auth0 / auth0-oidc-client-net

OIDC Client for .NET Desktop and Mobile applications
https://auth0.github.io/auth0-oidc-client-net/
Apache License 2.0
86 stars 49 forks source link

Package Auth0.OidcClient.iOS 3.3.7 is not compatible with net7.0-ios16.1 (.NETCoreApp,Version=v7.0). Package Auth0.OidcClient.iOS 3.3.7 supports: xamarinios10 (Xamarin.iOS,Version=v1.0) #252

Closed ajfleming1 closed 1 year ago

ajfleming1 commented 1 year ago

Checklist

Description

When upgrading to .NET 7 I am getting this error message.

Package Auth0.OidcClient.iOS 3.3.7 is not compatible with net7.0-ios16.1 (.NETCoreApp,Version=v7.0). Package Auth0.OidcClient.iOS 3.3.7 supports: xamarinios10 (Xamarin.iOS,Version=v1.0)

Is there any plans to support .NET 7? If not, what is the recommended upgrade path?

Reproduction

Change TargetFrameworkVersion to "net7.0".

Additional context

No response

auth0-oidc-client-net version

3.3.7

Platform

iOS

Platform version(s)

>=13.4

Fammy commented 1 year ago

A little more context, we are going to upgrade our Xamarin.Android and Xamarin.iOS apps to .NET 7. We don't use Xamarin.Forms (we started before it existed) and so we will be moving to MAUI in two steps: upgrade to .NET 7, then upgrade to MAUI at some future point.

Is there a solution for .net7-android and .net7-ios that don't use MAUI?

frederikprijck commented 1 year ago

👋 Thanks for reaching out.

We are going through an exercise were we try and determine whether or not we should stick to a dedicated SDK or have proper documentation on how to use IdentityModel.OidcClient directly with Auth0.

The reason we are doing that is because our SDK is nothing but a thin wrapper around IdentityModel.OidcClient, and issues like these prove why a dedicated SDK can be considered blocking, when you actualy could be using IdentityModel.OidcClient directly with .NET 7 already but you can not because this thin wrapper is blocking you from doing so.

Just to be clear, I am not saying this is going to be the path forward, but I am saying we are going to evaluate what's best for our users to limit the road blocks one has with the fast evolving .NET ecosystem. The intention is not to leave anyone behind at all, but try and be more helpful and potentially cover even more surface area (e.g. MAUI), which we could do without the need for a dedicated SDK.

For the short term, I would say if you need any platform that we don't natively support, using straight IdentityModel.OidcClient is going to be the easiest. Even more so, if the plan is to move to MAUI, our guidance for MAUI is to use IdentityModel.OidcClient directly as well, read more about this here.

The benefit of this is that, for the most part, the IdentityModel.OidcClient is integrated in a variety of platforms in a similar way.

frederikprijck commented 1 year ago

Closing this for now, as we are tracking this internally and I believe the question was answered. If not, let me know and can always reopen.

joemather commented 1 year ago

We are going through an exercise were we try and determine whether or not we should stick to a dedicated SDK or have proper documentation on how to use IdentityModel.OidcClient directly with Auth0.

@frederikprijck - Any update on this? Has an official decision been made? If not, when can we expect one?

I have multiple Xamarin.Android and Xamarin.iOS apps (not Forms/MAUI) that require upgrade to .NET 7.

I hope Auth0 sticks with the dedicated SDK. It definitely simplifies integration. Professionally maintained/supported SDKs are a big selling point for the Auth0 platform.

Without an official decision, we have to assume the dedicated SDK is a dead end. Please clarify the path forward.

Thank you.

frederikprijck commented 1 year ago

Hey @joemather ,

I did some recent investigation and it looked like our AndroidX SDK worked as is with .NET Android.

After a good conversation with someone on the xamarin team, i learned it should be the case that anything that worked with xamarin, should work with android.net and ios.net.

So the AndroidX SDK should already work if you aren't using Maui, while our iOS needs to be updated to be installable on the corresponding platforms (i will try and find some time to do some testing and patch the iOS SDK accordingly). Our Android (not AndroidX), will never work on dotnet6+ for as far as i understand, and we should move to AndroidX.

If you aren't using Maui, the idea is you can keep using this SDK and this specific SDK isn't going away.

What's on the table is to decide whether or not we want to come with a dedicated Maui SDK (which uses IdentityModel.OidcClient), or recommend using IdentityModel.OidcClient directly.

Nothing has been decided, but we might opt for a Maui SDK (I should have more on that in the coming few weeks, but ill try to get back sooner)

However, for the time being you should be fine using IdentityModel.OidcClient directly with Maui, as per https://github.com/frederikprijck/auth0-maui)

If we'd come with an SDK it should be easy to replace in your application if you integrate it as per https://github.com/frederikprijck/auth0-maui/commit/8ec6f0fbc97016a71f02bc26f49aef711cdb2419)

So long story short, there are definetly no plans to leave android and ios customers behind and we are actively doing some investigation. We also want to do better going forward, as the current lack of dotnet6+ support isn't how it should be.

joemather commented 1 year ago

Hello @frederikprijck.

the AndroidX SDK should already work if you aren't using Maui

Confirmed. I tested a native (non-MAUI) .NET 7 Android app on Android 13, Android 12, and Android 10 devices. LoginAsync(), LogoutAsync(), and RefreshTokenAsync() worked correctly on all devices.

our iOS needs to be updated to be installable on the corresponding platforms (i will try and find some time to do some testing and patch the iOS SDK accordingly)

Great, I'll keep an eye out for the iOS update. Auth0.OidcClient.iOS seems to be the last obstacle for migrating our native (non-MAUI) Xamarin apps to .NET.

If you aren't using Maui, the idea is you can keep using this SDK and this specific SDK isn't going away.

Glad to hear that! We do not use Forms/MAUI.

Thanks for your help.

joemather commented 1 year ago

Hello @frederikprijck.

Could you please provide a status update on Auth0.OidcClient.iOS?

That package is the last item blocking us from migrating our native (non-MAUI) Xamarin apps to .NET 6+.

Thank you!

frederikprijck commented 1 year ago

Thanks for the ping and sorry for the radio silence.

I have had other priorities, but i am happy to inform you iOS on dotnet6+ is one of the priorities for the coming weeks, among other things such as MAUI as well. But i will be sure to move it to the front of the priorities!

frederikprijck commented 1 year ago

Just want to mention that I opened a PR with something I believe should solve it: https://github.com/auth0/auth0-oidc-client-net/pull/274.

@joemather Would you be able to give this a test and see if that PR works in your case? You can download the nuget files as artifacts here.

joemather commented 1 year ago

@frederikprijck - Yes, I'll have some time later today or tomorrow to test. I'll post the results here. Thanks!

joemather commented 1 year ago

@frederikprijck - An exception occurs inside LoginAsync() at the very end of the login process.

Stack trace:

[Auth0OidcProvider:SignIn] EXCEPTION E=System.InvalidOperationException: IDX20803: Unable to obtain configuration from: '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'.
 ---> Microsoft.IdentityModel.Json.JsonSerializationException: Error setting value in extension data for type 'Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration'. Path 'device_authorization_endpoint', line 1, position 268.
 ---> System.ExecutionEngineException: Attempting to JIT compile method '(wrapper delegate-invoke) System.Collections.Generic.IDictionary`2<string, object> <Module>:invoke_callvirt_IDictionary`2<string, object>_OpenIdConnectConfiguration (Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration)' while running in aot-only mode. See https://docs.microsoft.com/xamarin/ios/internals/limitations for more information.
   at System.Linq.Expressions.Interpreter.FuncCallInstruction`2[[Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration, Microsoft.IdentityModel.Protocols.OpenIdConnect, Version=6.12.2.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35],[System.Collections.Generic.IDictionary`2[[System.String, System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e],[System.Object, System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]], System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]].Run(InterpretedFrame )
   at System.Linq.Expressions.Interpreter.Interpreter.Run(InterpretedFrame )
   at System.Linq.Expressions.Interpreter.LightLambda.Run(Object[] )
   at System.Dynamic.Utils.DelegateHelpers.FuncThunk1[Object,Object](Func`2 handler, Object t1)
   at Microsoft.IdentityModel.Json.Serialization.DefaultContractResolver.<>c__DisplayClass44_1.<SetExtensionDataDelegates>b__0(Object o, String key, Object value)
   at Microsoft.IdentityModel.Json.Serialization.JsonSerializerInternalReader.SetExtensionData(JsonObjectContract contract, JsonProperty member, JsonReader reader, String memberName, Object o)
   --- End of inner exception stack trace ---
   at Microsoft.IdentityModel.Json.Serialization.JsonSerializerInternalReader.SetExtensionData(JsonObjectContract contract, JsonProperty member, JsonReader reader, String memberName, Object o)
   at Microsoft.IdentityModel.Json.Serialization.JsonSerializerInternalReader.PopulateObject(Object newObject, JsonReader reader, JsonObjectContract contract, JsonProperty member, String id)
   at Microsoft.IdentityModel.Json.Serialization.JsonSerializerInternalReader.CreateObject(JsonReader reader, Type objectType, JsonContract contract, JsonProperty member, JsonContainerContract containerContract, JsonProperty containerMember, Object existingValue)
   at Microsoft.IdentityModel.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(JsonReader reader, Type objectType, JsonContract contract, JsonProperty member, JsonContainerContract containerContract, JsonProperty containerMember, Object existingValue)
   at Microsoft.IdentityModel.Json.Serialization.JsonSerializerInternalReader.Deserialize(JsonReader reader, Type objectType, Boolean checkAdditionalContent)
   at Microsoft.IdentityModel.Json.JsonSerializer.DeserializeInternal(JsonReader reader, Type objectType)
   at Microsoft.IdentityModel.Json.JsonSerializer.Deserialize(JsonReader reader, Type objectType)
   at Microsoft.IdentityModel.Json.JsonConvert.DeserializeObject(String value, Type type, JsonSerializerSettings settings)
   at Microsoft.IdentityModel.Json.JsonConvert.DeserializeObject[OpenIdConnectConfiguration](String value, JsonSerializerSettings settings)
   at Microsoft.IdentityModel.Json.JsonConvert.DeserializeObject[OpenIdConnectConfiguration](String value)
   at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel)
   at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.<GetConfigurationAsync>d__26[[Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration, Microsoft.IdentityModel.Protocols.OpenIdConnect, Version=6.12.2.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]].MoveNext()
   --- End of inner exception stack trace ---
   at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.<GetConfigurationAsync>d__26[[Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration, Microsoft.IdentityModel.Protocols.OpenIdConnect, Version=6.12.2.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]].MoveNext()
   at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.<GetConfigurationAsync>d__25[[Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration, Microsoft.IdentityModel.Protocols.OpenIdConnect, Version=6.12.2.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]].MoveNext()
   at Auth0.OidcClient.Tokens.JsonWebKeys.GetForIssuer(String issuer)
   at Auth0.OidcClient.Tokens.AsymmetricSignatureVerifier.ForJwks(String issuer)
   at Auth0.OidcClient.Tokens.IdTokenValidator.AssertTokenMeetsRequirements(IdTokenRequirements required, String rawIDToken, Nullable`1 pointInTime, ISignatureVerifier signatureVerifier)
   at Auth0.OidcClient.Auth0ClientBase.LoginAsync(Object extraParameters, CancellationToken cancellationToken)
   at Pxy.Shared.Core.Services.Auth0.Providers.Auth0OidcProvider.SignIn(Boolean forceSignIn, Object parentActivityOrWindow) in /Users/jmather/Documents/PXY/Development/PxySingleSignOn/Pxy.Shared.Core/Services/Auth0/Providers/Auth0OidcProvider.cs:line 214

Additional information:

I downloaded Auth0.OidcClient.Core v3.4.1 and Auth0.OidcClient.iOS v3.5.1 from the link you provided. Both packages installed correctly into my .NET 7 iOS project. I installed the app on an iPhone 11 Pro (iOS 16.5) - real hardware, not a simulator. The login process starts off as expected - the browser opens and the Auth0 sign in page appears. I enter credentials and press the Log In button. There's a brief (normal) delay while login processing occurs. The browser closes and login seems to have been successful; however, the exception is thrown when the SDK tries to process/validate the login results.

frederikprijck commented 1 year ago

Thanks @joemather, I can't reproduce that, it seems to work perfectly fine.

Is there any sample you can share with me to look into?

Additionally, I can see your error message is about device_authorization_endpoint, can you verify you have that key in your openid-configuration file by going to https://yourTenantName.auth0.com/.well-known/openid-configuration?

joemather commented 1 year ago

@frederikprijck - I did some more testing. Device builds threw the exception, but simulator builds worked correctly.

So I investigated the "running in aot-only mode" exception:

 ---> System.ExecutionEngineException: Attempting to JIT compile method '(wrapper delegate-invoke) System.Collections.Generic.IDictionary`2<string, object> <Module>:invoke_callvirt_IDictionary`2<string, object>_OpenIdConnectConfiguration (Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration)' while running in aot-only mode. See https://docs.microsoft.com/xamarin/ios/internals/limitations for more information.

      That lead me to a similar issue. I tried their solution, and it worked. After adding <UseInterpreter>true</UseInterpreter> to my project file, LoginAsync() works correctly on the device for Debug and Release builds.

You might consider mentioning this workaround in the README.md for this project. Other devs may bump into the same problem when they migrate to .NET iOS.

Thank you for prioritizing this update! I'm looking forward to the official release.

frederikprijck commented 1 year ago

We released a new version that should work with .NET6+, let me know if this wouldnt work as expected (please open a new issue if that is the case).

joemather commented 1 year ago

@frederikprijck - The new release works correctly on my iOS device (as long as <UseInterpreter>true</UseInterpreter> is set in the project file).

Thank you for your responsiveness and hard work to get this release out the door!

AliKarimiENT commented 2 months ago

I'm currently implementing it on .NET 8. For Android, it seems to be working fine. I've defined the activity and the login web URL is launched as expected. However, when it comes to iOS, nothing happens. After I call LoginAsync, it returns the result but doesn't open anything. I'm testing it on the simulator.

I also installed Auth0.OidcClient.iOS and set <UseInterpreter>true</UseInterpreter>

joemather commented 2 months ago

@AliKarimiENT - What error message/exception do you receive and what package versions are you using? I'm using Auth0.OidcClient.Core v4.0.1 and Auth0.OidcClient.iOS v4.0.0. They work great on iOS devices and simulators. I have a .NET 8 native app (not MAUI) built with JetBrains Rider. There's no <UseInterpreter> in my csproj.

You should open a new issue because this thread was for fundamental .NET 6+ compatibility, which has been resolved.

Hope this helps.

AliKarimiENT commented 2 months ago

@AliKarimiENT - What error message/exception do you receive and what package versions are you using? I'm using Auth0.OidcClient.Core v4.0.1 and Auth0.OidcClient.iOS v4.0.0. They work great on iOS devices and simulators. I have a .NET 8 native app (not MAUI) built with JetBrains Rider. There's no <UseInterpreter> in my csproj.

You should open a new issue because this thread was for fundamental .NET 6+ compatibility, which has been resolved.

Hope this helps.

@joemather thanks for your response Well finally I removed bin and obj folders and worked 😂😁. MAUI is crazy 🤣🤣