Open xcskier56 opened 4 years ago
What is the advantage of ASWebAuthenticationSession @xcskier56 ?
I for my part can not answer this question either.
@xcskier56 please explain the advantages of ASWebAuthenticationSession
.
I keep this issue open a few days and close it afterwards if there is no feedback.
BR
I did some investigation and ASWebAuthenticationSession
should be used as it is more secure and provides better usability by sharing cookies and password autocompletion.
See: https://authguidance.com/2020/02/22/ios-code-sample-overview/
Also, I think it is correct, that OauthSwift has support for ASWebAuthenticationSession
and this should be the default way to initialize a OAuth2/OIDC Login.
Can this somehow be made configurable @moberwasserlechner ?
Hey there. This is quite important because we already had some trouble with Apple App Review. Sometimes they reject our app because we do not use the desired way of ASWebAuthenticationSession. When ASWebAuthenticationSession is used there is an alert asking the user if the app should open a authentication-session (see screenshot as example). We would really appreciate this feature as it is implemented in the underlying plugin already.
moreover, this feature would allow to achieve Single Sign On between two or more different apps (provided they all talk to the same OIDC provider)
I've created a pull request that allows the plugin to support ASWebAuthenticationSession
.
Here is it: #226
Just wondering why the PR it is not merged...
Description
Does this plugin support using
ASWebAuthenticationSession
? I know that OauthSwift, which this plugin is using does, but in my testing, it seems that a regular Safari View is used instead of theASWebauthenticationSession
. I'm a web dev so only moderately understand the swift code, but it appears to me that aSafariURLHandler
is being used instead of theASWebauthenticationSession
. Is this the case?