-
Notifications
You must be signed in to change notification settings - Fork 217
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use only code
response type and drop implicit grant [SDK-2899]
#538
Conversation
code
response type and drop implicit grantcode
response type and drop implicit grant [SDK-2899]
case missingResponseParam(String) | ||
case invalidIdTokenNonce // TODO: Remove on the next major |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This one stopped being used when the ID Token validation was implemented, adding errors of its own.
entries["response_type"] = self.responseType.map { $0.label! }.joined(separator: " ") | ||
entries["nonce"] = nonce | ||
entries["organization"] = organization | ||
entries["invitation"] = invitation |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's not really necessary to have if let organization = organization
... to add optional values (value that may be nil
). If it's nil
, Swift won't add anything to the dictionary.
It's only necessary in the case of maxAge
because it needs to be converted to String first, and for that, it must not be optional.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
.start(onAuth) | ||
} | ||
|
||
@IBAction func startIDTokenGoogleOAuth2(_ sender: Any) { | ||
Auth0.webAuth() | ||
.logging(enabled: true) | ||
.connection("google-oauth2") | ||
.responseType([.idToken]) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would it make sense to remove all these functions?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What do you mean? That is the playground app
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We don't support IDToken
, CodeIDToken
etc. so why include them in the playground app?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, good catch. The playground app needs some work anyway, but I'll change the name of some of the methods and remove others.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done in 96d4927. Note that it still needs work.
Changes
The
responseType(_:)
andusingImplicitGrant()
methods from Web Auth were removed, along with theResponseType
enum and theImplicitGrant
struct.Now the
code
response type is hardcoded and cannot be changed.Testing
The changes have been tested manually, by performing Web Auth login and logout in test apps, as follows:
Using Cocoapods
Using Carthage
macOS 11.6.1 CatalystCarthage does not support building XCFrameworks for macCatalystUsing SPM
Checklist