Hi All, I am getting stuck while authenticating using ASWebAuthenticationSession. When I am authenticating using a certificate(provided through the MDM profile) the ASWebAuthenticationSession window is stuck with the following image shown in the window. It seems that the ASWeb is not redirecting to customSchemeURL so that we can pick up the authorization code from there. Strangely enough, when we cancel the flow and again retrigger the authentication everything works fine. This scenario happens only once for a fresh installation. Any idea how to resolve the issue?
Search results for
ASWebAuthenticationSession cookie
1,295 results found
Selecting any option will automatically load the page
Post
Replies
Boosts
Views
Activity
Dev environment: MacbookPro, Ventura 13.0.1 XCode 14.1 I’m implementing a feature for an existing MacOS application, which will allow users to launch zoom meetings from the application, and am trying to use ASWebAuthenticationSession to implement OAuth2. I’ve confirmed that universal links are correctly configured and working for the app (which is using an https-based redirect URI). In my app delegate, I’ve implemented the following for universal links: - (BOOL)application:(NSApplication *)application continueUserActivity:(NSUserActivity *)userActivity restorationHandler:(void (^)(NSArray> *restorableObjects))restorationHandler { if ([userActivity.activityType isEqualToString: NSUserActivityTypeBrowsingWeb]) { NSURL *url = userActivity.webpageURL; if ([url.path containsString:[NSString stringWithStdString:Zoom::kFragment]]) { std::string urlStr((url.absoluteString).stdString); //DBG DialogFactory::GetInstance()->Message(Universal links handler - AppDelegate: Handling response: + urlStr); //DBG
Hi, Thanks for responding. I stated above that I'm using https as the callback scheme and that I'm using Universal Links instead of a custom scheme. But, I forgot to mention the following sanity checks: I've confirmed that: universal links are correctly configured and working as expected the scheme passed to ASWebAuthenticationSession doesn't contain any special characters and matches authURL’s scheme (https) my system, including Chrome, is up to date I’ve tried: clearing all cache and cookies on Chrome disabling all extensions on Chrome an alternate https-based redirect If you tell me which logs would be helpful, I can send them to you. Is there some way to send them without attaching them here? Also, you said: Safari will ignore http/https, but other browsers might get confused. I'm guessing you meant to say Safari will not ignore http/https. If so, does this mean implementing OAuth using ASWebAuthenticationSession with an https redirect scheme and Universal Links only works with
Topic:
Programming Languages
SubTopic:
Swift
Tags:
Environment details: MacbookPro, Ventura 13.0.1 XCode 14.1 I’m trying to use ASWebAuthenticationSession to implement OAuth2 for a MacOS application. When Chrome is my default browser, starting a session crashes the application. When either Firefox or Safari are the default browser, starting a session launches Safari with the login page. After logging in, instead of redirecting back to the application and invoking my session handler, a 404 page is displayed. Also displayed is a banner near the top of the window, containing an open button and instructions: “Open in the MyApp app”. Clicking the button redirects back to the app, and the OAuth received by the application:continueUserActivity:restorationHandler: method that I implemented in NSAppDelegate for Universal links. My session handler never receives the OAuth response or an error. Is there a solution or workaround for this? Thanks for any help.
Update: For reasons I don't understand, if I encode the auth request url like this: NSString* urlEncStr = [nsUrlStr stringByAddingPercentEncodingWithAllowedCharacters:NSCharacterSet.URLHostAllowedCharacterSet]; before handing it to ASWebAuthenticationSession, chrome doesn't crash. But it doesn't bring up the login page either (see attached screenshot). I've tried other character sets but no success. Here's my code: import AppKit import AuthenticationServices @objc extension FMViewController : ASWebAuthenticationPresentationContextProviding { @objc public func userLogin(){ guard let oauthMgr : FMZoomOAuthMgr = self.oauthDelegate else { return } /* getAuthURL() returns (for example): 'https://zoom.us/oauth/authorize?response_type=code&client_id=XXXXXX&redirect_uri=https://rev5.XXXXXXX.com/fdv13/zoom&code_challenge_method=S256&code_challenge=l4mqprM9XscfUNQL-s1P0O7gNc6fxDM5dnM2THuaKqc' */ guard let authURL = oauthMgr.getAuthURL() else {return} /* getScheme() returns 'https' */ guard let
Topic:
App & System Services
SubTopic:
Core OS
Tags:
Hi, Thanks for the response. I've confirmed that both the scheme passed to ASWebAuthenticationSession and the redirect URL scheme are both https. Also that the scheme being passed in doesn't contain any special characters. To be clear, when Safari is the default browser, I'm able to successfully obtain an auth code. But this auth code is obtained by my app delegate (in application:continueUserActivity:restorationHandler: ) instead of the session handler passed to ASWebAuthenticationSession. When safari isn't the default browser, the browser (chrome or firefox) crashes before presenting the login page. Thanks.
Topic:
App & System Services
SubTopic:
Core OS
Tags:
We’re using ASWebAuthenticationSession with Universal Link for the redirectURI. On success sign-in, server returns an universal link with the authentication code. The SceneDelegate, func scene( scene: UIScene, continue userActivity:) is called, but the completionHandler from the WebAuthentication Session is never called and the sign-in screen never dismiss. Do you have an idea why? Do you have a sample Xcode project?
UniversalLink and redirectURI are different things. OAuth standard protocol assumes that once the authentication part on the ASWebAuthenticationSession panel is completed successfully, the backend will redirect you to the URI indicated into the redirectURI parameter you used to instruct the request for the ASWebAuthenticationSession. If this doesn't happen for any reason (like a 302 on the redirectURI), then the ASWebAuthenticationSession isn't completed and your call back is never called.
Topic:
Programming Languages
SubTopic:
Swift
Tags:
ASWebAuthenticationSession works wrong when called second time in a row. So our web authentication code is organised like this: if let existingSession = ssoAuthSession { // closes the auth window but then request queue gets stuck: existingSession.cancel() } let session = ASWebAuthenticationSession(url: signinURL, callbackURLScheme: callbackScheme) { (receivedURL, error) in /// handle the result, DispatchQueue.main.async { // report the result self.ssoAuthSession = nil } } session.prefersEphemeralWebBrowserSession = true session.presentationContextProvider = delegate //delegate provides a valid app window if !session.canStart() { // report error, (doesn't happen) return } self.ssoAuthSession = session self.ssoAuthSession.start() The problem is, if the user initiates the SSO Authentication second time without closing the previous browser authentication window, that old window closes (as we cancelled the old session), but the new window never opens. This reproduces 100% on every default browser
Have you managed to solve that? Sometimes it works sometimes the cookies are not preserved.
Topic:
Safari & Web
SubTopic:
General
Tags:
Our company is rolling out the 'Sign in with Apple' feature, when deployed to our alpha env, we met a block issue: when Apple redirect back to our service, sometimes it will miss all cookies, which one is used to mark which server the original request from, Our alpha env have more than one server.There's some probability that this behavior will happen. Any of you have this situation?
Hi everyone, I am trying to authenticate an user through ASWebAuthenticationSession, and after that redirect to an URL that uses the callback scheme. The authentication page URL is correctly loaded on a browser thanks to ASWebAuthenticationPresentationContextProviding. But after form completed and authentication successfully, what I am doing is a redirect directly from my server to http://localhost:5000/ios/hola?hola=hola I am trying to catch this URL using a callbackScheme in my iOS app, using the same url that the one which I redirected the browser to, but this is not working. I also tried to create a Scheme URL to my identifier, and pass it to the callbackScheme, but this is not working either. Documentation is not very clear at how to manage the authentication callback and as a beginner I don't know the way to solve this. Some help would be appreciated. Thank you for your time! PD: This is the code of my class @available(iOS 12.0, *) class AuthView: UIViewController { var authSession: ASWebAuthenticationSession
Hi there, I am trying to do the same, with the Twitter API, however their first step of the OAuth flow seems to require a POST request, and I don't believe that ASWebAuthenticationSession gives that option. Would you confirm it is not possible to authenticate with the twitter API through ASWebAuthenticationSession ?
Topic:
App & System Services
SubTopic:
Core OS
Tags:
In iOS 16, passkeys can be used in a WKWebView if the client app is using Associated Domains for the relying party. For other relying parties, you can use passkeys in SFSafariViewController or ASWebAuthenticationSession.
Topic:
Privacy & Security
SubTopic:
General
Tags:
I need a way to accept third party cookies in WKWebViews. It seems the latest iOS is blocking my site from fully loading due to third party cookies.