Classes

Handles PingAM-specific network operations such as registration and authentication responses.

The responder encapsulates JWT generation, challenge response calculation, and request payload creation for PingAM endpoints. Networking operations are executed using the supplied HttpClient, while logging is delegated to the provided Logger instance.

PingAM implementation of the PushHandler protocol.

This handler is responsible for determining whether an incoming push message belongs to PingAM and for parsing the payload into a normalized dictionary that can be consumed by the Push service layer. Network operations (registration, approvals, etc.) are delegated to PingAMPushResponder and completed in subsequent phases of the implementation plan.

Public-facing client that orchestrates Push MFA operations.

The client exposes high-level APIs for credential management, notification processing, and response handling while delegating business logic to the internal PushService. Clients should create instances using the DSL-style factory methods which encapsulate configuration defaults and dependency setup.

Configuration class specific for Push MFA functionality.

This configuration allows customization of storage, network behavior, caching, cleanup policies, and platform handlers. It follows a builder pattern for easy setup.

Usage Examples

// Simple configuration with defaults
let config1 = PushConfiguration.build { config in
    config.logger = myLogger
}

// Custom configuration
let config2 = PushConfiguration.build { config in
    config.storage = MyCustomStorage()
    config.timeoutMs = 20000
    config.enableCredentialCache = true
    config.notificationCleanupConfig = .hybrid(maxNotifications: 50, maxAgeDays: 14)
}

// Security-focused configuration
let config3 = PushConfiguration.build { config in
    config.encryptionEnabled = true
    config.enableCredentialCache = false  // No in-memory caching
    config.notificationCleanupConfig = .ageBased(maxAgeDays: 7)
}

Default Values

• storage: nil (PushKeychainStorage will be used)
• policyEvaluator: nil (default policies will be used)
• encryptionEnabled: true
• timeoutMs: 15000 (15 seconds)
• enableCredentialCache: false (disabled for security)
• logger: nil (no logging)
• customPushHandlers: [:] (empty dictionary)
• notificationCleanupConfig: count-based with 100 max notifications

Keychain-based storage implementation for Push credentials and notifications. Uses iOS Keychain Services for secure credential storage.

This implementation stores each item as JSON data in the iOS Keychain with unique identifiers as keys. Credentials and device tokens are stored securely and are never exposed in memory longer than necessary.