OAuth using ASWebAuthenticationSession, redirect URI

Hello,

My app uses OAuth to connect to two services. To get the authorization ocde, originally, they both allowed a URI in the form of "com.SmartVentsTwo://auth". Now, the second one changed and requires that the URI be a complete URL starting with HTTPS.

Needless to say the second stopped working. I read several different articles and posts about this difference telling me a range of things to do from simply adding "https://com.SSmarVentsTwo://auth" to the URL types in the project settings, to creating a redirect from my website. It would seem the most secure would be the former since it doesn't require extra jumps, but it didn't work. When I tried it, after logging in and authorizing the request, i got a "could not find server" error.

What are the exact steps I need to follow to accommodate the change? (Thank you very much!!)

Up vote post of TheRealStarone Down vote post of TheRealStarone
239 views
Posted by
TheRealStarone
Reply
Add a Comment

Accepted Reply

Creating a redirect from your website is generally the preferred approach, as it gives you the most control over what happens. However if you're only targeting iOS 17.4/macOS 14.4 and newer, you can now use ASWebAuthenticationSession.Callback to use an https URL directly instead of a custom scheme.

Posted by
garrett-davidson
Up vote reply of garrett-davidson Down vote reply of garrett-davidson
Post marked as solved
Add a Comment

Replies

Creating a redirect from your website is generally the preferred approach, as it gives you the most control over what happens. However if you're only targeting iOS 17.4/macOS 14.4 and newer, you can now use ASWebAuthenticationSession.Callback to use an https URL directly instead of a custom scheme.

Posted by
garrett-davidson
Up vote reply of garrett-davidson Down vote reply of garrett-davidson
Post marked as solved
Add a Comment

Thank you very much for your reply. I will give ASWebAuthenticationSession.Callback a try as I'm trying to keep traffic on the device.

Posted by
TheRealStarone
Up vote reply of TheRealStarone Down vote reply of TheRealStarone
Add a Comment

Can you please give a brief example of how to use ASWebAuthenticationSession.Callback in the context of my question? I don't find the Apple documentation very useful and I haven't been able to find an example on the usual websites.

Thank you!

Posted by
TheRealStarone
Up vote reply of TheRealStarone Down vote reply of TheRealStarone
Add a Comment

You're the second person to ask me that. We should probably get those docs updated!

Posted by
garrett-davidson
Up vote reply of garrett-davidson Down vote reply of garrett-davidson
Add a Comment

I did look at that one, thanks. Can you give me a bit more with regard to flow? Here is the code I have been using that now doesn't work because of the complete URL requirement.

print("(CEcoobeeAPIConnect) Requesting Flair API authorization token") // callbackUrlScheme = "com.SmartVentsTwo://auth" callbackUrlScheme = "https://com.SmartVentsTwo://auth"

callbackUrlScheme = callbackUrlScheme.addingPercentEncoding(withAllowedCharacters: .urlHostAllowed)!

let authURL = URL(string: "https://api.ecobee.com/authorize?response_type=code&client_id= SMART_APP_CLIENT_ID&redirect_uri=(callbackUrlScheme)&scope=smartWrite&state=SmartVentRequest") print("(CEcobeeAPIConnect) App Authorization request URL is (authURL!.absoluteString)")

self.m_webAuthSession = ASWebAuthenticationSession.init(url: authURL!, callbackURLScheme: callbackUrlScheme, completionHandler: { (callBack:URL?, error:Error?) in print("(CEcoobeeAPIConnect) Ecobee API authorization token request returned, callbackURL is (String(describing: callBack))") // handle auth response …… }})

Posted by
TheRealStarone
Up vote reply of TheRealStarone Down vote reply of TheRealStarone
Add a Comment

You can change this line

self.m_webAuthSession = ASWebAuthenticationSession.init(url: authURL!, callbackURLScheme: callbackUrlScheme, completionHandler:...)

to something like

self.m_webAuthSession = ASWebAuthenticationSession(url: requestContext.url, callback: .https(host: "...", path: "..."), completionHandler: ...)
Posted by
garrett-davidson
Up vote reply of garrett-davidson Down vote reply of garrett-davidson
Add a Comment

Hello,

Thank you, but can you be a bit more specific please? The documentation is quite wanting and I'm not sure the parameter.

You swapped my "authURL!" for "requestContext.url"... what is requestContext?

I'm assuming the host: "...." is host: "https://com.SmartVentsTwo://auth"... is that correct?

What igoes in "path:"?

Thank you!

Posted by
TheRealStarone
Up vote reply of TheRealStarone Down vote reply of TheRealStarone
Add a Comment