Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

App crashes after sign-in with Google #70

Open
foreceipt opened this issue Jun 7, 2018 · 3 comments
Open

App crashes after sign-in with Google #70

foreceipt opened this issue Jun 7, 2018 · 3 comments

Comments

@foreceipt
Copy link

foreceipt commented Jun 7, 2018
edited by WilliamDenniss

For at least one user using AppAuth iOS with Google as the IdP, an exception is being raised when extracting the ID Token.

It appears decodeData is unexpectedly nil:

NSData *decodedData = [[NSData alloc] initWithBase64EncodedString:body options:0];

decodedData is nil

GTMAppAuth/Source/GTMAppAuthFetcherAuthorization.m

Lines 238 to 268 in 2eb382f

+ (nullable NSDictionary *)extractIDTokenClaimsNoVerification:(NSString *)idToken {
NSArray *sections = [idToken componentsSeparatedByString:@"."];
if (sections.count > 1) {
// Gets the JWT payload section.
NSMutableString *body = [sections[1] mutableCopy];
// Converts base64url to base64.
NSRange range = NSMakeRange(0, body.length);
[body replaceOccurrencesOfString:@"-" withString:@"+" options:NSLiteralSearch range:range];
[body replaceOccurrencesOfString:@"_" withString:@"/" options:NSLiteralSearch range:range];
// Converts base64 no padding to base64 with padding
while (body.length % 4 != 0) {
[body appendString:@"="];
}
// Decodes base64 string.
NSData *decodedData = [[NSData alloc] initWithBase64EncodedString:body options:0];
// Parses JSON.
NSError *error;
id object = [NSJSONSerialization JSONObjectWithData:decodedData options:0 error:&error];
if (error) {
NSLog(@"Error %@ parsing token payload %@", error, body);
}
if ([object isKindOfClass:[NSDictionary class]]) {
return (NSDictionary *)object;
}
}
return nil;
}

@StevenEWright
Copy link

John, I have edited your issue comment so that it is a general description of a possible bug with AppAuth.

As an open source community we encourage everyone to submit PRs to fix issues, especially if they already know the cause of the underlying issue.

Someone, perhaps William, perhaps someone else, will look at the issue. Though, if you are already aware of the fix, you will get much faster attention if you also submit a corresponding PR.

If you are uncertain as to the proper fix for one reason or another, this is a good place to have the discussion about what the proper fix is.

But this is not a “task list” for assigning issues to individuals.

Thanks for understanding.

FWIW, I will sync with him on this and we’ll try to get back to you.

Thanks,

Steve

@foreceipt
Copy link
Author

Thanks Steve! I could fix it but not sure the root cause, that's why I came here to ask:) Here attached is the crash for your reference...
image

@petea
Copy link
Contributor

petea commented Oct 5, 2020

ID token parsing is now done with AppAuth's OIDIDToken class which is more cautious. Are you still seeing this crash?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@petea @StevenEWright @foreceipt