We are attempting to update our Oauth sign in process to use SFSafariViewController. For security purposes, we want to avoid using a custom url scheme for the redirect uri. We have seen others recommend using Universal Links instead, but we are having trouble getting it to work.
Assume that our website is https://test.example.com
After configuring all the necessary items, our Universal Links partially work. Tapping directly on https://test.example.com/something within an email or on a web page will open our app. For some reason, a redirect to that URL does not cause the URL to open in our app. Since Oauth utilizes redirection to a known redirect URI (which we have configured as a universal link), our Oauth process is not working.
Here's what we have done:
We have changed the redirect URI value for our oauth client to point to one of our web servers. Let's pretend that it is this:
https://test.example.com/something
We have added the associated domains entitlement to our app and included the domain for our redirect uri:
<dict>
<key>com.apple.developer.associated-domains</key>
<array>
<string>applinks:test.example.com</string>
</array>
</dict>
We have added the apple-app-site-association file on our webserver at:
https://test.example.com/apple-app-site-association
The apple-app-site-association has been configured to allow our app to access all paths:
{
"applinks": {
"apps": [],
"details": [
{
"appID": "12345ABCDE.com.foo.bar",
"paths": [ "*" ]
}
]
}
}
This has been verified with Apple's validation tool: https://search.developer.apple.com/appsearch-validation-tool/
When run against our website, it finds our apple-app-site-association and says that the Universal Links feature passed. It does flag some other things as failed, but we are only trying to use Universal Links to support oauth. Do those other failures matter if we only care about Universal Links?
We have tried these tests:
Created a page with this link on it:
https://test.example.com/something
Tapping on the above link will open our app. Long-pressing the above link pops up options to open in Safari OR open in our app.
Created a test page that redirects to https://test.example.com/something
Opening the test page in Safari loads the test page, then redirects to the other URL within Safari. It does not open the other URL in our app.
Does anyone have any idea why this does not work when redirecting to the URL? Redirecting to a uri with an auth code is a fundamental part of Oauth. I have seen several places where it is recommended to use universal links with Oauth, so it should be possible.
Thanks,
Chris