Redirect user

This article explains how to redirect a user to the ByUnico authentication experience via the REST API.

The userRedirectUrl field is used to direct the user. This field is received in the process creation success response.

Web

There are two options for integrating with your web application:

1) Using window.open()

A opção window.open() consiste em abrir uma nova aba do navegador do usuário para que ele possa completar o processo. Ao final essa aba é fechada e redirecionada para sua aplicação.

Para isso é recomendado:

• Seguir a documentação pública sobre isso, que se encontra aqui;

• Monitorar se houve alteração de URL (para a redirectUrl) e então fechar a aba utilizando window.close();

2) Using redirect

We recommend following these steps:

• In your common flow (which is inserted Registration by Unico) you will redirect the customer to the link generated through the API;
• After this, the customer from within the platform carries out the necessary procedures to continue the flow;
• When completed, they are redirected to your page (using the redirectUrl passed on when the process was created);

Important

The application does not work via iFrame for security reasons.

Android

On Android, the use of Webview is recommended.

After creating the process and obtaining the link to that process, the following implementation is recommended:

• In your common flow (which is inserted the Cadastro by Unico), you open the Webview with the link generated through the API;
• You can customize this opening to suit your application;
• Monitor whether the URL has changed (for the redirectUrl) and then close the Webview;

To open a Webview do the following:

import android.webkit.PermissionRequest
import android.webkit.WebChromeClient
import android.webkit.WebView
import android.webkit.WebViewClient

@SuppressLint("SetJavaScriptEnabled")
override fun onCreate(savedInstanceState: Bundle?) {
    super.onCreate(savedInstanceState)
    setContentView(R.layout.activity_camera)

    findViewById<WebView>(R.id.webView).apply {
        settings.javaScriptEnabled = true
        settings.domStorageEnabled = true
        settings.mediaPlaybackRequiresUserGesture = false
        clearCache(true)
        webViewClient = myWebViewClient
        webChromeClient = object : WebChromeClient() {
            override fun onPermissionRequest(request: PermissionRequest?) {
                request?.grant(request.resources)
            }
        }
        loadUrl("<URL_TO_LOAD>")
    }
}

The control of when it is necessary to close the Webview can be done as follows:

private val myWebViewClient = object : WebViewClient() {
    override fun shouldOverrideUrlLoading(
        view: WebView?,
        request: WebResourceRequest?
    ): Boolean {
        if (request?.url.toString() == "<URL_TO_OBSERVER>") {
            // close here your webview
        }
        return super.shouldOverrideUrlLoading(view, request)
    }
}

To do this, you need to enable permissions in Android Manifest:

<uses-feature android:name="android.hardware.camera" android:required="false"/>
<uses-permission android:name="android.permission.CAMERA"/>

Important

The following permissions are required for correct operation:

• Camera;
• Geolocation;

iOS

Step 1: Create the authentication controller

The first step is to create the authentication controller. To do this, create a class called UnicoAuthenticationController (or whatever you prefer to call it).

Then import the AuthenticationServices framework at the top of the class.

Declare the class as NSObject and implement the ASWebAuthenticationPresentationContextProviding protocol.

The result should be:

import AuthenticationServices

class UnicoAuthenticationController: NSObject, ASWebAuthenticationPresentationContextProviding {
    func presentationAnchor(for session: ASWebAuthenticationSession) -> ASPresentationAnchor {
           if let windowScene = UIApplication.shared.connectedScenes.first as? UIWindowScene {
               if let mainWindow = windowScene.windows.first {
                   return mainWindow
               }
           }
           return ASPresentationAnchor()
       }
}

Step 2: Implement authentication

Open the file where you perform the authentication and add the necessary imports (as an example, ContentView.swift is used).

import SwiftUI
import AuthenticationServices

To control the state of the flow, you need to create the @State property.

@State private var finished = false

Create an instance of the UnicoAuthenticationController class outside the body of the ContentView structure.

let unicoController = UnicoAuthenticationController()

To validate the process, create a function called redirectUser.

func redirectUser() {
        guard let url = URL(string: "URL_AUTHENTICATION") else { return }

        var session: ASWebAuthenticationSession?
        session = ASWebAuthenticationSession(url: url, callbackURLScheme: "BUNDLE") { callbackURL, error in
            guard callbackURL != nil else {
                if let error = error {
                    return print("Error during the process: \(error.localizedDescription)")
                }
                return
            }

            // Processes the callback URL to check if the process has finished
            session?.cancel()
            finished = true
        }

        session?.presentationContextProvider = unicoController
        session?.prefersEphemeralWebBrowserSession = true
        session?.start()
    }

Environments

Remember to change the url URL_AUTHENTICATION to the authentication URL received in your process and also the callbackURLScheme BUNDLE to the redirect informed when creating the process (using the Bundle Identifier of your application is recommended).

One-time authentication

It is important to set prefersEphemeralWebBrowserSession to true to ensure single authentication per process.

Any concerns?

Missing something or still need help? If you are already a customer or partner, you can contact us through the Help Center.