Version History
Version 11.2.0100
Enhancements
Case ID | Rally ID | Title | Description | API Impacts |
---|---|---|---|---|
None | F28393 | Centralized Client Message Infrastructure | Description: AccountSDK now supcd ports pulling a customized error message bundle from the Identity server. This allows you to customize localized error messages. The error message key is in a new format as mstr_ios_ERRORCODE. | N/A |
Version 11.2.0000.125
Defects Fixed
Case ID | Rally ID | Title | Description | API Impacts |
---|---|---|---|---|
None | DE161723 | Deprecated Phone Number in Sample App. | Description: The phone number hardcoded into the sample app was deprecated by the hosting website and was changed causing the SMS button to lead to an unknown phone number. Root Cause: The cause of this was that the hosting website deprecated the existing phone number on the sample app. Fix: The phone number was updated on the sample app by a working phone number from the same website. |
N/A |
378936 | DE161001 | User can’t login with correct credential from the App once the email address is updated from the Web. | Description: If a user changes their email address from Web while the user is logged in the app, the user can no longer login from the app. Root Cause: This problem was introduced by a different fix which caused the Account Manager to utilize the cached userID rather than the user input userID. Fix: The fix was to utilize the user input userID instead of the cached userID. |
N/A |
Version 11.2.0000.123
Defects Fixed
Case ID | Rally ID | Title | Description | API Impacts |
---|---|---|---|---|
378690 | DE160566 | Request to enable biometrics authentication silently | Description: User gets prompted to verify the biometrics after signing in with username and password when biometrics setting was enabled previously. Root Cause: Previously, SDK would load biometrics secured items from keychain after signing in. This was unnecessary. Fix: After signing in, do not load biometrics secured items from keychain. It is not necessary to trigger biometrics when saving biometrics protected data to keychain. |
Biometrics prompt will not be triggered automatically when calling AccountManager.signIn(userId:password:keepMeSignIn:completion:) or AccountManager.registerAndSignIn(user:password:keepMeSignIn:session:policyValidation:completion:) |
Version 11.2.0000
Enhancements
Case ID | Rally ID | Title | Description | API Impacts |
---|---|---|---|---|
None | US209866 | Add third party error messages in iOS SDK logs | UsherAccountSDK now supports third party error logs. Client is able to set debug log mode on the fly. The response body will be logged when debug log mode is set to True. Please refer to UsherAccountSDK Docs - UsherSDK Class for more details on how to interface with debug log mode. | 2 methods added into UsherSDK, including setDebugLogMode and isDebugLogMode. |
None | US200701 | Identity/Usher iOS SDK stored unencrypted data in OS sandbox/backup area | UsherAccountSDK will now encrypt all sensitive User information in memory. Sensitive User information will also be hidden in the logs. | N/A |
None | US211019 | Modify required fields in SDK registration API | When user is registering their account, Mobile phone number and address fields are now optional. | mobileNumber and address public fields are now optional. |
None | US208443 | Add SDK version with every API request for forward/backward compatibility | The SDK Version number will be included in each API call with the field: “sdkVersion: xx.x.xxxx” | N/A |
None | US211131 | Remove parameter “isFutureUpdate” from both SDK and Server for send/verify otp API | Parameter “isFutureUpdate” is removed from both SDK and Server for send/verify otp API, as this parameter is not used in Server. | Parameter “isFutureUpdate” is removed from OTPManager.requestOTP(recipient:recipientType:purpose:isFutureUpdate:completion:) and OTPManager.verifyOTP(code:purpose:session:recipient:recipientType:isFutureUpdate:completion:) . |
Defects Fixed
Case ID | Rally ID | Title | Description | API Impacts |
---|---|---|---|---|
None | DE155143 | Remove the methods/code in the Usher SDK corresponding to the disabled Server APIs | Description: Following server APIs are disabled and the corresponding methods needs to be removed from the SDK 1. /appapi/v1/message/requestAccess. Request for access for iot device 2. /appapi/v1/message/approveAccess. Approve access 3. /appapi/v1/iot/transferOwnership. Transfer primary ownership to a secondary owner 4. /appapi/v1/iot/revokeSecondaryOwner. Primary driver remove a secondary owner 5. /appapi/v1/iot/link. Disconnect iot device link Root Cause: Server Team decided to remove these API endpoints as they were seen as unneccessary and some posed security issues. Fix: Mark these API Methods as deprecated and plan to remove in future. |
N/A |
None | US209523 | Support password policy to allow additional European characters | Additional password policy is added to allow all characters. | Added allAllowCharacterCheck property to PasswordPolicy . |
None | US206796 | Biometric setting in Account SDK | SDK shall store the current user’s current setting into independent storage that won’t be removed by logout. When logged in, SDK will restore the setting from the storage and make the biometrics enabled if it was enabled before. | Added signInWithBiometrics(completion:) API to AccountManager . |
Other changes
- Upgraded 3rd party libraries. Removed unnecessary dependency on Zip library from AccountSDK. Added Zip dependency to sample app.
- Deprecated APIs:
- In
UsherError
:notPermitted
invalidImage
passwordPolicyError
sdkNotInitialized
- In
IoTDeviceManager
:requestAccess(iotId:completion:)
approveAccess(messageId:completion:)
transferOwnership(iotId: iotType:transferTo:completion:)
revokeSecondaryUser(iotId:iotType:revokeFrom:completion:)
disconnectIoTDevice(_ :completion:)
- In
OTPManager
: requestOTP(recipient:recipientType:purpose:isFutureUpdate:completion:)
: UserequestOTP(recipient:recipientType:purpose:completion:)
insteadverifyOTP(code:purpose:session:recipient:recipientType:isFutureUpdate:completion:)
: UseverifyOTP(code:purpose:session:recipient:recipientType:completion:)
instead.
- In
Known issues
Same as Version 11.1.101.
Version 11.1.103
Enhancements
Case ID | Rally ID | Title | Description | API Impacts |
---|---|---|---|---|
None | US182996 | Localization Support in Account SDK | UsherAccountSDK now support error localizations for Japanese and English. The localized error strings come with UsherAutoSDKLocalizedStrings.bundle. Please refer to UsherAccountSDK Docs - Localization Support for more details. More helper computed properties from NSError extension is added. Please refer to UsherAccountSDK Docs - Error Handling for more details. | 2 methods added into UsherSDK, including getLocale and setLocale. AccountManager.enableBiometricsSignIn now does not take any localized reason input, the localized string need to be provided in UsherAutoSDKLocalizedStrings.bundle. |
None | US182967 | Switch URL on-the-fly support | UsherAccountSDK now support switching server. Please refer to UsherAccountSDK Docs - Localization Support for more details. | 2 methods added into UsherSDK, including getLocale and setLocale. |
Defects Fixed
Case ID | Rally ID | Title | Description | API Impacts |
---|---|---|---|---|
None | DE138463 | Enable Sign In With Biometrics for the second time will bypass user verification with Biometrics | Description: When the user signs in and tries to enable sign-in-with-biometrics, the OS verification pop-up will show and verify user’s biometrics. However, if the user signs out and tries to sign in and to enable sign-in-with-biometrics, the OS will bypass the verification of the user’s biometrics. Root Cause: LAContext was saved after enabled sign-in-with-biometrics, and it was not disposed after signing out. When trying to enable the sign-in-with-biometrics for the second time, the success result from the first time will be used. Fix: Always use fresh LAContext when needed. | N/A |
None | DE139043 | When Server Response Status Code is not 200, 400 or 500, UsherAccountSDK returns success result | Description: The SDK only treats the HTTP Response with the JSON body, which contains reason, status, and localizedMessage these three fields, as an error. When the HTTP response status code is not 200, 400 or 500, only a string explaning the status code is returned. Root Cause: iOS SDK ignores http codes except 200, 400 and 500. Fix: iOS SDK now will treat those status code as generic error with “Unknown Error” as the error message. | N/A |
None | DE140012 | Fix incorrect passwordHistoryPolicyNotMet English String |
Description: The SDK uses the wrong English error message for passwordHistoryPolicyNotMet error. Fix: Updated the string in both SDK and UsherAutoSDKLocalizedStrings.bundle. |
N/A |
None | DE140347 | Fix Bitcode issue for App Store Submission | Description: After the clients imported our SDK, the app could not pass the bitcode compiling step. Root Cause: The SDK was built with the codeCoverageEnabled setting on. Starting from Xcode 9, if the unit test code coverage generation setting is enabled, the built SDK will fail the App Store Submission. Fix: Turn off the unit test coverage generation when making a release build. |
N/A |
Known issues
Same as Version 11.1.101.
Version 11.1.102
Enhancements
Case ID | Rally ID | Title | Description | API Impacts |
---|---|---|---|---|
307098 | DE132460 | Account-based App Code feature | In order to avoid tapping remote control by mistake, we implemented the account-based App Code feature, including fetching the app code, updating the app code and verifying the app code. | 4 methods added into AccountManager, including fetchAppCodeSettings, updateAppCodeSettings, verifyAppCode and getCachedAppCodeSettings. |
None | DE134367 | SDK Logging Enhancement | Enhanced the sample to show how to collect SDK Log. | None |
F18544 - US171119 | Exposed isLoggedInWithTemporaryPassword field in Account SDK. | App can get the isLoggedInWithTemporaryPassword value from AccountManager, which is false by default. | The isLoggedInWithTemporaryPassword field is added into AccountManager class. |
Defects Fixed
Case ID | Rally ID | Title | Description | API Impacts |
---|---|---|---|---|
314154 | DE133846 | Renewing Access Token Returned Error When Refresh Token Was Expired | Root Cause: When SDK is brought to the foreground, SDK will try to refresh the current user’s data. If the access token is expired, SDK will try to renew the access token with the refresh token. If another SDK API call tries to renew the access token, with the access token is under renewing, SDK will return “invalid access token” error code directly. Fix: When one thread is renewing the access token, other SDK API call that is trying to renew access token will wait, until the renew call finishes, instead of directly return error. | None |
Known issues
Same as Version 11.1.101.
Version 11.1.101
Enhancements
Case ID | Rally ID | Title | Description | API Impacts |
---|---|---|---|---|
313901 | DE133193 | Compatibility with Xcode 10.2 | SDK is rebuilt with Xcode 10.2 to support Xcode 10.2. All third party libraries have been updated in PodSpec file to support XCode 10.2 | None |
312557 | DE132785 | Add Option to Remove Passcode for Biometrics Failure [iOS] | When biometric authentication fails, iOS provides the ability for users to use their passcode as a fall-back mechanism. With this enhancement, the application developer now has the ability to control this functionality directly. | Three properites added into UsherSDKConfiguration : localAuthenticationPolicy, secAccessControlCreateFlags, secUseOperationPrompt. |
Defects Fixed
Case ID | Rally ID | Title | Description | API Impacts |
---|---|---|---|---|
314275 | DE133351 | Change Address Fields to Optional | In previous versions, certain address fields such as street1, city, state, postal code, and country were mandatory. With this enhancement, they are now optional and enforcement is deferred to the application. | Properties of Address class are optional. |
315013 | DE133625 | Password Changes Erroneously Reported as Successful. | In certain circumstances, password changes were erroneously reported as successful even though they were not. A defect was identified with the parsing of the response from the Identity Server. That defect is addressed in this release. | New error codes added into UsherError class. |
314154 | DE133846 | Renewing Access Token Returned Error When Access Token Was Expired | When the access token was expired, calling fetchToken API will return the error although the access token will be renewed later on. | None |
Known issues
iOS 9.3 Simulator issue
There is a known XCode 10.2 bug affecting iOS 9.x Simulator. You can work around it by creating /usr/lib/swift directories in the relevant simulator runtime root. Downloaded simulator runtimes are located in /Library/Developer/CoreSimulator/Profiles/Runtimes . To fix it, run the following in the terminal (using iOS 9.3 as an example).
sudo mkdir '/Library/Developer/CoreSimulator/Profiles/Runtimes/iOS 9.3.simruntime/Contents/Resources/RuntimeRoot/usr/lib/swift'
Reference: https://stackoverflow.com/questions/55389080/xcode-10-2-failed-to-run-app-on-simulator-with-ios-10.
Andress Sanitizer Error in Kronos
DE134365 While running the Address Sanitizer Tool in XCode, a heap buffer overflow error was reported in the third-party library Kronos. We didn’t find any impact of this issue while running the sample app on device and simulator without turning on the Address Sanitizer.
Reference: https://github.com/lyft/Kronos/issues/47.
Version 11.1.100
- Increased version number to 11.1.100
Version 11.1.010
- Enhancement: Made the content node a blackbox in /appapi/v1/message/sendInvite api
- Enhancement: Returned the additional data to the SDK caller for /appapi/v1/system/accountPolicy API
- Enhancement: Exposed server’s error messages for UsherError class.
- Fixed defect: Solved deadlock issue when keychain data cannot be unlocked.
Version 11.1.009
- Fixed defect: Unable to get access token in the completion block of initializeSDK call.
- Enhancement: Exposed API to fetch the password policy, so that password policy validation can be used anytime by the client.
- Fixed the issue of SDK didn’t handle the case when the user disabled the FaceID or Passcode aafter using Biometrics to store session.
Version 11.1.007 (Updated)
- Fixed SDK initialization deadlock.
- Small sample code UI improvements to dismiss keyboard after finishing editing.
- New field in password policy: requireAlphabeticCharacter
Version 11.1.001 - 11.1.007
New
- Secondary driver management support
- New phone number verification workflow
- NTP Time support
- New two-step “forget password” workflow
- Sample code to show how to use push notification
Bug fix
- Removed duplicated parameters
Version 0.77
New
- Updating email address and mobile phone number is now possible using
AccountManager.updateUser(user:completion)
. Changing email address will also automatically change the userId for the subsquent login.
Bug fix
- Issues with automatic token refresh is fixed.
Version 0.76
New
- New registerAndSignIn API in
AccountManager
for automatically loggin user in after successful registration. This is a convinience method that is the same as callingregister(user:password:completion)
andsignIn(userId:password:keepMeSignIn:completion)
methods separately.
AccountManager.registerAndSignIn(user:password:keepMeSignIn:completion:)
Version 0.75
New
- New delete user API in
AccountManager
.
AccountManager.deleteUser(completion:)
Version 0.74
New
- Framework Swift 4.2 and Xcode 10 support
Version 0.73
Changes
- UsherSDK initialization method signature changed to
public static func initializeWith(configuration: UsherSDKConfiguration, completion: @escaping (NSError?) -> Void)
Now an NSError object will be returned in the completion block explaining what went wrong instead of a boolean.
- UsherSDK.initializeWith(configuration:completion:) will now fail if biometric login is enabled and user canceled finger pring scan or authentication fail.
New
- Application can now register Apple push notificaiton tokens with server using the UsherSDK static API
UsherSDK.updateAPNSToken(_:completion:)
- Logging - UsherAutoSDK now writes rotating 7 days log to file. The file can be accessed using the url UsherSDK.logFileUrl
Version 0.72
Changes
- UsherSDK is now renamed to UsherAccountSDK : Import the SDK as
import UsherAccountSDK
Password Reset Workflow change : Previously password reset was done by getting OTP code for .forgotPassword purpose and use that code to make the reset call
PasswordManager.resetPassword(userId:newPassword:otpCode:session:completion:)
. This method is now removed. In the new workflow the following steps has to be done to reset password.- Request OTP code for .forgotPassword purpose using
OTPManager.requestOTP(recipient:purpose:completion)
. This method will return an OTPSession object in the completion. - Verify the OTP code recieved by the user including the sessionId recieved in step 1 using
OTPManager.verifyOTP(code:purpose:completion)
. This method will return an OTPSession object in the completion upon successful validation. - Set a new password by calling
PasswordManager.resetPassword(userId:newPassword:session:completion)
. Use the session ID got from verifying the OTP code in step 2.
- Request OTP code for .forgotPassword purpose using
Version 0.71
New
- Objective C support
- iOS 9 support