Unable to implement OAuth2 using ASWebAuthenticationSession

The behavior you've described sounds like the scheme you're passing to ASWebAuthenticationSession doesn't match the scheme for the URL being redirected to. Please double check that they match. (Keep in mind that a scheme itself doesn't include any special characters, such as ":" or "/".)

Hi,

Thanks for the response. I've confirmed that both the scheme passed to ASWebAuthenticationSession and the redirect URL scheme are both https. Also that the scheme being passed in doesn't contain any special characters.

To be clear, when Safari is the default browser, I'm able to successfully obtain an auth code. But this auth code is obtained by my app delegate (in application:continueUserActivity:restorationHandler: ) instead of the session handler passed to ASWebAuthenticationSession.

When safari isn't the default browser, the browser (chrome or firefox) crashes before presenting the login page.

Thanks.

Update: For reasons I don't understand, if I encode the auth request url like this: NSString* urlEncStr = [nsUrlStr stringByAddingPercentEncodingWithAllowedCharacters:NSCharacterSet.URLHostAllowedCharacterSet]; before handing it to ASWebAuthenticationSession, chrome doesn't crash. But it doesn't bring up the login page either (see attached screenshot).

I've tried other character sets but no success.

Here's my code:

import AppKit
import AuthenticationServices

@objc extension FMViewController : ASWebAuthenticationPresentationContextProviding {
     
  @objc public func userLogin(){
    guard let oauthMgr : FMZoomOAuthMgr = self.oauthDelegate else {
      return
    }
     
/* 
    getAuthURL() returns (for example):
       'https://zoom.us/oauth/authorize?response_type=code&client_id=XXXXXX&redirect_uri=https://rev5.XXXXXXX.com/fdv13/zoom&code_challenge_method=S256&code_challenge=l4mqprM9XscfUNQL-s1P0O7gNc6fxDM5dnM2THuaKqc' 
    */
    guard let authURL = oauthMgr.getAuthURL() else {return}
     
     /* getScheme() returns 'https' */
    guard let scheme = oauthMgr.getScheme() else {return}
     
    let session = ASWebAuthenticationSession(url: authURL, callbackURLScheme: scheme) { callbackURL, error in
      self.handleOAuthResponse(callbackUrl: callbackURL, err: error)
    }
     
    session.presentationContextProvider = self
    session.prefersEphemeralWebBrowserSession = true
     
    session.start()
  }
   
  /* The response to the auth code request never reaches this method */
  func handleOAuthResponse(callbackUrl: URL?, err: Error?) {
    guard callbackUrl != nil else {return}
    guard err == nil else {return}
     
    guard let url : URLComponents = URLComponents(string: callbackUrl!.absoluteString) else {return}
    guard let authCode = url.queryItems?.first(where: { $0.name == "code" })?.value else {return}
    /* Request access token */
  }
   
  public func presentationAnchor(for session: ASWebAuthenticationSession) -> ASPresentationAnchor {
    return self.view.window ?? ASPresentationAnchor()
  }
}

In my app delegate, I implement: (BOOL)application:continueUserActivity:restorationHandler: When either safari or firefox are the default, this is where the auth response is sent.

What am I doing wrong? I'd appreciate any assistance. Thanks.