Skip to content

[flutter_appauth][iOS] Support HTTPS redirect URIs on iOS 17.4+#662

Open
KhaleelSH wants to merge 2 commits into
MaikuB:masterfrom
KhaleelSH:master
Open

[flutter_appauth][iOS] Support HTTPS redirect URIs on iOS 17.4+#662
KhaleelSH wants to merge 2 commits into
MaikuB:masterfrom
KhaleelSH:master

Conversation

@KhaleelSH

Copy link
Copy Markdown

Summary

This adds support for HTTPS redirect URIs on iOS 17.4 and newer by using ASWebAuthenticationSessionCallback with callbackWithHTTPSHost:path: when the request redirect URL uses the https scheme.

The change applies to both default and ephemeral ASWebAuthenticationSession flows. Custom-scheme redirects continue to use the existing callbackURLScheme: path, and SFSafariViewController behavior is unchanged.

What Changed

  • Route default and ephemeral iOS ASWebAuthenticationSession flows through the custom iOS external user agent.
  • Pass the request redirect URL into the user agent so HTTPS redirect URLs can use the iOS 17.4+ callback API.
  • Keep custom-scheme redirects on the legacy callback scheme initializer.
  • Guard nil or malformed redirect URLs, including end-session requests without postLogoutRedirectUrl, so the HTTPS callback API is only used when a valid HTTPS host is available.
  • Treat host-only HTTPS redirect URLs as the root path when constructing the callback.
  • Document the required webcredentials:<host> Associated Domains setup and matching apple-app-site-association configuration.

Notes

Apple's HTTPS callback API uses associated web credentials domains. It is not the normal applinks universal-link flow, so the README calls out the required webcredentials entitlement.

HTTPS redirect URIs only work on iOS 17.4 and newer because the required ASWebAuthenticationSession callback initializer is unavailable on earlier iOS versions. Apps that still support older iOS versions should keep a custom-scheme redirect fallback registered with their identity provider.

Testing

  • melos run analyze
  • melos run test:unit --no-select
  • melos run build:example_ios
  • xcrun clang-format --dry-run --Werror flutter_appauth/ios/flutter_appauth/Sources/flutter_appauth/OIDExternalUserAgentIOSNoSSO.m flutter_appauth/ios/flutter_appauth/Sources/flutter_appauth/OIDExternalUserAgentIOSNoSSO.h flutter_appauth/ios/flutter_appauth/Sources/flutter_appauth/AppAuthIOSAuthorization.m
  • git diff --cached --check

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant