feat: added support for webview as a provider for webauth #875
Conversation
App/ViewController.swift
Outdated
| @@ -27,13 +27,15 @@ class ViewController: UIViewController { | |||
| @IBAction func login(_ sender: Any) { | |||
| Auth0 | |||
| .webAuth() | |||
| .useWebViewProvider() | |||
There was a problem hiding this comment.
I'd suggest adding a new static func to the WebAuthentication struct like https://github.com/auth0/Auth0.swift/blob/master/Auth0/SafariProvider.swift#L37, as that:
- Follows the existing pattern in use for web providers
- Avoids adding new
useX()methods that have the disadvantage of being mutually exclusive (e.g. these can be chained and it's not clear which one will end up being used)
There was a problem hiding this comment.
agreed, changed accordingly
Auth0/Auth0WebAuth.swift
Outdated
| #if os(iOS) | ||
| private(set) var useWebViewProvider = false | ||
| private(set) var webViewProviderPresentationStyle: UIModalPresentationStyle = .fullScreen | ||
| #endif |
There was a problem hiding this comment.
Using a func like https://github.com/auth0/Auth0.swift/blob/master/Auth0/SafariProvider.swift#L37 also has the advantage of being on its own (gated) file, so there's no need to have these conditionals here.
There was a problem hiding this comment.
changed accordingly
Auth0/Auth0WebAuth.swift
Outdated
| let provider = self.provider ?? WebAuthentication.asProvider(redirectURL: redirectURL, | ||
| ephemeralSession: ephemeralSession) | ||
|
|
||
| #if os(iOS) |
There was a problem hiding this comment.
changed accordingly
Auth0/WebAuthError.swift
Outdated
| case .webViewNavigationFailed: return "An error occured during a committed main frame navigation of WebView" | ||
| case .webViewProvisionalNavigationFailed: return "An error occured while starting to load data for the main frame of WebView" | ||
| case .webViewContentProcessTerminated: return "WebView's content process is terminated." | ||
| case .webViewResourceLoadingStopped: return "WebView's resource loading has been stopped" |
There was a problem hiding this comment.
| case .webViewNavigationFailed: return "An error occured during a committed main frame navigation of WebView" | |
| case .webViewProvisionalNavigationFailed: return "An error occured while starting to load data for the main frame of WebView" | |
| case .webViewContentProcessTerminated: return "WebView's content process is terminated." | |
| case .webViewResourceLoadingStopped: return "WebView's resource loading has been stopped" | |
| case .webViewNavigationFailed: return "An error occurred during a committed main frame navigation of the WebView." | |
| case .webViewProvisionalNavigationFailed: return "An error occurred while starting to load data for the main frame of the WebView." | |
| case .webViewContentProcessTerminated: return "The WebView's content process was terminated." | |
| case .webViewResourceLoadingStopped: return "The WebView's resource loading was stopped." |
There was a problem hiding this comment.
updated accordingly
Auth0/WebViewProvider.swift
Outdated
| } | ||
|
|
||
| extension WebViewUserAgent { | ||
| var topViewController: UIViewController? { |
There was a problem hiding this comment.
We already have this logic here: https://github.com/auth0/Auth0.swift/blob/master/Auth0/SafariProvider.swift#L50-L77
Maybe we can put it in some kind of shared helper (e.g. an internal static var added to UIWindow –analogous to rootViewController)?
There was a problem hiding this comment.
agreed, moved this to a shared helper
Auth0/WebViewProvider.swift
Outdated
|
|
||
| static let customSchemeRedirectionSuccessMessage = "com.auth0.webview.redirection_success" | ||
| static let customSchemeRedirectionFailureMessage = "com.auth0.webview.redirection_failure" | ||
| let defaultSchemesSupportedByWKWebview = ["http", "https"] |
There was a problem hiding this comment.
I'd suggest checking with somebody from the security team if we should be supporting http schemes here (vs https only), e.g. when using an authorize URL override that proxies to Auth0.
Auth0/WebViewProvider.swift
Outdated
| NSLocalizedDescriptionKey: "WebViewProvider: WKURLSchemeHandler: Webview Resource Loading has been stopped" | ||
| ]) | ||
| urlSchemeTask.didFailWithError(error) | ||
| self.finish(with: .failure(WebAuthError(code: .webViewResourceLoadingStopped))) |
There was a problem hiding this comment.
Should this error case be userCancelled?
There was a problem hiding this comment.
yes, updated accordingly
Co-authored-by: Rita Zerrizuela <[email protected]>
|
I've tested this on my local branch and it still does not fix my webview issue. |
Hi @fal3, Can you please share more details about the webview issue you are running into ? |
desusai7
force-pushed
the
feat/webview_support
branch
from
9e5fe87
to
405d22b
Compare
We get this simulator crash 👇 . Which is also related to this incident |
@fal3, I would like to clarify that this pull request is not intended to address the issue you mentioned. Additionally, regarding the crash you are experiencing, could you please confirm if you were able to reproduce this issue on a real device as well? |
I can confirm that this issue happens only on simulator. |
| } | ||
|
|
||
| describe("initialization") { | ||
| it("should initialize with correct parameters") { |
There was a problem hiding this comment.
Should we add a test case that uses returnTo instead of redirect_uri?
Co-authored-by: Rita Zerrizuela <[email protected]>
…in case of webviewprovider
📋 feat: added support for webview as a provider for webauth
WKWebViewas a User Agent for WebAuthentication along withASWebAuthenticationSession&SFSafariViewControllerChecklist
🎯 Testing