ASWebAuthenticationSession's callbackURLScheme crash

Hi All,

We have started seeing crash with iOS 14.5 for ASWebAuthenticationSession's callbackURLScheme. Is anybody seeing the issue? Is this an intentional change in iOS or a bug?

Code Block 
AuthenticationSession] The provided scheme is not valid. A scheme should not include special characters such as ":" or "/".
*** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: 'The provided scheme is not valid. A scheme should not include special characters such as ":" or "/".'


Regards,
Nimesh
Up vote post of njarecha Down vote post of njarecha
4.8k views
Posted by
njarecha
Reply

  • is this issue fixed by Auth0 in latest SDK? I am also facing the same issue with latest xcode.

    chaitu.thandu
Add a Comment

Apple Recommended

ASWebAuthenticationSession does not require any modification in your Info.plist. This exception happens because the value that was passed to callbackURLScheme contained either a ":" or "/" character. In most cases, this means you passed something like myscheme://, which is not valid.

The correct value to pass in this case is just myscheme (no trailing "://").

Posted by
Frameworks Engineer
Post not yet marked as solved Up vote reply of Frameworks Engineer Down vote reply of Frameworks Engineer
Post marked as Apple Recommended

  • If I just use myscheme without "://" or ":/" the OAuth request is rejected by Google and Facebook with the error saying "Missing scheme in the URI". Please fix this. Why do you reject the traditional scheme format all of sudden?

    xinfan

  • Same for me, on iOS 14.5, crashing. Encoding redirect uri doesn't help since the Auth0 doesn't recognise it in this case: "Invalid parameter: redirect_uri". Me redirect uri looks line "my-app://sso", so omitting is not an option. Would be nice to have a solution asap.

    elisita

  • The above answer refers only to the callbackURLScheme parameter passed to ASWebAuthenticationSession, not the full redirect URI used by the OAuth provider.

    Frameworks Engineer

Replies

Hi, had the same issue.
The solution in my case was to create a new additional scheme only for authentication purpose e.g. "myappauth"
Don't forget to add the scheme to your Info.plist (URL types -> URL Schemes)

Regards,
Vlad
Posted by
v1ad
Up vote reply of v1ad Down vote reply of v1ad
Add a Comment
We are experiencing the same issue.
Would be grateful to have a feedback from Apple on this issue.
Posted by
JohnEdenred
Up vote reply of JohnEdenred Down vote reply of JohnEdenred
Add a Comment

The solution in my case was to create a new additional scheme only for authentication purpose e.g. "myappauth"

Yes, that is the solution but in all cases its not possible to re-register scheme as we are accessing lot of customer portals.
Would be grateful if someone from Apple address this.

Regards,
Nimesh
Posted by
njarecha
Post not yet marked as solved Up vote reply of njarecha Down vote reply of njarecha
Add a Comment
Before adding the uri, try url encoding it : 
Code Block 
callBackURI.addingPercentEncoding(withAllowedCharacters: .urlHostAllowed)

This worked for me.
Posted by
apoorvet
Post not yet marked as solved Up vote reply of apoorvet Down vote reply of apoorvet

  • this is working fine in preventing the crash, but it seems it doesn't make callsback's properly after authentication.

    chaitu.thandu
Add a Comment
The answer above by apoorvet also worked for me. Wooooo!
Posted by
n8sters
Up vote reply of n8sters Down vote reply of n8sters
Add a Comment

Having the same issue now that I build the app with iOS 14.5.

I will use the work-around mentioned by apoorvet (thanks!), but this is surely a bug right?

Posted by
Jeria
Up vote reply of Jeria Down vote reply of Jeria
Add a Comment

ASWebAuthenticationSession does not require any modification in your Info.plist. This exception happens because the value that was passed to callbackURLScheme contained either a ":" or "/" character. In most cases, this means you passed something like myscheme://, which is not valid.

The correct value to pass in this case is just myscheme (no trailing "://").

Posted by
Frameworks Engineer
Post not yet marked as solved Up vote reply of Frameworks Engineer Down vote reply of Frameworks Engineer
Post marked as Apple Recommended

  • If I just use myscheme without "://" or ":/" the OAuth request is rejected by Google and Facebook with the error saying "Missing scheme in the URI". Please fix this. Why do you reject the traditional scheme format all of sudden?

    xinfan

  • Same for me, on iOS 14.5, crashing. Encoding redirect uri doesn't help since the Auth0 doesn't recognise it in this case: "Invalid parameter: redirect_uri". Me redirect uri looks line "my-app://sso", so omitting is not an option. Would be nice to have a solution asap.

    elisita

  • The above answer refers only to the callbackURLScheme parameter passed to ASWebAuthenticationSession, not the full redirect URI used by the OAuth provider.

    Frameworks Engineer