AccessToken.refreshToken is nil when logging in via WebView (if Uber is uninstalled)

uber / rides-ios-sdk

Uber Rides iOS SDK (beta)

https://developer.uber.com/docs

MIT License

374 stars 124 forks source link

AccessToken.refreshToken is nil when logging in via WebView (if Uber is uninstalled) #236

Closed PatrickAdams closed 6 years ago

PatrickAdams commented 6 years ago

When testing on Simulator or device without Uber installed, the SDK will attempt to authenticate with a WebView popup. When authenticating this way the accessToken.tokenString and accessToken.expirationDate are returned as expected but the accessToken.refreshToken is nil.

When using the native Uber app authentication all of those fields are returned as expected including the refreshToken.

Is this a bug or am I doing something wrong?

edjiang commented 6 years ago

That's correct, this is behaving as intended. When using a web view, you will not get a refresh token with the implicit grant.

Here's the OAuth spec for more details: https://tools.ietf.org/html/rfc6749#section-4.2.2i

To get another access token, you will either need to use the authorization code flow to get a refresh token, or use the web view again.