AuthenticationServices

RSS for tag

Improve the experience of users when they enter credentials to establish their identity using Authentication Services.

AuthenticationServices Documentation

Posts under AuthenticationServices tag

74 results found
Sort by:
Post not yet marked as solved
19 Views

App Rejected for requiring phone number at sign-up

Can you collect phone numbers following sign-in with apple? I am creating a firebase backed app and offering users the option to sign in with third party apps such as facebook and google. According to Apple, this means i must also include an option to sign-in with Apple; however my app is getting rejected in the review process for attempting to grab more information from the user after they authenticate with apple. I get that sign-in with apple is supposed to be a one click solution to getting the user interacting with the core of the app; however, we require the user's phone number for app functionality. Is there any way to get the app approved in this situation while still getting the user's phone number at sign-up? I do not see an option to grab the number from the sign-in with apple credential like you can for name.
Asked
by bsaggese.
Last updated
.
Post not yet marked as solved
175 Views

Detect if user is signed in with an apple id

hi, guys: is there any way to detect if the user has signed in with an apple id in settings? i just want to get a bool, no username or identifier required. no privacy issue i think.
Asked
by zyguo.
Last updated
.
Post not yet marked as solved
409 Views

ASWebAuthenticationSession won't open the Safari login window on Monterey

My macOS app uses ASWebAuthenticationSession for users to login to a third party service. It's worked fine until Monterey. When I call start on ASWebAuthenticationSession it shows me the permission window as expected: However when I click Continue nothing else happens. It does not show the Safari window and load the login page. I've noticed these errors appear in the Console every time, so it seems it's having trouble opening Safari (even though I have Safari already open). Any suggestions on how to fix this? Surely ASWebAuthenticationSession isn't broken for everyone? error 10:40:50.598301+0000 kernel 43 duplicate reports for Sandbox: com.apple.WebKit(13346) deny(1) mach-lookup com.apple.diagnosticd error 10:40:50.598309+0000 kernel Sandbox: SafariLaunchAgen(5469) deny(1) system-fsctl _IO('h', 47) error 10:40:52.349729+0000 kernel Sandbox: com.apple.WebKit(6675) deny(1) mach-lookup com.apple.diagnosticd error 10:40:53.011948+0000 CoreServicesUIAgent LAUNCH: Launch failure with -10652/ <FSNode 0x60000068b6e0> { isDir = y, path = '/Applications/Safari.app' } error 10:40:53.019505+0000 CoreServicesUIAgent Unable to forward entitlements from overridden keySenderAuditTokenAttr [sess=100005 pid=5469 uid:501,501,501 g:20,20 pV:257536] to target port ( port:85539/0x14e23 rcv:0,send:2,d:0 limit:0), which will likely cause them to reject this AppleEvent, errorRef=[ NULL ]
Asked
by dazboj.
Last updated
.
Post not yet marked as solved
68 Views

Apple ID validation on backend

My application is linking with the customer's apple account on the front end with no problems. But I would like to validate the data when it comes to the backend. Having the userid how can I validate it in node.js? do you have any route that passes the id and returns data such as name and email? Thanks
Asked Last updated
.
Post not yet marked as solved
50k Views

Sign In With Apple not working with Xcode 12 beta on simulator ?

Running the sample "Juice" app, which demos the Sign In With Apple flow, doesn't seem to work with Xcode 12 beta and iOS 14 beta on the simulator (worked fine on the non-beta versions and on a real device with iOS 14 beta). Once the password for the device's Apple ID is entered, the wheel in the password field just keeps spinning. No error messages and nothing handed back over to the app from the ASAuthorizationController. Anyone else seeing this problem ? Are there any workarounds ?
Asked
by npvisual.
Last updated
.
Post not yet marked as solved
109 Views

[AuthenticationServices] Problems with CSRF token during OAuth login

Hi there, We are using the AuthenticationServices framework in our app to make it possible for users to sign in to their account via an OAuth2 flow. It happens sometimes that the login page, which opens in the in-app browsers via the AuthenticationServices, do not handle the CSRF token correctly resulting in that the user is unable to log in. The form will reject the POST-request since the CSRF token is incorrect. Does someone have experience with this or, even better, a solution? :-)
Asked Last updated
.
Post not yet marked as solved
1.1k Views

AKAuthenticationError Code=-7089 when trying to setup sharing web credentials on macOS

I’m trying to implement web credentials sharing on macOS 11.0. According to documentation: 1) added associated domain file to website and now it’s available at location https://my.website/.well-known/apple-app-site-association (my.website is just and example here) 2) added Associated Domains entitlement to my macOS app with value webcredentials:my.website Problems: when using SecAddSharedWebCredential func get callback error:  Error Domain=NSOSStatusErrorDomain Code=-4 "SecAddSharedWebCredentialSync not supported on this platform" (kCFMessagePortTransportError / kCSIdentityDeletedErr / unimpErr:  /  / unimplemented core routine) UserInfo={numberOfErrorsDeep=0, NSDescription=SecAddSharedWebCredentialSync not supported on this platform}) when using SecRequestSharedWebCredential func get console error and callback error (the same for ASAuthorizationController with ASAuthorizationPasswordRequest request) Authorization failed: Error Domain=AKAuthenticationError Code=-7089 Error Domain=com.apple.AuthenticationServices.AuthorizationError Code=1000 What I’m doing wrong? 
Asked
by dimaty.
Last updated
.
Post not yet marked as solved
129 Views

Is ASWebAuthenticationSession compatible with App Clips?

Question: Do App Clips support receiving callbacks from ASWebAuthentictionSession's redirectCallbackURL? Context: I'm trying to get CloudKit working in an app clip. Read support is done, but it would be nice for the user to see the capabilities before full download. Presently, I have the CloudKit Web Services successfully invoking redirectURL within SafariViewController, but I haven't figured out how to get it to direct to something the App Clip can get a hold of. CloudKit allows you to specify three different callbackURLs: https:// [freeform] http:// localhost[freeform] cloudkit-icloud.:// [freeform] I am new to AuthenticationSerivces framework so I may have missed something. The desired OAuth doesn't need to be CloudKit/iCloud but any provider. Everything is working except the redirect URL.
Asked
by edorphy.
Last updated
.
Post marked as solved
3.6k Views

Different SSO behavior for ASWebAuthenticationSession in iOS 14

In our app we're performing authentication using ASWebAuthenticationSession. SSO seems to work fine in iOS 13 for different paths for the same domain but when running the same app in iOS 14, cookies don't seem to be attached to subsequent requests once authenticated in safari window. I'm not sure if it helps : Looking at the logging in instruments when running the app in iOS 14 device, I can see : 00:09.690.903 Default iOS B2c Sample (1691) CFNetwork Default iOS B2c Sample 0x1631f Faulting in NSHTTPCookieStorage singleton 00:09.690.929 Default iOS B2c Sample (1691) CFNetwork Default iOS B2c Sample 0x1631f Faulting in CFHTTPCookieStorage singleton 00:09.690.944 Default iOS B2c Sample (1691) CFNetwork Default iOS B2c Sample 0x1631f Creating default cookie storage with default identifier (Above logs don't happen in iOS 13) and later in iOS 14: 00:10.113.701 Debug iOS B2c Sample (1691) CFNetwork Default iOS B2c Sample 0x1631c Task <88E60E41-6B7B-4787-ABF6-B65C92C8FF4E>.<1> request https://testb2c.b2clogin.com/testb2c.onmicrosoft.com/b2c_1_susi/oauth2/v2.0/token is NOT allowed to set HSTS for main doc  In iOS 13 : 00:15.570.171 Debug iOSB2C (5320) CFNetwork Default iOSB2C 0x24045d Task <79A2078B-718D-4D4D-A46D-1FF1B2238431>.<6> request n/a is NOT allowed to set HSTS for main doc  00:23.139.303 Debug iOSB2C (5320) CFNetwork Default iOSB2C 0x24045d Task <88D45825-FB1E-4C38-8EFF-87A8528B61E3>.<7> request n/a is NOT allowed to set HSTS for main doc  Has anyone noticed similar issue with ASWebAuthenticationSession?
Asked
by amepatil.
Last updated
.
Post not yet marked as solved
80 Views

Which is the best way to send credentials to a login API ?

Hi everyone, I hope you're all doing well. I was wondering what is the most secure way to communicate with a login API to which I send credentials and get Json Web Token in case of a successful login ? Also, where should I store the JWT while the app is running ? I red in the documentation that "ATS requires that HTTP connections use HTTPS", so I thought that using URLSession is a good and secure solution. I'm quite new to SwiftUI and trying to learn what is the most secure way to communicate sensitive data to web API. Thanks in advance for your answers
Asked
by aissam93.
Last updated
.
Post not yet marked as solved
106 Views

Sign in with Apple not working on Xcode 13 simulators

When I try testing the sign-in with apple button on ANY xcode simulator, it doesn't work. After inputting the password to sign in, the spinner in the password field never stops spinning and nothing from the oauth methods gets printed. I have tested the sign in on multiple real-world devices. It always works. It seems to just be simulators that are causing the issue I'm worried my app will be rejected because of this. Has anyone encountered this? Any fixes?
Asked
by willt42.
Last updated
.
Post not yet marked as solved
695 Views

ASAuthorizationController delegate inside class not called

I have a class where I want to handle the Sign in with Apple logic. I have created an ASAuthorizationController, set the presentationContextProvider to be my view controller and set the delegate to the class itself. When I perform the requests, the system dialog shows up. But upon canceling, my delegate method does not get called. Here is my class: final class AppleSignInProvider: NSObject { typealias CompletionHandler = (Result<AuthCredential, Error>) -> Void enum AuthError: LocalizedError { case credential case nonce case identityToken case identityTokenString } private let completion: CompletionHandler private var authorizationController: ASAuthorizationController? init(completion: @escaping CompletionHandler) { self.completion = completion } private var currentNonce: String? private func sha256(nonce: String) -> String { let inputData = Data(nonce.utf8) let hashedData = SHA256.hash(data: inputData) let hashString = hashedData.compactMap { return String(format: "%02x", $0) }.joined() return hashString } func signIn(viewController: UIViewController) { let nonce = randomNonceString() currentNonce = nonce let request = ASAuthorizationAppleIDProvider().createRequest() request.requestedScopes = [ .fullName, .email ] request.nonce = sha256(nonce: nonce) let authorizationController = ASAuthorizationController(authorizationRequests: [request]) authorizationController.presentationContextProvider = viewController.view.window authorizationController.delegate = self authorizationController.performRequests() self.authorizationController = authorizationController } // Adapted from https://auth0.com/docs/api-auth/tutorials/nonce#generate-a-cryptographically-random-nonce private func randomNonceString(length: Int = 32) -> String { precondition(length > 0) let charset: [Character] = Array("0123456789ABCDEFGHIJKLMNOPQRSTUVXYZabcdefghijklmnopqrstuvwxyz-._") var result = "" var remainingLength = length while remainingLength > 0 { let randoms: [UInt8] = (0 ..< 16).map { _ in var random: UInt8 = 0 let errorCode = SecRandomCopyBytes(kSecRandomDefault, 1, &random) guard errorCode == errSecSuccess else { fatalError("Unable to generate nonce. SecRandomCopyBytes failed with OSStatus \(errorCode)") } return random } randoms.forEach { random in if remainingLength == 0 { return } if random < charset.count { result.append(charset[Int(random)]) remainingLength -= 1 } } } return result } } extension AppleSignInProvider: ASAuthorizationControllerDelegate { func authorizationController(controller: ASAuthorizationController, didCompleteWithAuthorization authorization: ASAuthorization) { do { guard let appleIDCredential = authorization.credential as? ASAuthorizationAppleIDCredential else { throw AuthError.credential } guard let nonce = currentNonce else { throw AuthError.nonce } guard let appleIDToken = appleIDCredential.identityToken else { throw AuthError.identityToken } guard let idTokenString = String(data: appleIDToken, encoding: .utf8) else { throw AuthError.identityTokenString } let credential = OAuthProvider.credential(withProviderID: "apple.com", idToken: idTokenString, rawNonce: nonce) completion(.success(credential)) } catch { completion(.failure(error)) } } func authorizationController(controller: ASAuthorizationController, didCompleteWithError error: Error) { completion(.failure(error)) } } My delegate methods are called when the view controller is set as delegate, but that is not a fix for my issue.
Asked
by ilendemli.
Last updated
.
Post not yet marked as solved
164 Views

App Rejected Guideline 2.1 - Performance - App Completeness

We discovered one or more bugs in your app.  Specifically, an error is still shown when trying to log in with Sign in with Apple.  Please review the details below and complete the next steps.  Review device details: Device type: iPad and iPhone  OS version: iOS 15.1.0 Next Steps Please run your app on a device to reproduce the issues, then revise and submit your app for review. If at first you're unable to reproduce the issue, try the following:  For new apps, uninstall all previous versions of your app from a device, then install and follow the steps to reproduce.  For app updates, install the new version as an update to the previous version, then follow the steps to reproduce. If we misunderstood the intended behavior of your app, please reply to this message in Resolution Center to provide information on how these features were intended to work. Resources For information about testing apps and preparing them for review, see Technical Note TN2431: App Testing Guide. To learn about troubleshooting networking issues, see About Networking. We tried both scenarios (app update and fresh install) to reproduce the issue on iPadOS 15.1. This was tried on TestFlight build but it was working as expected. Login was success everytime. The implementation is done purely using AuthenticationService. To create request - ASAuthorizationAppleIDProvider().createRequest() To perform request - ASAuthorizationController Somehow app gets rejected everytime. Is there any way to reproduce this issue? How can we debug such issues?
Asked Last updated
.
Post not yet marked as solved
230 Views

Please Help: Thread 1: EXC_BAD_ACCESS (code=2, address=0x30ecb2ff8)

I have been trying to figure this out for like 5 hours, and I can't seem to see what its happening. My app is trying to get users signIn with using Google or Apple methods. Once they finish the SignUp with any provider, It should take them to another screen (OnboardingViewPart2) to finish the profile setup. However, the issue is that when I finish entering my email on the Google SignUp, the screen closes and the app get stuck for like 10 secs and throws the Bad Access error. My debug takes me that there is something going on with AuthService, but I can't figure out what. Firebase recognizes that the method was used, but doesn't create any Collections or Documents. Please Help :) ContentView.swift OnboardingView.swift AuthService.swift OnboardingViewPart2.swift SignInWithGoogle.swift
Asked Last updated
.
Post not yet marked as solved
158 Views

Autofill previously saved password on a new domain inside ASWebAuthenticationSession

Is there some way to suggest to the system that it should autofill passwords in a ASWebAuthenticationSession on a domain not previously associated with my app? I'm working on an app that currently has native login and registration screens, password autofill works great and links credentials it to my associated domains. I now need to move these login and registration screens to use ASWebAuthenticationSession and have users authenticate on a website on a new domain. The system does not autofill my apps credentials on these pages. I can add this new domain as an associated domain, and new registrations are able to save the password and then autofill it later. But I can't get previously saved passwords to autofill on this new domain. Is that possible? I did manage to use Shared Web Credentials to save the users credentials against the new domain when they login. But this will only migrate users that login between now and when I switch to ASWebAuthenticationSession, not all users will be migrated. Any new ideas or solutions much appreciated.
Asked
by Ashton.
Last updated
.