ASWebAuthenticationSession cookie

I searched several times online for someone who is using the new ASWebAuthenticationSession init together with matchesURL but I haven't found any mention of it. Is anyone using this new initializer? If so, can someone please share a code example? I'm trying to use the new initializer with a https redirect URL. Thank you!

As I've mentioned multiple times, we've discovered some very annoying failures when using a TPP, including FaceTime, AirDrop, and some VPNs. (Tailscale works fine, weirdly enough.) In doing some experimentation today with FortiNet, I was able to get the TPP to work if I added the FortiNet server (which, in our case, is an amazon VM) to the TPP's excludedNetworks list. While it is not working, the tcpdump I got for the host was: 15:15:35.584029 IP (tos 0x0, ttl 64, id 1976, offset 0, flags [none], proto UDP (17), length 412) 192.168.43.16.55067 > ${hidden}.ipsec-msft: [udp sum ok] NONESP-encap: isakmp 1.0 msgid 00000000 cookie d66f571dcfc483ba->0000000000000000: phase 1 I ident: (sa: doi=ipsec situation=identity (p: #1 protoid=isakmp transform=2 (t: #1 id=ike (type=lifetype value=sec)(type=lifeduration len=4 value=00015180)(type=enc value=aes)(type=keylen value=0080)(type=auth value=fde9)(type=hash value=sha1)(type=group desc value=modp2048)) (t: #2 id=ike (type=lifetype value=sec)(type=lifedura

Hi, Cross Domain cookies are blank on iOS Chrome. Tested on iOS v17.3, 17.4, 17.4.1, 15.6.1 on chrome versions 128 (on ios 17), 86 (on ios 15) respectively. Note: Allow Cross Site Tracking cookies setting was enabled before observing the issue. Last year, this issue dint use to occur (not sure about the iOS version but probably on iOS 14 but not sure). Please assist. Regards, Bikram

I'm working on an app made in React Native with Expo. It uses a web view to show the site in the app. Everything worked well, but when I submitted my app to the App Store, it got rejected. The mail said: We noticed you collect data to track after the user selects Ask App Not to Track on the App Tracking Transparency permission request. Specifically, we noticed your app accesses web content you own and collects cookies for tracking after the user asked you not to track them. After that, using the expo tracking transparency library, I added a permission request to track data. If the user doesn't accept it, I disable third party cookies on the web view. After submitting again to the App Store, I got the exact same message. I don't know what to do, because I can't control the site, and I'm limited to the React Native web view props Maybe, I could enable incognito mode if the user doesn't want the app to track, but I'm not sure if this will be accepted too. Thanks in advance

I'm using AppAuth pod to handle user login with Azure in my app. I followed this sample : https://github.com/openid/AppAuth-iOS/tree/master/Examples which works fine until my authentication code expires. It works ok for the 1st connection and all the time while the authenticationCode is still valid. Once it expires, I briefly see the alert to Sign in and then it disappears and I get the error :Attempting to load the view of a view controller while it is deallocating is not allowed and may result in undefined behavior. (It works fine again if I delete the app and re-install it.) I read that I should Ensure that there is a strong reference to the SFAuthenticationSession instance when the session is in progress.. And I think that's the case with the currentFlow declared in AppDelegate. (see code below) Did anyone ever faced and solved this issue ?import UIKit import AppAuth import AuthenticationServices var isLoginViewOn: Bool = false var isConnectionBtnPressed: Bool = false class ContainerController: UIViewCont

Hello, My app uses OAuth to connect to two services. To get the authorization ocde, originally, they both allowed a URI in the form of com.SmartVentsTwo://auth. Now, the second one changed and requires that the URI be a complete URL starting with HTTPS. Needless to say the second stopped working. I read several different articles and posts about this difference telling me a range of things to do from simply adding https://com.SSmarVentsTwo://auth to the URL types in the project settings, to creating a redirect from my website. It would seem the most secure would be the former since it doesn't require extra jumps, but it didn't work. When I tried it, after logging in and authorizing the request, i got a could not find server error. What are the exact steps I need to follow to accommodate the change? (Thank you very much!!)

New versions of AppKit/Mac Catalyst apps that use Google's Sign In framework are being rejected by App Store Review for the past two weeks. Reason shared was: The user is taken to the default web browser to sign in or register for an account, which provides a poor user experience. And also citing: Data Collection & Storage guidelines -> https://developer.apple.com/app-store/review/guidelines/#data-collection-and-storage Opening macOS' default web browser has been a native behavior of Mac apps when using SFSafariViewController with ASWebAuthenticationSession, which is required, since iOS 13, for securely/privately logging in users. As far as I could investigate, there hasn't been any updates to the guidelines that would indicate any required changes to developers in regards to how login works for macOS apps. Are there any steps developers need to take to get updates approved while still providing users with Google's Sign in? As reference, there is an on-going discussion on GoogleSignIn repo abo

When using an ASWebAuthenticationSession to log in, with prefersEphemeralSession = false to enable SSO, the system presents an alert asking if the user wants to allow SomeApp to Sign In with someauthprovider.xyz. The system presents exactly the same alert when you want to log out, and it is confusing for users. It's my understanding that the system does this because the alert really means would you like to allow this app to let some page access Safari's shared cookie vault? in lay terms, and is not distinguishing between create, read, update, or delete. It would be splendid if Apple changes this dialog depending on the operation. I would also like to know if there is any other way to fix this.

Hi! I've got a problem with Safari (17.4.1) in Mac OS Sonoma (14.4.1). Safari logs me out in every website I log in: Google websites, Twitter, also all my Wordpress sites... It logs me out after a few minutes. I try to clean safari, empty caches, cookies. I've got private relay disabled and in privacy settings I've goy all settings unchecked...