I just wrote code for our app to use ASWebAuthenticationSession for 3rd-party authentication (in particular, YUBIKEYS WOOHOO). Our app registers a URI scheme of x-com-kithrup for launch services events, so I used x-com-kithrup-yubi for ASWebAUthenticationSession.
Only, I didn't change the back end, so it still redirects to x-com-kithrup://success on a successful login. And... ASWebAuthenticationSession is still calling the handler when it gets a URL with the x-com-kithrup URI, instead of the x-com-kithrup-yubi URI scheme.