search

CAAPIM / Sample-App-MAS-iOS-Login-User-Authentication-And-Authorization

Repo has been moved. Please go to https://github.com/Layer7-Community/Mobile/tree/main/MAG_SDK_Mobile_Apps/iOS
MIT License
0 stars 1 forks source link

SSL pinning validation failed message #3

Closed bizzychamps closed 6 years ago

bizzychamps commented 6 years ago

I have raised a ticket with CA support who are redirecting me to the installation guide ... but struggling to get past this error message on login

SSL Pinning validation failed: ensure the target domain's MASSecurityConfiguration is correctly configured...

below is a snippet moss file (removed urls and ids), can you advise what could be causing this message to appear?

{

    "server": {

        "hostname": "xxxxx",

        "port": 443,

        "prefix": "",

        "server_certs": [

                         [

                          "-----BEGIN CERTIFICATE-----xxxxxx","-----END CERTIFICATE-----"

                          ]

                         ]

    },

    "oauth": {

        "client": {

            "organization": "xxxxx",

            "description": "What is the app used for?",

            "client_name": "mag_test",

            "client_type": "public",

            "registered_by": "admin",

            "client_custom": {},

            "client_ids": [

                           {

                           "client_id": "xxxxxx",

                           "client_secret":"",

                           "scope": "oob",

                           "redirect_uri": "oob",

                           "environment": "ALL",

                           "status": "ENABLED",

                           "registered_by": "admin",

                           "service_ids": "",

                           "account_plan_mapping_ids": "",

                           "client_key_custom": {}

                           }

                           ]

        },

        "system_endpoints": {

            "authorization_endpoint_path": "/auth/oauth/v2/authorize",

            "token_endpoint_path": "/auth/oauth/v2/token",

            "token_revocation_endpoint_path": "/auth/oauth/v2/token/revoke",

            "usersession_logout_endpoint_path": "/connect/session/logout",

            "usersession_status_endpoint_path": "/connect/session/status"

        },

        "oauth_protected_endpoints": {

            "userinfo_endpoint_path": "/openid/connect/v1/userinfo"

        }

    },"mag": { "system_endpoints": { "device_register_endpoint_path": "/connect/device/register", "device_renew_endpoint_path": "/connect/device/renew", "device_client_register_endpoint_path": "/connect/device/register/client", "device_remove_endpoint_path": "/connect/device/remove", "client_credential_init_endpoint_path": "/connect/client/initialize", "authenticate_otp_endpoint_path": "/auth/generateOTP" }, "oauth_protected_endpoints": { "enterprise_browser_endpoint_path": "/connect/enterprise/browser", "device_list_endpoint_path": "/connect/device/list" }, "mobile_sdk": { "sso_enabled": true, "location_enabled": true, "location_provider": "network", "msisdn_enabled": true, "enable_public_key_pinning": false, "trusted_public_pki":false, "trusted_cert_pinned_public_key_hashes" :[], "client_cert_rsa_keybits": 1024 }, "ble":{ "msso_ble_service_uuid":"xxxx", "msso_ble_characteristic_uuid":"xxxx", "msso_ble_rssi": -80 } },

    "custom": {

        "oauth_demo_protected_api_endpoint_path":"/oauth/v2/protectedapi/foo",

        "mag_demo_products_endpoint_path":"/protected/resource/products"

    }

}
rodrigoareis commented 6 years ago

Hi,

it is hard to answer this question without more details. By quickly looking the client configuration provided, it seems to me you did not setup the "scope" for your client app, which cause some issues. Please, take a look in the follow link on how to create a client app.

https://docops.ca.com/ca-mobile-api-gateway/4-0/en/prepare-devices-and-apps-for-developers/create-a-client-application/create-a-client-app-for-the-mobile-sdk

Please, always try to use the latest version of the SDK. You also may want to ensure any change in the configuration is loaded by using [MAS startWithDefaultConfiguration:] instead of [MAS start:].

If you still experience the problem after follow the guide above, please use the CA support channel instead of this space. It help us to evaluate customer usage and improve our documentation.

Thanks