I am writing some integration and unit tests for my SIWA package, and am using Facebook's ChromeDriver (headless) to process the authorization request in the tests. If I take the generated URL and paste it in Chrome, everything works. However, when I try to use the URL in my test, I get a 404 response. Is there something that needs to be… Show more
It appears that the user is prompted for authentication each time they click on the SIWA button on a web site, not just the first time. I would expect the user to only be prompted on the first login, and not subsequent ones. Is this something that is still being worked on, or is this intended functionality? Thanks! Example screen-capture:… Show more
I'm not so worried about the session itself. Rather, if I already approved a website using OAuth, I should not be required to approve it again, unless I revoke it. No other OAuth providers seem to do this. I would expect Apple to respond to a non-revoked request without prompting the user to enter their password.
Yesterday I was able to get both name and email from the id_token. Today it stopped providing the name attribute, even if I revoked the token and signed up again. Any suggestions?