OAuth using ASWebAuthenticationSession, redirect URI

Question

TheRealStarone OP

Created Apr ’24

Replies 7

Boosts 0

Views 1.2k

Participants 2

Hello,

My app uses OAuth to connect to two services. To get the authorization ocde, originally, they both allowed a URI in the form of "com.SmartVentsTwo://auth". Now, the second one changed and requires that the URI be a complete URL starting with HTTPS.

Needless to say the second stopped working. I read several different articles and posts about this difference telling me a range of things to do from simply adding "https://com.SSmarVentsTwo://auth" to the URL types in the project settings, to creating a redirect from my website. It would seem the most secure would be the former since it doesn't require extra jumps, but it didn't work. When I tried it, after logging in and authorizing the request, i got a "could not find server" error.

What are the exact steps I need to follow to accommodate the change? (Thank you very much!!)

Answered by Systems Engineer in 785221022

Creating a redirect from your website is generally the preferred approach, as it gives you the most control over what happens. However if you're only targeting iOS 17.4/macOS 14.4 and newer, you can now use ASWebAuthenticationSession.Callback to use an https URL directly instead of a custom scheme.

Boost

Answer 1

Systems Engineer OP

Apple

Apr ’24

Accepted Answer

Creating a redirect from your website is generally the preferred approach, as it gives you the most control over what happens. However if you're only targeting iOS 17.4/macOS 14.4 and newer, you can now use ASWebAuthenticationSession.Callback to use an https URL directly instead of a custom scheme.

0

Answer 2

TheRealStarone OP

Apr ’24

Thank you very much for your reply. I will give ASWebAuthenticationSession.Callback a try as I'm trying to keep traffic on the device.

0

Answer 3

TheRealStarone OP

Apr ’24

Can you please give a brief example of how to use ASWebAuthenticationSession.Callback in the context of my question? I don't find the Apple documentation very useful and I haven't been able to find an example on the usual websites.

Thank you!

0

Answer 4

Systems Engineer OP

Apple

Apr ’24

You're the second person to ask me that. We should probably get those docs updated!

0

Answer 5

TheRealStarone OP

Apr ’24

I did look at that one, thanks. Can you give me a bit more with regard to flow? Here is the code I have been using that now doesn't work because of the complete URL requirement.

print("(CEcoobeeAPIConnect) Requesting Flair API authorization token") // callbackUrlScheme = "com.SmartVentsTwo://auth" callbackUrlScheme = "https://com.SmartVentsTwo://auth"

callbackUrlScheme = callbackUrlScheme.addingPercentEncoding(withAllowedCharacters: .urlHostAllowed)!

let authURL = URL(string: "https://api.ecobee.com/authorize?response_type=code&client_id= SMART_APP_CLIENT_ID&redirect_uri=(callbackUrlScheme)&scope=smartWrite&state=SmartVentRequest") print("(CEcobeeAPIConnect) App Authorization request URL is (authURL!.absoluteString)")

self.m_webAuthSession = ASWebAuthenticationSession.init(url: authURL!, callbackURLScheme: callbackUrlScheme, completionHandler: { (callBack:URL?, error:Error?) in print("(CEcoobeeAPIConnect) Ecobee API authorization token request returned, callbackURL is (String(describing: callBack))") // handle auth response …… }})

0

Answer 6

Systems Engineer OP

Apple

Apr ’24

You can change this line

self.m_webAuthSession = ASWebAuthenticationSession.init(url: authURL!, callbackURLScheme: callbackUrlScheme, completionHandler:...)

to something like

self.m_webAuthSession = ASWebAuthenticationSession(url: requestContext.url, callback: .https(host: "...", path: "..."), completionHandler: ...)

0

Answer 7

TheRealStarone OP

Apr ’24

Hello,

Thank you, but can you be a bit more specific please? The documentation is quite wanting and I'm not sure the parameter.

You swapped my "authURL!" for "requestContext.url"... what is requestContext?

I'm assuming the host: "...." is host: "https://com.SmartVentsTwo://auth"... is that correct?

What igoes in "path:"?

Thank you!

0