I noticed that I need not set the NEVPNProtocolIKEv2's passwordReference
if I supplied the userName
and password
via the options
argument in startVPNTunnel
.
Supply password using passwordReference
(requires use of Keychain):
func connect(userName: String, password: String, serverAddress: String) async throws {
saveToKeychain(key: "VPN_Password", value: password)
let passwordReference = keychainReference(key: "VPN_Password")
let vpn = NEVPNManager.shared()
try await vpn.loadFromPreferences()
let pc = NEVPNProtocolIKEv2()
pc.serverAddress = serverAddress
pc.authenticationMethod = .none
pc.username = userName
pc.passwordReference = passwordReference
pc.useExtendedAuthentication = true
vpn.protocolConfiguration = pc
vpn.isEnabled = true
try await vpn.saveToPreferences()
try await vpn.loadFromPreferences()
try vpn.connection.startVPNTunnel()
}
Supply password using options
parameter in startVPNTunnel
:
func connect(userName: String, password: String, serverAddress: String) async throws {
let vpn = NEVPNManager.shared()
try await vpn.loadFromPreferences()
let pc = NEVPNProtocolIKEv2()
pc.serverAddress = serverAddress
pc.authenticationMethod = .none
pc.useExtendedAuthentication = true
vpn.protocolConfiguration = pc
vpn.isEnabled = true
try await vpn.saveToPreferences()
try await vpn.loadFromPreferences()
try vpn.connection.startVPNTunnel(options: [NEVPNConnectionStartOptionUsername: userName, NEVPNConnectionStartOptionPassword: password])
}
Is one preferred over the other? I'm inclined to use the second one as it doesn't require the (additional) use of the Keychain. Are there any drawbacks in doing do?