From e05582bb32f50e7746e6f4937adfcbc416f4ac70 Mon Sep 17 00:00:00 2001 From: dmaclach Date: Wed, 5 Mar 2025 21:49:16 -0800 Subject: [PATCH 1/3] Update OIDExternalUserAgentIOS.m --- Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m | 142 +++++++++--------- 1 file changed, 68 insertions(+), 74 deletions(-) diff --git a/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m b/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m index 4a8cda0a3..23177b7aa 100644 --- a/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m +++ b/Sources/AppAuth/iOS/OIDExternalUserAgentIOS.m @@ -98,86 +98,80 @@ - (BOOL)presentExternalUserAgentRequest:(id)request BOOL openedUserAgent = NO; NSURL *requestURL = [request externalUserAgentRequestURL]; - // iOS 12 and later, use ASWebAuthenticationSession - if (@available(iOS 12.0, *)) { - // ASWebAuthenticationSession doesn't work with guided access (rdar://40809553) - if (!UIAccessibilityIsGuidedAccessEnabled()) { - __weak OIDExternalUserAgentIOS *weakSelf = self; - NSString *redirectScheme = request.redirectScheme; - ASWebAuthenticationSession *authenticationVC = - [[ASWebAuthenticationSession alloc] initWithURL:requestURL - callbackURLScheme:redirectScheme - completionHandler:^(NSURL * _Nullable callbackURL, - NSError * _Nullable error) { - __strong OIDExternalUserAgentIOS *strongSelf = weakSelf; - if (!strongSelf) { - return; - } - strongSelf->_webAuthenticationVC = nil; - if (callbackURL) { - [strongSelf->_session resumeExternalUserAgentFlowWithURL:callbackURL]; - } else { - NSError *safariError = - [OIDErrorUtilities errorWithCode:OIDErrorCodeUserCanceledAuthorizationFlow - underlyingError:error - description:nil]; - [strongSelf->_session failExternalUserAgentFlowWithError:safariError]; - } - }]; -#if __IPHONE_OS_VERSION_MAX_ALLOWED >= 130000 - if (@available(iOS 13.0, *)) { - authenticationVC.presentationContextProvider = self; - authenticationVC.prefersEphemeralWebBrowserSession = _prefersEphemeralSession; + // ASWebAuthenticationSession doesn't work with guided access (rdar://40809553) + if (!UIAccessibilityIsGuidedAccessEnabled()) { + __weak OIDExternalUserAgentIOS *weakSelf = self; + NSString *redirectScheme = request.redirectScheme; + ASWebAuthenticationSession *authenticationVC = + [[ASWebAuthenticationSession alloc] initWithURL:requestURL + callbackURLScheme:redirectScheme + completionHandler:^(NSURL * _Nullable callbackURL, + NSError * _Nullable error) { + __strong OIDExternalUserAgentIOS *strongSelf = weakSelf; + if (!strongSelf) { + return; } -#endif - _webAuthenticationVC = authenticationVC; - openedUserAgent = [authenticationVC start]; + strongSelf->_webAuthenticationVC = nil; + if (callbackURL) { + [strongSelf->_session resumeExternalUserAgentFlowWithURL:callbackURL]; + } else { + NSError *safariError = + [OIDErrorUtilities errorWithCode:OIDErrorCodeUserCanceledAuthorizationFlow + underlyingError:error + description:nil]; + [strongSelf->_session failExternalUserAgentFlowWithError:safariError]; + } + }]; +#if __IPHONE_OS_VERSION_MAX_ALLOWED >= 130000 + if (@available(iOS 13.0, *)) { + authenticationVC.presentationContextProvider = self; + authenticationVC.prefersEphemeralWebBrowserSession = _prefersEphemeralSession; } +#endif + _webAuthenticationVC = authenticationVC; + openedUserAgent = [authenticationVC start]; } - // iOS 11, use SFAuthenticationSession - if (@available(iOS 11.0, *)) { - // SFAuthenticationSession doesn't work with guided access (rdar://40809553) - if (!openedUserAgent && !UIAccessibilityIsGuidedAccessEnabled()) { - __weak OIDExternalUserAgentIOS *weakSelf = self; - NSString *redirectScheme = request.redirectScheme; - SFAuthenticationSession *authenticationVC = - [[SFAuthenticationSession alloc] initWithURL:requestURL - callbackURLScheme:redirectScheme - completionHandler:^(NSURL * _Nullable callbackURL, - NSError * _Nullable error) { - __strong OIDExternalUserAgentIOS *strongSelf = weakSelf; - if (!strongSelf) { - return; - } - strongSelf->_authenticationVC = nil; - if (callbackURL) { - [strongSelf->_session resumeExternalUserAgentFlowWithURL:callbackURL]; - } else { - NSError *safariError = - [OIDErrorUtilities errorWithCode:OIDErrorCodeUserCanceledAuthorizationFlow - underlyingError:error - description:@"User cancelled."]; - [strongSelf->_session failExternalUserAgentFlowWithError:safariError]; - } - }]; - _authenticationVC = authenticationVC; - openedUserAgent = [authenticationVC start]; - } + + // SFAuthenticationSession doesn't work with guided access (rdar://40809553) + if (!openedUserAgent && !UIAccessibilityIsGuidedAccessEnabled()) { + __weak OIDExternalUserAgentIOS *weakSelf = self; + NSString *redirectScheme = request.redirectScheme; + SFAuthenticationSession *authenticationVC = + [[SFAuthenticationSession alloc] initWithURL:requestURL + callbackURLScheme:redirectScheme + completionHandler:^(NSURL * _Nullable callbackURL, + NSError * _Nullable error) { + __strong OIDExternalUserAgentIOS *strongSelf = weakSelf; + if (!strongSelf) { + return; + } + strongSelf->_authenticationVC = nil; + if (callbackURL) { + [strongSelf->_session resumeExternalUserAgentFlowWithURL:callbackURL]; + } else { + NSError *safariError = + [OIDErrorUtilities errorWithCode:OIDErrorCodeUserCanceledAuthorizationFlow + underlyingError:error + description:@"User cancelled."]; + [strongSelf->_session failExternalUserAgentFlowWithError:safariError]; + } + }]; + _authenticationVC = authenticationVC; + openedUserAgent = [authenticationVC start]; } - // iOS 9 and 10, use SFSafariViewController - if (@available(iOS 9.0, *)) { - if (!openedUserAgent && _presentingViewController) { - SFSafariViewController *safariVC = - [[SFSafariViewController alloc] initWithURL:requestURL]; - safariVC.delegate = self; - _safariVC = safariVC; - [_presentingViewController presentViewController:safariVC animated:YES completion:nil]; - openedUserAgent = YES; - } + + if (!openedUserAgent && _presentingViewController) { + SFSafariViewController *safariVC = + [[SFSafariViewController alloc] initWithURL:requestURL]; + safariVC.delegate = self; + _safariVC = safariVC; + [_presentingViewController presentViewController:safariVC animated:YES completion:nil]; + openedUserAgent = YES; } - // iOS 8 and earlier, use mobile Safari + + // if none of the above worked, try to open the URL in Safari if (!openedUserAgent){ - openedUserAgent = [[UIApplication sharedApplication] openURL:requestURL]; + openedUserAgent = [[UIApplication sharedApplication] openURL:requestURL options:{} completionHandler:nil]; } if (!openedUserAgent) { From 820507db2ce4b4f25a5342e0ef121935809b61ec Mon Sep 17 00:00:00 2001 From: dmaclach Date: Wed, 5 Mar 2025 21:51:50 -0800 Subject: [PATCH 2/3] Update OIDExternalUserAgentIOSCustomBrowser.m --- .../OIDExternalUserAgentIOSCustomBrowser.m | 19 +++++-------------- 1 file changed, 5 insertions(+), 14 deletions(-) diff --git a/Sources/AppAuth/iOS/OIDExternalUserAgentIOSCustomBrowser.m b/Sources/AppAuth/iOS/OIDExternalUserAgentIOSCustomBrowser.m index c49cbbf9c..e40b0b6a5 100644 --- a/Sources/AppAuth/iOS/OIDExternalUserAgentIOSCustomBrowser.m +++ b/Sources/AppAuth/iOS/OIDExternalUserAgentIOSCustomBrowser.m @@ -145,26 +145,17 @@ - (BOOL)presentExternalUserAgentRequest:(nonnull id NSString *testURLString = [NSString stringWithFormat:@"%@://example.com", _canOpenURLScheme]; NSURL *testURL = [NSURL URLWithString:testURLString]; if (![[UIApplication sharedApplication] canOpenURL:testURL]) { - if (@available(iOS 10.0, *)) { - [[UIApplication sharedApplication] openURL:_appStoreURL options:@{} completionHandler:nil]; - } else { - [[UIApplication sharedApplication] openURL:_appStoreURL]; - } + [[UIApplication sharedApplication] openURL:_appStoreURL options:@{} completionHandler:nil]; return NO; } } - + // Transforms the request URL and opens it. NSURL *requestURL = [request externalUserAgentRequestURL]; requestURL = _URLTransformation(requestURL); - if (@available(iOS 10.0, *)) { - BOOL willOpen = [[UIApplication sharedApplication] canOpenURL:requestURL]; - [[UIApplication sharedApplication] openURL:requestURL options:@{} completionHandler:nil]; - return willOpen; - } else { - BOOL openedInBrowser = [[UIApplication sharedApplication] openURL:requestURL]; - return openedInBrowser; - } + BOOL willOpen = [[UIApplication sharedApplication] canOpenURL:requestURL]; + [[UIApplication sharedApplication] openURL:requestURL options:@{} completionHandler:nil]; + return willOpen; } - (void)dismissExternalUserAgentAnimated:(BOOL)animated From 8f4cb4af119b5b13240c8a8aa7cf1987af896971 Mon Sep 17 00:00:00 2001 From: dmaclach Date: Wed, 5 Mar 2025 21:58:43 -0800 Subject: [PATCH 3/3] Update project.pbxproj Move IPHONEOS_DEPLOYMENT_TARGET to 10.0 (Released Sept 2016) --- AppAuth.xcodeproj/project.pbxproj | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/AppAuth.xcodeproj/project.pbxproj b/AppAuth.xcodeproj/project.pbxproj index 8d770d93c..60ae8f29c 100644 --- a/AppAuth.xcodeproj/project.pbxproj +++ b/AppAuth.xcodeproj/project.pbxproj @@ -2815,7 +2815,7 @@ GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; GCC_WARN_UNUSED_FUNCTION = YES; GCC_WARN_UNUSED_VARIABLE = YES; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; + IPHONEOS_DEPLOYMENT_TARGET = 10.0; MACOSX_DEPLOYMENT_TARGET = 10.12; MTL_ENABLE_DEBUG_INFO = YES; ONLY_ACTIVE_ARCH = YES; @@ -2873,7 +2873,7 @@ GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; GCC_WARN_UNUSED_FUNCTION = YES; GCC_WARN_UNUSED_VARIABLE = YES; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; + IPHONEOS_DEPLOYMENT_TARGET = 10.0; MACOSX_DEPLOYMENT_TARGET = 10.12; MTL_ENABLE_DEBUG_INFO = NO; SDKROOT = iphoneos; @@ -2907,7 +2907,7 @@ CLANG_ENABLE_MODULES = YES; HEADER_SEARCH_PATHS = "$(PROJECT_DIR)/"; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; + IPHONEOS_DEPLOYMENT_TARGET = 10.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = net.openid.appauth.AppAuthTests; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -2924,7 +2924,7 @@ CLANG_ENABLE_MODULES = YES; HEADER_SEARCH_PATHS = "$(PROJECT_DIR)/"; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; + IPHONEOS_DEPLOYMENT_TARGET = 10.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = net.openid.appauth.AppAuthTests; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3038,7 +3038,7 @@ DYLIB_INSTALL_NAME_BASE = "@rpath"; INFOPLIST_FILE = Sources/CoreFramework/Info.plist; INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks"; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; + IPHONEOS_DEPLOYMENT_TARGET = 10.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = net.openid.AppAuthCore; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3064,7 +3064,7 @@ DYLIB_INSTALL_NAME_BASE = "@rpath"; INFOPLIST_FILE = Sources/CoreFramework/Info.plist; INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks"; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; + IPHONEOS_DEPLOYMENT_TARGET = 10.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = net.openid.AppAuthCore; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3089,7 +3089,7 @@ DYLIB_INSTALL_NAME_BASE = "@rpath"; INFOPLIST_FILE = Sources/Framework/Info.plist; INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks"; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; + IPHONEOS_DEPLOYMENT_TARGET = 10.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-iOS"; PRODUCT_NAME = AppAuth; @@ -3114,7 +3114,7 @@ DYLIB_INSTALL_NAME_BASE = "@rpath"; INFOPLIST_FILE = Sources/Framework/Info.plist; INSTALL_PATH = "$(LOCAL_LIBRARY_DIR)/Frameworks"; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; + IPHONEOS_DEPLOYMENT_TARGET = 10.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-iOS"; PRODUCT_NAME = AppAuth; @@ -3133,7 +3133,7 @@ CLANG_WARN_DOCUMENTATION_COMMENTS = YES; HEADER_SEARCH_PATHS = .; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; + IPHONEOS_DEPLOYMENT_TARGET = 10.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-iOSTests"; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3147,7 +3147,7 @@ CLANG_WARN_DOCUMENTATION_COMMENTS = YES; HEADER_SEARCH_PATHS = .; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; + IPHONEOS_DEPLOYMENT_TARGET = 10.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-iOSTests"; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3401,7 +3401,7 @@ CLANG_WARN_DOCUMENTATION_COMMENTS = YES; HEADER_SEARCH_PATHS = .; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; + IPHONEOS_DEPLOYMENT_TARGET = 10.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-ExtensionTests"; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -3415,7 +3415,7 @@ CLANG_WARN_DOCUMENTATION_COMMENTS = YES; HEADER_SEARCH_PATHS = .; INFOPLIST_FILE = UnitTests/UnitTestsInfo.plist; - IPHONEOS_DEPLOYMENT_TARGET = 9.0; + IPHONEOS_DEPLOYMENT_TARGET = 10.0; LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks @loader_path/Frameworks"; PRODUCT_BUNDLE_IDENTIFIER = "net.openid.AppAuth-ExtensionTests"; PRODUCT_NAME = "$(TARGET_NAME)";