edjiang
commented
6 years ago There is no use case where we would need to fallback to an embedded web view.
Here's how the application will decide between how to present the login views:
- iOS 11+: use
SFAuthenticationSession - iOS 9+: use
SFSafariViewController - iOS 8: use external Safari.
I decided to use external Safari instead of embedding a web view in the iOS 8 case because RFC 8252 8.12 now discourages native applications from using embedded web views for doing OAuth for various security reasons.
In addition, it's less code complexity since external Safari returns a response to the AppDelegate in the same way as SFSafariViewController, reducing code complexity.
Since we are moving to
SFAuthenticationSessionandSFSafariViewController, with fallback to regular Safari for web-based authentication flows, we do not need any login views anymore.This PR removes the login views.