I have submitted my app it was reviewed and it is available on appp store now. But the app is not opening after download. It gets stuck at Splash Screen..

I have a SwiftUI app live on the App Store which uses ASWebAuthenticationSession to authenticate against several remote services. It all runs perfectly on iOS but I'm getting a stream of complaints from users running it on Monterey / Catalyst. There seem to be 2 main errors: The auth browser window doesn't anchor properly, so the window will pop-up but it's completely independent of my app, so can easily end-up behind my application (which then appears to have hung) Even worse, on some machines (mostly m1 iMacs) the window doesn't pop-up at all but the OAuth request to the browser sits in some queue somewhere and at a later point when the user happens to restart their browser they will be prompted to login for every single time they clicked on the "sign in" button in my app. I've seen lots of other reports of the 2nd problem which just seems to happen randomly so I don't have a repro. I've seen a similar number of different ways of implementing ASWebAuthenticationPresentationContextProviding which (I presume) ought to fix the former. Unfortunately none of them work. I'm including some minimal code to reproduce the former issue. This is my own amalgamation of several other approaches. It doesn't work - if you click on the "sign in" button the OAuth window will pop-up but it's completely independent and you can easily move the "anchor" window on top of it. Has anyone managed to get this working? Here's the code: import SwiftUI import AuthenticationServices import UIKit struct SignInView: View {     @StateObject var viewModel = SignInViewModel()     @State var window: UIWindow? = nil     var body: some View {         VStack(spacing: 16) {             Image(systemName: "person.circle")                 .resizable()                 .frame(width: 50, height: 50)                 .foregroundColor(.primary)             VStack(spacing: 8) {                 Text("You must be log in to proceed any further")                     .foregroundColor(.secondary)                     .font(.title3)                     .multilineTextAlignment(.center)                     .padding()                 Button {                     viewModel.signIn(window: self.window)                 } label: {                     Text("Sign In")                         .foregroundColor(.white)                         .padding()                         .clipShape(RoundedRectangle(cornerRadius: 8))                         .background(                                     HostingWindowFinder { window in                                         self.window = window                                    }                         )                 }             }         }     } } class SignInViewModel: NSObject, ObservableObject, ASWebAuthenticationPresentationContextProviding {     var window: UIWindow? = nil     func presentationAnchor(for session: ASWebAuthenticationSession) -> ASPresentationAnchor {         return window ?? ASPresentationAnchor()     }     func signIn(window: UIWindow?) {         self.window = window         let authSession = ASWebAuthenticationSession(url: URL(string: "https://accounts.spotify.com/authorize")!, callbackURLScheme: "myapp-auth") { (url, error) in             if let error = error {                 print(error.localizedDescription)             } else if let url = url {                 print(url.absoluteString)             }         }         authSession.presentationContextProvider = self         authSession.prefersEphemeralWebBrowserSession = true         authSession.start()     } } struct HostingWindowFinder: UIViewRepresentable {     var callback: (UIWindow?) -> ()     func makeUIView(context: Context) -> UIView {         let view = UIView()         DispatchQueue.main.async { [weak view] in             self.callback(view?.window)         }         return view     }     func updateUIView(_ uiView: UIView, context: Context) {     } }

Hi, we have developed password manager app that integrates with macOS Password AutoFill. This works well in Safari for filling passwords and users are happy. However users have reported that Safari keeps prompting users to save the just filled passwords in the Keychain. They receive a popup: Our users have explicitly and deliberately chosen not to use the Keychain for their passwords, so this is inappropriate. Unfortunately there appears to be no way to stop these prompts. You can turn them off only by completely disabling Password AutoFill in Safari, which means disabling our App's ability to AutoFill. This seems like an oversight. Setting here: Preferences > AutoFill > Usernames and Passwords Perhaps I've missed something, but if not, could we get a way to disable this Keychain/built in Password Manager prompt for users who use a third party Password Manager (which correctly works with Password AutoFill, the right way (tm) to do AutoFill). Cheers.

I am facing one issue while trying to Sign in with Apple. error is as below: "The Operation couldn't be completed (com.apple.AuthenticationServices.AuthorizationError error 1000.)" I get this error as soon as the button is pressed it doesn't even get into the actual sign-in part. I have verified that entitlements file is there with the below content: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC ""> <plist version="1.0"> <dict> <key>aps-environment</key> <string>development</string> <key>com.apple.developer.applesignin</key> <array> <string>Default</string> </array> </dict> </plist> I transferred the project and certificates from another machine. So deleted all the certificates and provisional profiles and recreated them from the new machine but faced an issue. Also, It only happens in exported (Archived build). When I directly install it from Xcode it is working fine. I have followed the official apple document to implement it. below is how I'm requesting the authentication: currentNonce = randomNonceString() let request = ASAuthorizationAppleIDProvider().createRequest() request.requestedScopes = [.fullName, .email] let controller = ASAuthorizationController(authorizationRequests: [request]) request.nonce = currentNonce?.sha256() controller.delegate = self controller.presentationContextProvider = self controller.performRequests() Below are delegates: func authorizationController(controller: ASAuthorizationController, didCompleteWithAuthorization authorization: ASAuthorization) {         switch authorization.credential {         case let appleIDCredential as ASAuthorizationAppleIDCredential: //Authenticated             break         default:             break         } }     func presentationAnchor(for controller: ASAuthorizationController) -> ASPresentationAnchor {         return self.view.window! }     func authorizationController(controller: ASAuthorizationController, didCompleteWithError error: Error) { Utils.showAlert(withMessage: error.localizedDescription) } Any help would be appreciated

An iOS application of ours we develop for a client was recently rejected as it was claimed we violate Guideline 5.1.2. The App Review team's justification was: We noticed your app accesses web content you own where you collect cookies. Cookies may be used to track users, but you do not use App Tracking Transparency to request the user's permission before collecting data used to track. The App Review team included a screenshot of our client's website which they had navigated to via a button found in our client's SSO login flow. Their main website has a cookie policy which seems to be the cause of the rejection. Clearly our client's main website should not be accessible via their SSO login flow but this opens a wider question and concerns from our client. We open the SSO login flow within an ephemeral ASWebAuthenticationSession. The documentation of which states: Set prefersEphemeralWebBrowserSession to true to request that the browser doesn’t share cookies or other browsing data between the authentication session and the user’s normal browser session. https://developer.apple.com/documentation/authenticationservices/aswebauthenticationsession/3237231-prefersephemeralwebbrowsersessio We interpret that and the fact that there is no API on ASWebAuthentication to extract cookies from it into the hosting iOS app to mean that we do not store cookies in our iOS app and are therefore not in violation of Guideline 5.1.2. We also assume the same thing applies to SFSafariViewController (which we also use to sometimes display pages from our client's website which, to reiterate, has a cookie policy). It's documentation states: The user's activity and interaction with SFSafariViewController are not visible to your app, which cannot access AutoFill data, browsing history, or website data https://developer.apple.com/documentation/safariservices/sfsafariviewcontroller After having read the documentation we see no reason why accessing a website with a cookie policy within either an ephemeral ASWebAuthenticationSession or an SFSafariViewController would warrant the hosting app to include App Tracking Transparency. I am assuming that due to the nature of these APIs (as they do not give cookie access to the hosting app) that they are exempt. Could someone please either: Provide documentation that states if an ephemeral ASWebAuthenticationSession or an SFSafariViewController accesses a website with a cookie policy App Tracking Transparency is required. or Confirm that we are not in violation of of Guideline 5.1.2 and we should appeal the rejection. Many thanks

I only need to call a couple of lines of code with privilege escalation, I think I understand the reasoning behind creating a separate 'helper' application to perform these tasks. Is there a way to get AuthorizationCreate to display the authentication dialog with TouchID? I see localAuthentation can display a TouchID dialog. Is there (apart from AppleScript) a non-deprecated way to simply request authorization, launch a helper with privileges and arguments, then easily obtain the results from it? I get the impression that with SMJobBless (a non-deprecated API, but a ton of work), the helper will then permanently have escalated privileges, surely this is less secure? Also with SMJobBless, it appears that I need to use an installer package to install the helper in the correct place, is this correct? Is there a replacement for SMJobSubmit in the works? What am I missing, or misunderstanding?

I have a requirement where I need to call Graph API after getting token from AzureAD using MSAL and then to continue with other functions in viewDidLoad() method. I have tried, but the issue is, the application fails to get token using acquireTokenSilently and does not call acquireTokenInteractively in between the app form was loaded. Can you please help, I need this on urgent basis.

Hello Apple developer world, I’ve started a community of audio engineers as sort of a mastermind group to help members advance in their craft. The benefits of this group is exclusive access to tools on their iPhone to “assist” audio engineers while working. In the past, we had no problem asking for a login prior to app use. Now it appears that Apple does not approve and has denied updates. Does anyone have suggestions on what I can do to have offer exclusive iOS apps? If forced to have users subscribe via Apple ID, how can I implement that into system where user can login to website to receive ebooks, educational content, etc? Thank you all for your suggestions and support.

I'm having issues simulating a Sign In with Apple in the simulator. After some searching, it seems this has been an issue in the past iOS's but haven't found anything recent (this year 2022). The turning wheel spins in the simulator and doesn't authorize. Is this a bug still happening? I'm on iOS 15.2 Thanks.

I'm currently using Log in with Apple and am wondering if Chrome's 3p cookie deprecation will impact any of our user flows. I was reading that for OAuth, SPA background token renewal (iframe) will break, and front-channel logout / session management will break for OIDC--has anyone heard this as well, or of any other user flows that may break?   Should I be concerned and is Apple working on developing any workarounds for breakages? Have they built anything in the past for Safari & Firefox's movement away from third party cookies (not sure if the impact will be the same for Chrome).

Hello, I am creating a stand alone watchOS app and I need to authenticate the user with the web api according to the Oauth 2 flow. I am using ASwebauthenticationsession to provide the user a pop up browser to login. For some reason the base URL, accounts.spotify.com opens up a blank white screen for me. I have tried with other URL's and it works perfectly fine, it is only this URL that doesn't work. If theres any other way to authenticate as well, please let me know!   Thanks!

While trying to authenticate OAuth 2.0 by AppAuth Library (https://github.com/openid/AppAuth-iOS) not working . After entering user name password page is loading for a long time. Not getting any error or success . Also check with other browsers as well, on that case working. Please help me to understand the root cause of it . Also raised this issue to AppAuth Library team -(https://github.com/openid/AppAuth-iOS/issues/698) Device iOS version -15.

Strong Password suggestion works just fine from a developer signed app on a development device. However, when we try to send it to QA for testing with our ad-hoc signed or even from TestFlight our distribution signed app, the Strong Password feature doesn't present itself. Our AASA file is up in production and is captured by the Apple CDN. Our associated domains entitlement has for example: webcredentials:*.mydomain.com Again, this works in development (did not need to use ?mode=developer) and our AASA file is up in production. Has anyone had issues testing the Strong Password or any Associated Domain feature in TestFlight?

Hi all; I'm trying to implement ASWebAuthenticationSession on MacOS. The application must be able to open the default browser to interact with the IdP. The implemented code is basic, since what I am trying to understand is how to configure the framework to be able to open the system browser. Based on the documentation I observe this: A browser loads and displays the page, from which the user can authenticate. In iOS, the browser is a secure, embedded web view. In macOS, the system opens the user’s default browser if it supports web authentication sessions, or Safari otherwise. That is, it implies that this would be valid only for iOS, since a view is required where the content can be anchored. With which my understanding is that for MacOS that is not necessary, since the system browser is used. However, when I try to compile the base example, Xcode throws the following message: _Domain=com.apple.AuthenticationServices.WebAuthenticationSession Code=2 "Cannot start ASWebAuthenticationSession without providing presentation context. The base code I'm using is very simple: ASWebAuthenticationSession* webAuth = [[ASWebAuthenticationSession alloc] initWithURL:requestURL                 callbackURLScheme:redirectScheme                 completionHandler:^(NSURL * _Nullable callbackURL,NSError * _Nullable error)   {}]; webAuth.start; All of this is required in Objective-C. All the examples that have been and will be are for iOS and all based on Swift. Any reference about it to be able to implement this in MacOs? Thanks and regards. Cristian.

We have an app (under development) which needs another app to login. Let's say App 1 already installed parent app on user device and we are developing App 2 which is dependent on App 1 for SSO login using oAuth. So my question is, If we submit app 2 for approval, how the review team will test it? will it be rejected ? what is the standard procedure in such cases?. Can we share the credentials of App 1 and Review team install App 1 and try ?

Hi, I am writing apps in C++ and Objective-C. I created an instance of ASWebAuthenticationSession and set the presentationContextProvider. Then when I started the session, the app crashed with EXC_BAD_ACCESS (KERN_INVALID_ADDRESS). When I checked the crash log, I found an exception in [SFSafariViewController _setEdgeSwipeDismissalEnabled:]. But since this method is defined within the iOS framework(Xcode13.2.1), I don't know which field is causing the crash. I've done some testing, but I don't get much information : -I have enabled "Zombie Object" and "Address Sanitizer",however I was unable to get any additional information. -I tried to create a new project and used ASWebAuthenticationSession with the same arguments, but I could not reproduce the problem. Can someone please help or any other advice on finding the reasons for this error? OS Version: iPhone OS 14.7.1 (18G82) Release Type: User Baseband Version: 8.80.01 Report Version: 104 Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000000010000 VM Region Info: 0x10000 is not in any region. Bytes before following region: 4338286592 REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL UNUSED SPACE AT START ---> __TEXT 102960000-10391c000 [ 15.7M] r-x/r-x SM=COW ...pp/Disgaea4sp Termination Signal: Segmentation fault: 11 Termination Reason: Namespace SIGNAL, Code 0xb Terminating Process: exc handler [35391] Triggered by Thread: 0 Thread 0 name: Dispatch queue: com.apple.main-thread Thread 0 Crashed: 0 libobjc.A.dylib 0x00000001b3824148 objc_msgSend + 8 1 SafariServices 0x00000001b965906c -[SFSafariViewController setEdgeSwipeDismissalEnabled:] + 84 2 SafariServices 0x00000001b962cd5c -[SFBrowserRemoteViewController setRemoteSwipeGestureEnabled:] + 64 3 CoreFoundation 0x000000019fab7a10 invoking + 144 4 CoreFoundation 0x000000019f999720 -[NSInvocation invoke] + 300 5 libdispatch.dylib 0x000000019f6eb298 _dispatch_client_callout + 16 6 libdispatch.dylib 0x000000019f6905b8 _dispatch_block_invoke_direct$VARIANT$mp + 224 7 FrontBoardServices 0x00000001ae5d9e04 FBSSERIALQUEUE_IS_CALLING_OUT_TO_A_BLOCK + 40 8 FrontBoardServices 0x00000001ae5d9acc -[FBSSerialQueue _targetQueue_performNextIfPossible] + 404 9 FrontBoardServices 0x00000001ae5d9fa0 -[FBSSerialQueue _performNextFromRunLoopSource] + 28 10 CoreFoundation 0x000000019fa328a8 CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION + 24 11 CoreFoundation 0x000000019fa327a8 __CFRunLoopDoSource0 + 204 12 CoreFoundation 0x000000019fa31afc __CFRunLoopDoSources0 + 256 13 CoreFoundation 0x000000019fa2c018 __CFRunLoopRun + 768 14 CoreFoundation 0x000000019fa2b7d0 CFRunLoopRunSpecific + 572 15 GraphicsServices 0x00000001b616d570 GSEventRunModal + 160 16 UIKitCore 0x00000001a23582d0 -[UIApplication _run] + 1052 17 UIKitCore 0x00000001a235d84c UIApplicationMain + 164 18 applicationName 0x000000010296a1e4 main + 41444 (main.m:6) 19 libdyld.dylib 0x000000019f70a140 start + 4

I am currently trying to develop an application that fetches users data from a firebase database and displays it in a table view. The function that I am having problems with is the function that loads the data. class EntryViewController: NSObject {       var event :String?   var dateAndTime: String?   var message: String?   // id which is set from firebase to uniquely identify it   var uniqueId:String?     } class LoggingViewController: UIViewController {       var entryviewcontroller:EntryViewController?        @IBOutlet weak var eventTextBox: UITextField!   @IBOutlet weak var datePicker: UIDatePicker!   @IBOutlet weak var notesTextBox: UITextField!       @IBAction func saveEntryButton(_ sender: Any) {         if entryviewcontroller == nil {        entryviewcontroller = EntryViewController()      }          let dateFormatter = DateFormatter()      dateFormatter.dateFormat = "dd/MM/yyyy hh:mm a"      entryviewcontroller?.event = self.eventTextBox.text ;      entryviewcontroller?.message = self.notesTextBox.text      entryviewcontroller?.dateAndTime = dateFormatter.string(from: self.datePicker.date)            let db = Firestore.firestore()      guard let uid = Auth.auth().currentUser?.uid else {        return      }            db.collection("usersEvents").document(uid).setData([        "event" : entryviewcontroller!.event! ,        "dateAndTime" : entryviewcontroller!.dateAndTime!,        "message" : entryviewcontroller!.message!]){                    err in          if let err = err {            print("Error writing document: \(err)")            return          } else {            print("Document successfully written!")          }        }     func viewDidLoad() {       super.viewDidLoad()     }   }    }     class DashboardViewController: UIViewController { @IBOutlet weak var reminderList: UITableView! var reminders = [EntryViewController]() override func viewWillAppear(_ animated: Bool) { super.viewWillAppear(animated) loadData() } func loadData() { self.reminders.removeAll() let ref = Database.database().reference() ref.child("usersEvents").observeSingleEvent(of: .value, with: { (snapshot) in if let reminderDict = snapshot.value as? [String:AnyObject] { for (_,reminderElement) in reminderDict { print(reminderElement); let reminder = Reminder() reminders.event = reminderElement["event"] as? String reminders.dateAndTime = reminderElement["data and time"] as? String reminders.message = reminderElement["notes"] as? String self.reminders.append(reminder) } } self.tableView.reloadData() // Should it be inside the if let ? }, withCancel: { (error) in print(error.localizedDescription) }) func tableView(tableView: UITableView, numberOfRowsInSection section: Int) -> Int { return self.reminders.count } func tableView(_ tableView: UITableView, cellForRowAt indexPath: IndexPath) -> UITableViewCell { if let cell = tableView.dequeueReusableCell(withIdentifier: "ToDoCell") { var content = cell.defaultContentConfiguration() content.text = reminders[indexPath.row].event cell.contentConfiguration = content return cell } else { return UITableViewCell() } } } } This is the class thats being developed for the dashboard page of the application. The following error messages are displayed Value of type '[EntryViewController]' has no member 'event' Value of type '[EntryViewController]' has no member 'dateAndTime' Value of type '[EntryViewController]' has no member 'message' This is where the errors keep appearing let reminder = Reminder() reminders.event = reminderElement["event"] as? String reminders.dateAndTime = reminderElement["data and time"] as? String reminders.message = reminderElement["notes"] as? String self.reminders.append(reminder) }

We use ASWebAuthenticationSession to authenticate users in our app, and we so far relied on an associated domain (universal link) for the last redirection step (callback), instead of a custom scheme, for security reasons. It works fine on iOS <= 15.4.1 (current release at time of writing), but we noticed that the associated domain is no longer detected during the callback on iOS 15.5 (beta 4). As a result, the user ends up on our web app within the ASWebAuthenticationSession view, and the app authentication never finishes. Is anybody experiencing the same issue? Thanks.

Hi! I am using Firebase and want to disable the sign up button to personalise experience for signed up users on the login view. I am using below but it doesn't seem to work. Anyone knows what I should change? extension LoginViewController: AuthUIDelegate { func handleAuthenticated(_ Button: UIButton) -> Bool { if Auth.auth().currentUser != nil {      createAccountButton.isHidden = true     } else {       createAccountButton.isHidden = false     }   return true   } }