Closed icedice closed 7 years ago
brandwe
commented
7 years ago @icedice Make sure that you aren't using a URL for your redirect URI. In iOS 10 you could redirect to an app using the OS URIs (e.g. myapp://). Since iOS 11 uses the SFAuthenticationSession() method this must be a String. I've found that if you use a URL, iOS 11 does not allow a redirect from the SFAuthenticationSession to any app.
WilliamDenniss
commented
7 years ago @icedice the magic is in the completionHandler for the SFAuthenticationSession instance: https://github.com/openid/AppAuth-iOS/blob/83736c9a3f658bea63be9164e37d0be54d0240a5/Source/iOS/OIDAuthorizationUICoordinatorIOS.m#L98-L107
It performs the critical resumeAuthorizationFlowWithURL call, which you used to have to do manually before iOS 11 from your UIApplicationDelegate. If you're only targeting iOS 11, AppAuth requires nothing in your UIApplicationDelegate.
The API SFAuthenticationSession is more self-contained which is nice, so now AppAuth can be as well.
Assuming you keep the UIApplicationDelegate plumbing, AppAuth handles everything for you, from iOS 7 through to 11 – using 3 different techniques to get SSO in each version!
icedice
commented
7 years ago Thank you for clarifying that. This leads me to my next issue. I am unable to logout of my app when using SFAuthenticationSession. I could call my logout endpoint with SFAuthenticationSession but then the user needs to confirm "login using" dialog to logout which would be very confusing. With SFSafariViewController it just works. So how do we handle logout when using iOS 11+ ? Or do i have to make a hack to use SFSafariViewController even when SFAuthenticationSession is available?
Thanks
davidvirdeforshh
commented
6 years ago @icedice Did you ever solve this? I have the same issue.
icedice
commented
6 years ago @davidvirdeforshh not really... I did a fork of AppAuth that always uses SFSafariViewController even when SFAuthenticationSession is available, that way I am able to log out... the fork is here: https://github.com/icedice/AppAuth-iOS as I recall it was just a one liner change...
jeremygiberson
commented
6 years ago You might want to see https://github.com/openid/AppAuth-iOS/issues/197#issuecomment-375806729
Im so confused right now. Have been trying to figure this out for a while now. In iOS 10 application:openURL:options: in the AppDelegte is called as expected when control is returned from the web view, but in iOS the method is never called but everything works as expected anyways. I suspect this has to do with SFSafariViewController being used in >iOS 11 and SFAuthenticationSession in later versions but I did not find this documented anywhere. Whats going on?