Facebook Login iOS SDK Authentication Token Has No Signature

[paul-livefront]

Checklist before submitting a bug report

• [X] I've updated to the latest released version of the SDK
• [X] I've searched for existing GitHub issues
• [X] I've looked for existing answers on Stack Overflow, the Facebook Developer Community Forum and the Facebook Developers Group
• [X] I've read the Code of Conduct
• [X] This issue is not security related and can safely be disclosed publicly on GitHub

Xcode version

15.3

Facebook iOS SDK version

17.0.2

Dependency Manager

SPM

SDK Framework

Login

Goals

We're attempting to migrate to the Limited Login flow in the latest versions of the iOS SDK. We get back an AuthenticationToken (JWT), but we're unable to validate it because the signature portion of the JWT is always missing/empty.

Expected results

The JWT contained in AuthenticationToken.current?.tokenString after login should have a propertly formatted header, payload, and signature.

Actual results

The JWT contains a header and payload, but the signature is empty.

Steps to reproduce

Login with limited tracking configured. After the successful login attempt. AuthenticationToken.current?.tokenString has an incomplete JWT value.

Code samples & details

guard let configuration = LoginConfiguration(
    permissions: [.publicProfile, .email],
    tracking: .limited
) else {
    return
}

logIn(viewController: viewController, configuration: configuration) { result in
    switch result {
    case .success:
        // We should now have a valid AuthenticationToken.current?.tokenString.
    default:
        // handle errors
    }
}

[811414114]

M A Hannan is inviting you to a scheduled Zoom meeting.

Topic: [facebook/facebook-ios-sdk] Facebook Login iOS SDK Authentication Token Has No Signature (Issue #2442)

Join Zoom Meeting https://us05web.zoom.us/j/85245876546?pwd=X5W5awHdTRq3nNv7L2lNZkZUe4bmbO.1

Meeting ID: 852 4587 6546 Passcode: 580916