Fixed TOTP generation and example code.

Bootstrap/README.md

@@ -1,6 +1,6 @@
 ##Bootstrapping Authentication
 
-If you want to provide authentication capabilities to your [Thing System](http://thethingsystem.com) client the easiest way to do this is to create a client id and the associated authentication token using the steward's own [Client Bootstrapping web service](http://thethingsystem.com/dev/Instructions-for-starting-the-Steward.html).
+If you want to provide authentication capabilities to your [Thing System](http://thethingsystem.com) client the easiest way to do this is to create a client ID and the associated authentication secret using the steward's own [Client Bootstrapping web service](http://thethingsystem.com/dev/Instructions-for-starting-the-Steward.html).
 
 ![steward console](https://github.com/thethingsystem/steward/wiki/images/client.bootstrap.png)
 
@@ -18,28 +18,22 @@ and declare your class as a `<ScanControllerDelegate>`, and then present the vie
 	scanner.delegate = self;
 	[self presentViewController:scanner animated:YES completion:NULL];
 
-This will present a (back) camera view. The user simply has to point the phone at the QR code—possibly tapping the screen to focus the camera depening on lighting and distance—and the controller will detect the QR code and return the secret via the
-
-    - (void)closedWithSecret:(NSString *)secret {
-        
-	}
-
-delegate callback. You can then pass the authentication secret back to the main `Client` class by,
-
-    Client *client = [Client sharedClient];
-    client.secret = secret;
-
-Alternatively you can use the, 
+This will present a (back) camera view. The user simply has to point the phone at the QR code—possibly tapping the screen to focus the camera depening on lighting and distance—and the controller will detect the QR code and return the OTP authentication URL via the
 
     - (void)closedWithURL:(NSURL *)url {
         
 	}
 
-delegate callback which passes the entire OTPAuth URL instead of just the secret. You can then pass the authentication secret back to the main `Client` class by,
+delegate callback. You can then pass the authentication URL back to the main `Client` class by,
 
     Client *client = [Client sharedClient];
     client.authURL = url;
 
+This will populate both the `clientID` and `secret` properties in the client allowing you to make an authenticated call directly afterwards,
+
+    client.authenticate = YES;
+    [client performWithDevice:device andRequest:request andParameters:nil];	
+
 If the user hits the cancel button in the view controller without a QR code being scanned then you will recieve a
 
     - (void)closedWithoutSecret {
@@ -48,14 +42,6 @@ If the user hits the cancel button in the view controller without a QR code bein
 
 delegate callback.
 
-As well as the authentication secret you will have to tell the client library about the client identity associated with this secret, e.g.
-
-    client.clientID = @"iphone/2"
-
-as both bits of information are necessary to authenticate to the steward.
-
-_**Note:** Authenticated calls to the steward are not yet fully supported._
-
 ###Installation
 
 We've deliberately left the `ScanController` out of the main `Client` library bundle to minimise the size of library for other use cases. If you want to make use of it in your project just drag-and-drop all the files in the `Bootstrap/` directory into your project. This includes the`ScanController` code as well as a copy of the [ZXingObjC](https://github.com/TheLevelUp/ZXingObjC) library itself. 

Client/Client/Client.h

@@ -32,7 +32,7 @@
 
 #import "SRWebSocket.h"
 
-#define LIBRARY_VERSION @"0.1.2"
+#define LIBRARY_VERSION @"0.2.0"
 #define ISO_TIMEZONE_UTC_FORMAT @"Z"
 #define ISO_TIMEZONE_OFFSET_FORMAT @"+%02d%02d"
 
@@ -147,7 +147,10 @@
 
 @end
 
-@interface Client : NSObject <StewardDelegate, MonitorDelegate, DevicesDelegate, PerformDelegate>
+@interface Client : NSObject <StewardDelegate, MonitorDelegate, DevicesDelegate, PerformDelegate> {
+
+    NSURL *authURL;
+}
 
 @property (nonatomic, weak) id <ClientDelegate> delegate;
 
@@ -159,13 +162,16 @@
 @property (nonatomic) int requestCounter;
 
 @property (nonatomic) BOOL authenticate;
-@property (nonatomic, strong) NSURL *authURL;
 @property (nonatomic, strong) NSString *secret;
 @property (nonatomic, strong) NSString *clientID;
+@property (nonatomic, strong) NSURL *authURL;
 
 + (Client *)sharedClient;
 + (NSString *)version;
 
+- (NSURL *)authURL;
+- (void)setAuthURL:(NSURL *)url;
+
 - (void)findSteward;
 
 - (void)startMonitoringEvents;

Client/Client/Client.m

@@ -103,6 +103,29 @@ - (NSString *)generateTOTPwithSecret:(NSString *)secret {
     return totp;
 }
 
+#pragma mark - Overridden Getter and Setter Methods
+
+- (NSURL *)authURL {
+    return authURL;
+}
+
+- (void)setAuthURL:(NSURL *)url {
+    NSLog(@"Setting authURL to %@", url);
+    authURL = url;
+
+    NSArray *array = [url.absoluteString componentsSeparatedByString:@"="];
+    self.secret = array[1];
+    NSLog(@"URL to String, secret = %@", self.secret);
+
+    array = [url.absoluteString componentsSeparatedByString:@"?"];
+    NSString *pre = array[0];
+    array = [pre componentsSeparatedByString:@"/"];
+    NSString *user = [NSString stringWithFormat:@"%@/%@",array[5],array[6]];
+    NSLog(@"URL to String, clientID = %@", user);
+    self.clientID = user;
+
+}
+
 
 // -----------------------------------------------------------------------------
 #pragma mark - Steward Delegate Methods

Client/README.md

@@ -139,8 +139,8 @@ If you wish to make an authenticated request, then you should instead,
     client.secret = ClientAuthenticationSecret;
     [client performWithDevice:device andRequest:request andParameters:nil];	
 
-where the client ID and the authentication secret can be obtained from the steward's own [Client Bootstrapping web service](http://thethingsystem.com/dev/Instructions-for-starting-the-Steward.html). See the next section for more details.
+where the client ID and the authentication secret can be obtained from the steward's own [Client Bootstrapping web service](http://thethingsystem.com/dev/Instructions-for-starting-the-Steward.html). 
 
-_**Note:** At the moment authentication is only partially supported. You will need to go to your steward settings and turn "Security Services" to the "No" setting. This turns secure connections on your local LAN off for clients—authentication for read/write is no longer required._
+_**Note:** To make an un-authenticated call to the steward you will need to go to your steward settings and turn "Security Services" to the "No" setting. This step turns secure connections on your local LAN off for clients and authentication for read/write is no longer required on the LAN._
 
 [![Analytics](https://ga-beacon.appspot.com/UA-44378714-2/TheThingSystem/steward-ios-library/client/README)](https://github.com/igrigorik/ga-beacon)

Examples/Client/Authenticated Lightbulb/Client.h

@@ -147,7 +147,10 @@
 
 @end
 
-@interface Client : NSObject <StewardDelegate, MonitorDelegate, DevicesDelegate, PerformDelegate>
+@interface Client : NSObject <StewardDelegate, MonitorDelegate, DevicesDelegate, PerformDelegate> {
+
+    NSURL *authURL;
+}
 
 @property (nonatomic, weak) id <ClientDelegate> delegate;
 
@@ -161,10 +164,14 @@
 @property (nonatomic) BOOL authenticate;
 @property (nonatomic, strong) NSString *secret;
 @property (nonatomic, strong) NSString *clientID;
+@property (nonatomic, strong) NSURL *authURL;
 
 + (Client *)sharedClient;
 + (NSString *)version;
 
+- (NSURL *)authURL;
+- (void)setAuthURL:(NSURL *)url;
+
 - (void)findSteward;
 
 - (void)startMonitoringEvents;