Closed ronnybremer closed 3 months ago
Same issue when the device code has not yet been approved, the server responds with 403 and the json error
{
"error": "authorization_pending",
"error_description": "pending approval"
}
This line (and similar calls) are causing the crash: https://github.com/openid/AppAuth-iOS/blob/c89ed571ae140f8eb1142735e6e23d7bb8c34cb2/Sources/AppAuthCore/OIDAuthorizationService.m#L480 as it is assumed the Json is a valid Json object response, however, after digging deeper inside of the debugger the Json response from the server seems to be invalid, as it has been deserialized as an array of array, hence the crash.
@ronnybremer is it possible to reach out to the IdP owner of the server to ask about their invalid JSON?
@mdmathias I did that and they have scheduled a fix.
Closing since this seems like an issue with the IdP sending back invalid JSON.
Describe the bug I have been trying to get device authorization going on tvOS 17.2 with Swift 5 in a demo app. If the auth server responds with an error, the demo app crashes:
The RESP print comes from the initialization closure, which is correctly called and handled, I am getting back all required fields. In this case, this is the user_code. After 5 seconds the library calls the token endpoint, which fails as it has an issue with the code, it returns this error structure with a http status of 400:
I would assume this is a correctly formatted error response, but somehow the library expects something different.
To Reproduce Steps to reproduce the behavior:
Expected behavior The error response should be handled correctly, even if it is malformed.
Screenshots
Environment
Additional context