iOS Tutorial
In this tutorial, we will use the iOS SDK to integrate Connect into your application.
Our frontend SDKs handle getting an authorization code representing a vehicle owner’s consent for your application to interact with their vehicle for the requested permissions. In order to make requests to a vehicle, please use one of our backend SDKs.
For security, token exchanges and requests to vehicles should not be made client side.
Overview
- The Mobile Application launches a
SafariViewwith Smartcar Connect to request access to a user’s vehicle. On Connect, the user logs in with their vehicle credentials and grants the Application access to their vehicle. - The
SafariViewis redirected to a specifiedREDIRECT_URIalong with an authorizationcode. This will be the custom scheme set on the application. The Smartcar iOS SDK receives the authorizationcodein a view listening for the specified custom scheme URI, and passes it to the Mobile Application. - The Mobile Application sends the received authorization
codeto the Application’s back-end service. - The Application sends a request to the Smartcar API. This request contains the authorization code along with the Application’s
CLIENT_IDandCLIENT_SECRET. - In response, Smartcar returns an
ACCESS_TOKENand aREFRESH_TOKEN. - Using the
ACCESS_TOKEN, the Application can now send requests to the Smartcar API. It can access protected resources and send commands to and from the user’s vehicle via the backend service.
Prerequisites
- Sign up for a Smartcar account.
- Make a note of your
CLIENT_IDandCLIENT_SECRETfrom the Configuration section on the Dashboard. - Add a custom scheme redirect URI to your application configuration.
- Add the
appServerredirect URI from Setup step 2 to your application configuration.
For iOS, we require the custom URI scheme to be in the format of sc + clientId + :// + hostname.
For now, you can just set it to sc + clientId + ://exchange.
Please see our Connect Docs for more information.
Setup
- Clone our repo and install the required dependancies:
$git clone https://github.com/smartcar/getting-started-ios-sdk.git $cd getting-started-ios-sdk/tutorial $pod install $open getting-started-ios-sdk.xcworkspace - Set the following constants in
Constants.swift. We’re settingappServertohttp://localhost:8000to pass the authorizationcodefrom the Handle the Response step later on in the tutorial to our backend.Constants.swiftstruct Constants { static let clientId = "<your-client-id>"; static let appServer = "http://localhost:8000"; }
Build your Connect URL
- Instantiate a
SmartcarAuthobject in theviewdidLoadfunction of theViewController.ViewController.swift{/* TODO: Authorization Step 1: Initialize the SmartcarAuth object */} appDelegate.smartcar = SmartcarAuth( clientId: Constants.clientId, redirectUri: "sc\(Constants.clientId)://exchange", testMode: true, scope: ["required:read_vehicle_info"], completion: completion )
The iOS SDK does not support simulated mode at this time - only test and live.
Feel free to set testMode: false where you instantiate your SmartcarAuth object to
connect to a real vehicle.
-
The iOS application will launch a
SafariViewwith Connect to request access to a user’s vehicle. On Connect, the user logs in with the username and password for their vehicle’s connected services account and grants the application access to their vehicle.To launch Connect, we can use the
launchAuthFlowfunction that ourSmartcarAuthobject has access to. We can place this within theconnectPressedaction function.ViewController.swift@IBAction func connectPressed(_ sender: UIButton) { {/* TODO: Authorization Step 2: Launch Connect */} let smartcar = appDelegate.smartcar! smartcar.launchAuthFlow(viewController: self) }
Registering your Custom Scheme
Once a user has authorized the application to access their vehicle, the user is redirected to the REDIRECT_URI with an authorization code as a query parameter.
iOS applications use custom URI schemes to intercept calls and launch the relevant application. This is defined within the Info.plist.
- Open up
Info.plistand click on the grey arrow next to URL types. - Next, click on the grey arrow next to the
Item 0dictionary andURL Schemesarray. - Finally, set your
Item 0string to the redirect URI you set up in the Prerequisites section (i.e. ‘sc’ + clientId).
Handle the response
- The iOS application will now receive the request in the
application:(_:open:options:)function within the AppDelegate.AppDelegate.swiftfunc application(_ application: UIApplication, open url: URL, options: [UIApplicationOpenURLOptionsKey : Any] = [:]) -> Bool { {/* TODO: Authorization Step 3a: Receive the authorization code */} window!.rootViewController?.presentedViewController?.dismiss(animated: true , completion: nil) smartcar!.handleCallback(with: url) return true } - Using the iOS SDK, the application can receive the code in the
completion callbackpassed into theSmartcarAuthobject.AppDelegate.swiftfunc completion(err: Error?, code: String?, state: String?) -> Any { {/* TODO: Authorization Step 3b: Receive the authorization code */} print(code!); {/* prints out the authorization code */} }
Launching Connect
Build your application in XCode and click on the Connect your vehicle button.
This turotiral configures Connect to launch in test mode by default.
In test mode, any username and password is valid for each brand.
Smartcar showcases all the permissions your application is asking for - read_vehicle_info in this case.
Once you have logged in and accepted the permissions, you should see your authorization code printed to your console.
Getting your first Access Token
After receiving the authorization code, your iOS application must exchange it for an ACCESS_TOKEN. To do so, we can send
the code to a backend service. Let’s assume our backend service contains an endpoint /exchange that receives an authorization code as a query parameter and exchanges it for an ACCESS_TOKEN.
// TODO: Obtain an access token
Alamofire.request("\(Constants.appServer)/exchange?code=\(code!)", method: .get)
.responseJSON {_ in}
Notice that our backend service does not return the ACCESS_TOKEN.
This is by design. For security, our frontend should never have access
to the ACCESS_TOKEN and should always be stored in the backend.
Getting data from a vehicle
Once the backend has the ACCESS_TOKEN, it can send requests to a vehicle using the Smartcar API. The iOS app will
have to send a request to the backend service which in turn sends a request to Smartcar. We have to do this because
our frontend does not have the ACCESS_TOKEN.
Assuming our backend has a /vehicle endpoint that returns the information of a user’s vehicle, we can make this query in
our completion callback and segue into another view to show the returned vehicle attributes
func completion(err: Error?, code: String?, state: String?) -> Any {
// send request to exchange auth code for access token
Alamofire.request("\(Constants.appServer)/exchange?code=\(code!)", method: .get).responseJSON {_ in
// TODO: Request Step 2: Get vehicle information
// send request to retrieve the vehicle info
Alamofire.request("\(Constants.appServer)/vehicle", method: .get).responseJSON { response in
print(response.result.value!)
if let result = response.result.value {
let JSON = result as! NSDictionary
let make = JSON.object(forKey: "make")! as! String
let model = JSON.object(forKey: "model")! as! String
let year = String(JSON.object(forKey: "year")! as! Int)
let vehicle = "\(year) \(make) \(model)"
self.vehicleText = vehicle
self.performSegue(withIdentifier: "displayVehicleInfo", sender: self)
}
}
}
return ""
}
Setting up your backend
Now that our frontend is complete, we will need to create a backend service that contains the logic for the /exchange and /vehicle endpoints.
You can use any of our backend SDKs below to set up the service starting from the Obtainting an Access Token step.
When setting up the environment variables for your backend SDK, make sure to set REDIRECT_URI to the custom scheme
used for this turotiral i.e. sc + "clientId" + ://exchange.
Was this page helpful?