Use Safari for OIDC account URL. (#1591)
* Handle RP-Initiated Logout URL. Safari is only used on devices, the simulator doesn't work properly.
This commit is contained in:
Doug
@@ -397,19 +397,25 @@ class AppCoordinator: AppCoordinatorProtocol, AuthenticationCoordinatorDelegate,
|
||||
}
|
||||
|
||||
Task {
|
||||
// first log out from the server
|
||||
_ = await userSession.clientProxy.logout()
|
||||
// First log out from the server
|
||||
let accountLogoutURL = await userSession.clientProxy.logout()
|
||||
|
||||
// regardless of the result, clear user data
|
||||
// Regardless of the result, clear user data
|
||||
userSessionStore.logout(userSession: userSession)
|
||||
tearDownUserSession()
|
||||
|
||||
// reset analytics
|
||||
// Reset analytics
|
||||
ServiceLocator.shared.analytics.optOut()
|
||||
ServiceLocator.shared.analytics.resetConsentState()
|
||||
|
||||
stateMachine.processEvent(.completedSigningOut(isSoft: isSoft))
|
||||
|
||||
// Handle OIDC's RP-Initiated Logout if needed. Don't fallback to an ASWebAuthenticationSession
|
||||
// as it looks weird to show an alert to the user asking them to sign in to their provider.
|
||||
if let accountLogoutURL, UIApplication.shared.canOpenURL(accountLogoutURL) {
|
||||
await UIApplication.shared.open(accountLogoutURL)
|
||||
}
|
||||
|
||||
hideLoadingIndicator()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -88,12 +88,19 @@ final class SettingsScreenCoordinator: CoordinatorProtocol {
|
||||
return
|
||||
}
|
||||
|
||||
// Safari never works in the simulator, use a Web Authentication Session instead.
|
||||
accountSettingsPresenter = OIDCAccountSettingsPresenter(accountURL: accountURL, presentationAnchor: window)
|
||||
accountSettingsPresenter?.start()
|
||||
#if targetEnvironment(simulator)
|
||||
let canOpenURL = false // Safari can't access the cookie on the iOS 16 simulator 🤷♂️
|
||||
#else
|
||||
let canOpenURL = UIApplication.shared.canOpenURL(accountURL)
|
||||
#endif
|
||||
|
||||
// Safari isn't working with the shared browser session 😕
|
||||
// UIApplication.shared.open(accountURL)
|
||||
if canOpenURL {
|
||||
UIApplication.shared.open(accountURL)
|
||||
} else {
|
||||
// Fall back to an ASWebAuthenticationSession to handle the URL inside the app.
|
||||
accountSettingsPresenter = OIDCAccountSettingsPresenter(accountURL: accountURL, presentationAnchor: window)
|
||||
accountSettingsPresenter?.start()
|
||||
}
|
||||
}
|
||||
|
||||
private func presentAnalyticsScreen() {
|
||||
|
||||
@@ -306,13 +306,13 @@ class ClientProxy: ClientProxyProtocol {
|
||||
}
|
||||
}
|
||||
|
||||
func logout() async {
|
||||
func logout() async -> URL? {
|
||||
await Task.dispatch(on: clientQueue) {
|
||||
do {
|
||||
// We aren't currently handling the RP initiated sign out URL.
|
||||
_ = try self.client.logout()
|
||||
return try self.client.logout().flatMap(URL.init(string:))
|
||||
} catch {
|
||||
MXLog.error("Failed logging out with error: \(error)")
|
||||
return nil
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -107,7 +107,7 @@ protocol ClientProxyProtocol: AnyObject, MediaLoaderProtocol {
|
||||
|
||||
func sessionVerificationControllerProxy() async -> Result<SessionVerificationControllerProxyProtocol, ClientProxyError>
|
||||
|
||||
func logout() async
|
||||
func logout() async -> URL?
|
||||
|
||||
func setPusher(with configuration: PusherConfiguration) async throws
|
||||
|
||||
|
||||
@@ -116,8 +116,8 @@ class MockClientProxy: ClientProxyProtocol {
|
||||
}
|
||||
}
|
||||
|
||||
func logout() async {
|
||||
// no-op
|
||||
func logout() async -> URL? {
|
||||
nil
|
||||
}
|
||||
|
||||
var setPusherErrorToThrow: Error?
|
||||
|
||||
1
changelog.d/pr-1591.change
Normal file
1
changelog.d/pr-1591.change
Normal file
@@ -0,0 +1 @@
|
||||
Use Safari for OIDC account management.
|
||||
Reference in New Issue
Block a user