Integrate the Anti-Bot SDK into iOS apps

Limits

Your iOS apps must use iOS 9.0 or later. If the API version is earlier than 9.0, the SDK cannot work as expected.

Prerequisites

• The app protection feature is purchased and enabled.

  For more information, see Procedure to enable app protection.

• The SDK for iOS apps is obtained.

  After you purchase the app protection feature, you can contact technical support in the DingTalk service group to obtain the SDK. You can also submit a ticket to obtain the SDK.

  The SDK has two versions: Identifier for Advertising (IDFA) version and non-IDFA version. The two versions use the following SDK files:

  • AliTigerTally_IDFA.framework
  • AliTigerTally_NOIDFA.framework

  

  If you use the IDFA version, we recommend that you integrate the SDK of the AliTigerTally_IDFA version into your iOS apps. If you use the non-IDFA version, we recommend that you integrate the SDK of the AliTigerTally_NOIDFA version into your iOS apps.

• The SDK authentication key, namely the app key, is obtained.
  To obtain the app key, log on to the Web Application Firewall console and choose Protection Settings > Website Protection. On the Bot Management tab of the Website Protection page, turn on App Protection and click Obtain and Copy Appkey. The SDK authentication key is used in the integration code to initiate an SDK initialization request.

  Note The app key obtained for all domain names in the current Alibaba Cloud account is the same and unique, regardless of whether you integrate the SDK into Android apps or iOS apps.

  
  Authentication key example:

  ****OpKLvM6zliu6KopyHIhmneb_****u4ekci2W8i6F9vrgpEezqAzEzj2ANrVUhvAXMwYzgY_****vc51aEQlRovkRoUhRlVsf4IzO9dZp6nN_****Wz8pk2TDLuMo4pVIQvGaxH3vrsnSQiK****

Background information

The SDK is used to sign requests that are sent by apps. Web Application Firewall (WAF) verifies the signatures in the requests to identify risks in app services and block malicious requests.

(Optional) Create a test iOS project

You can integrate the SDK into a real iOS project. You can also integrate the SDK into a test iOS project to familiarize yourself with the integration operations before you integrate the SDK into a real iOS project.

The following example shows how to use Xcode to create a test iOS project.

The following figure shows a test project named TigerTally_sdk_test.

Procedure

1. Use Xcode to open the test iOS project and enter the file directory.
2. Copy the SDK to the project.
   • The following figure shows the SDK of the non-IDFA version.
   • The following figure shows the SDK of the IDFA version.
3. Add dependency libraries to the project.

   Dependency library	Non-IDFA	IDFA
   libc++.tbd	Required	Required
   CoreTelephony.framework	Required	Required
   libresolv.9.tbd	Required	Required
   AdSupport.framework	Not required	Required

   
4. Open Build Settings and add -ObjC to the Other Linker Flags option.
5. Add the integration code.
   1. Add a header file.
      Sample code:

      • Objective-C

        // Non-IDFA version 
        #import <AliTigerTally_NOIDFA/AliTigerTally.h> 
        
        // IDFA version 
        #import <AliTigerTally_IDFA/AliTigerTally.h>

      • Swift

        // Create a header file. 
        #ifndef TigerTally_sdk_Swift_h
        #define TigerTally_sdk_Swift_h
        
        // Non-IDFA version 
        #import <AliTigerTally_NOIDFA/AliTigerTally.h> 
        // IDFA version 
        #import <AliTigerTally_IDFA/AliTigerTally.h>
        
        #endif /* TigerTally_sdk_Swift_h */

        You must add the header file that you create to the Objective-C Bridging Header option on Build Settings.
   2. Specify a user ID.
      Function:

      -(void)setAccount:(NSString*)account

      Description: configures a user ID in requests. This way, you can configure WAF protection policies in a more efficient manner.

      Parameter: <account> which specifies the user ID. Data type: NSString*. We recommend that you enter a masked user ID.

      Return value: none.

      Sample code:

      • Objective-C

        // testAccount indicates an example of the user ID string. 
        //If the logon user is a guest, you do not need to call this function. You can directly call the initialization function. 
        [[AliTigerTally sharedInstance] setAccount:@"testAccount"]; 

      • Swift

        // testAccount indicates an example of the user ID string. 
        //If the logon user is a guest, you do not need to call this function. You can directly call the initialization function. 
        AliTigerTally.sharedInstance().setAccount("testAccount")

   3. Initialize the SDK.
      Function:

      -(bool)initialize:(NSString*)appKey

      Description: initializes the SDK and performs one-time information collection. One-time information collection allows you to collect terminal information for one time. If you want to collect terminal information again, call the initialize function.

      Interface parameter: <appKey> specifies the SDK authentication key. Data type: NSString*.

      Return value: A value that indicates whether the initialization is successful. Data type: bool. The value true indicates that the initialization is successful. The value false indicates that the initialization failed.

      Sample code:

      • Objective-C

        NSString *appKey=@"****OpKLvM6zliu6KopyHIhmneb_****u4ekci2W8i6F9vrgpEezqAzEzj2ANrVUhvAXMwYzgY_****vc51aEQlRovkRoUhRlVsf4IzO9dZp6nN_****Wz8pk2TDLuMo4pVIQvGaxH3vrsnSQiK****";
        if([[AliTigerTally sharedInstance]initialize:appKey]){
            NSLog(@"The initialization is successful.");
         }else{
             NSLog(@"The initialization failed.");
        }

      • Swift

        let binit = AliTigerTally.sharedInstance().initialize("****OpKLvM6zliu6KopyHIhmneb_****u4ekci2W8i6F9vrgpEezqAzEzj2ANrVUhvAXMwYzgY_****vc51aEQlRovkRoUhRlVsf4IzO9dZp6nN_****Wz8pk2TDLuMo4pVIQvGaxH3vrsnSQiK****")
        if(binit){
            NSLog("The initialization is successful.");
        }else{
            NSLog("The initialization failed.");
        }

   4. Sign request data.
      Function:

      -(NSString*)vmpSign:(NSData*)inputBody

      Description: signs the input data and returns the signature string.

      Parameter: <inputBody> which specifies the data body to be signed. Data type: NSData*.

      Return value:

      • Normal return results: A signature string is returned. Data type: NSString*.
      • Abnormal return results

        Return result	Description	Solution
        you must call initialize	The initialize function is not called.	Call the initialize function to initialize the SDK. Then, call the vmpSign function.
        you must input body	The data body to be signed is not specified.	When you call the vmpSign function, specify the data body <inputBody> to be signed.
        NULL	The initialization is not complete, and request data failed to be signed.	Call the vmpSign function again. If this issue repeatedly occurs, contact technical support in the DingTalk service group. You can also submit a ticket to contact technical support.

      Sample code:

      Note In the following sample code, the signature string is defined as wToken.

      • Objective-C

        if(![[AliTigerTally sharedInstance]initialize:@"xxxxxxxxxxxxxxxxxxxxx"])
        {
                NSLog(@"The initialization failed.");
                return;
        }
        NSString *signBody =@"hello";
        NSString *wToken= [[AliTigerTally sharedInstance] vmpSign:[signBody dataUsingEncoding:NSUTF8StringEncoding]];
        NSLog(@"wToken== %@",wToken);

      • Swift

        if(!AliTigerTally.sharedInstance().initialize("xxxxxxxxxxxxxxxxxxxxx")){
            NSLog("The initialization failed.");
           return
        } 
        let signBody = "hello"
        var token = AliTigerTally.sharedInstance().vmpSign(signData)
        NSLog(token);

   5. Add the signature string to the header and send requests to the server of your iOS apps.

      The signature string is submitted to the server for business-critical events, such as client logon request events. WAF receives requests that are destined for the server, parses the signature string wToken to identify and block malicious requests, and then forwards normal requests to the server.

      Sample code:

      • Objective-C

        NSURL * url = [NSURL URLWithString:@"https://xxxxxx/test?id=123"];
        NSMutableURLRequest *request=[NSMutableURLRequest requestWithURL:url cachePolicy:NSURLRequestUseProtocolCachePolicy timeoutInterval:10];
        [request setValue: wToken forHTTPHeaderField: @"wToken"];
        request.HTTPMethod=@"post";
        request.HTTPBody=[signBody dataUsingEncoding:NSUTF8StringEncoding];
        NSURLSessionDataTask *dataTask = [[NSURLSession sharedSession] dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) {
            if(error){
                NSLog(@"The data fails to be sent.%@", error);
            }else
            {
                NSLog(@"The data is sent.");
            }
        }];
        [dataTask resume];

      • Swift

        guard let url = URL(string: "https://xxxxxx/test?id=123") else { return }
        var request = URLRequest(url: url)
        request.httpMethod = "POST"
        request.addValue(token, forHTTPHeaderField: "wToken")
        let session = URLSession.shared
        session.dataTask(with: request) { (data, response, error) in
            if let data = data {
                do {
                    print("OK")
                } catch {
                    print("ERROR")
                    print(error)
                }
            }
        
        }.resume()
        }