To illustrate, I get the following error when I try to install the pod directly: [!] Pods written in Swift can only be integrated as frameworks; add `use_frameworks!` to your Podfile or target to opt into using it. The Swift Pod being used is: OktaAuth But adding use_frameworks! causes this error: [!] The 'Pods-edX' target has transitive dependencies that include static binaries: (edx-app-ios/Pods/GoogleAnalytics/Libraries/libGoogleAnalytics.a and edx-app-ios/Pods/GoogleIDFASupport/Libraries/libAdIdAccessLibrary.a) - Will also need to package the Pods project with "Defines Module: Yes" to allow the Swift classes to be accessible from Objective-C. - Okta's latest iOS SDK required the app to be built for iOS 9, but we can use an older v0.1.0 <https://github.com/okta/okta-sdk-appauth-ios/tree/0.1.0>. Thank you for your advice! Cheers, -- Jill @OpenCraft <http://opencraft.com/> -- You received this message because you are subscribed to the Google Groups "General Open edX discussion" group. To view this discussion on the web visit https://groups.google.com/d/msgid/edx-code/7b5c3aa5-193d-42b8-a31a-47643bae64e0%40googlegroups.com.
