ASWebAuthenticationSession closes before user can answer save password prompt

iOS 13 seemingly changed the way Safari handles their save password prompt. In pre-iOS 13, when Safari detected that a user successfully logged into a website, it would show the save password prompt and pause the loading of the site before it could proceed to the next page.Our implementation was unknowingly relying on this pause. Now in iOS 13, instead of pausing, Safari will continue to load the next page while the save password prompt sits in the foreground. This is normally not an issue for most situations since the next page that the user is being redirected to is most commonly another website which means Safari is still open and therefore so is the save password prompt. In our circumstance though, the login will redirect the user back into the app which closes Safari and the save password prompt along with it. This means the user has less than a second before the password prompt disappears.


Does anyone have a solution to this? It would be great if the pre-iOS behavior could be reapplied somehow. Or if another browser other than Safari's ASWebAuthenticationSession could give us more control.


Here is a github post from a dev with the same issue: https://github.com/openid/AppAuth-iOS/issues/78


Sorry if any of this is confusing. I am not an iOS developer. I am a developer that has just been assigned to investigate this issue.

Post not yet marked as solved Up vote post of mspangler Down vote post of mspangler
2.0k views
Posted by
mspangler
Reply
Add a Comment

Replies

I've been investigating this exact same issue for a few days now, and just found your post.


Have you been able to make any progress regarding this problem?

Posted by
pboudreau
Up vote reply of pboudreau Down vote reply of pboudreau
Add a Comment

We are having the same issue and using ASWebAuthenticationSession. Did you find any workaround or anything helpful?

Posted by
balaradhika
Up vote reply of balaradhika Down vote reply of balaradhika
Add a Comment
Hi there,
we are having the same issue with the AppAuth Library.
The only solution that I've found so far was a workaround from the side of the Login-Page.
An added, static "You successfully logged in" page with a "continue" button after the login.

Gary Archer from authguidance.com made a blogpost "iOS Code Sample Overview" (cannot post the full link here, the forum forbidds it) where he showed his solution.


Posted by
JoshAu
Up vote reply of JoshAu Down vote reply of JoshAu
Add a Comment
We are a big company with many clients and with the native iOS clients we have the same issue incl. complaining from the PM side about this. It can`t be the solution that all the IDPs in the world presents an unessential page after every successful login, only to elongate the password save dialogue. This would a bad UX solution for the users and a pain for the IDPs.

Posted by
culix
Up vote reply of culix Down vote reply of culix
Add a Comment

It looks like not much has been added in the last year by we're still facing the same issue. Is there any known solution to this issue?

Posted by
benrudhart
Up vote reply of benrudhart Down vote reply of benrudhart
Add a Comment