Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for other browsers on iOS #200

Closed
WilliamDenniss opened this issue Feb 9, 2018 · 8 comments
Closed

Add support for other browsers on iOS #200

WilliamDenniss opened this issue Feb 9, 2018 · 8 comments
Assignees
@WilliamDenniss
Labels
enhancement

Comments

@WilliamDenniss
Copy link
Member

WilliamDenniss commented Feb 9, 2018
edited
Loading

To support "enterprisy" use-cases like those encountered by the NCCoE's Mobile SSO effort, it would be useful to include support to process the OAuth request in alternative user-agents on iOS such as Chrome and Firefox.

These external user-agents may support additional features like U2F which are required by some enterprise environments.

This feature would be specifically for environments where you can control what apps users have installed (such as an enterprise workplace). Consumer apps should continue to use the existing in-built external user-agents (i.e. the various incarnations of Safari) supported by AppAuth.

AppAuth already abstracts away the UICoordinator to handle requests in the user-agent to support browsers on different platforms, so this functionality could simply be provided as an alternative implementation UICoordinator on iOS.
@WilliamDenniss WilliamDenniss self-assigned this Feb 9, 2018
WilliamDenniss added a commit to WilliamDenniss/AppAuth-iOS that referenced this issue Feb 9, 2018
@WilliamDenniss
Add custom browser support
a62befa 
- An UICoordinator for iOS to support auth with a custom iOS browser like Chrome or Firefox.
- Implements openid#200.
@WilliamDenniss WilliamDenniss mentioned this issue Feb 9, 2018
Merged
WilliamDenniss added a commit to WilliamDenniss/AppAuth-iOS that referenced this issue Feb 9, 2018
@WilliamDenniss
Add custom browser support
7487da1 
- An UICoordinator for iOS to support auth with a custom iOS browser like Chrome or Firefox.
- Implements openid#200.
WilliamDenniss added a commit to WilliamDenniss/AppAuth-iOS that referenced this issue Feb 9, 2018
@WilliamDenniss
Add custom browser support
487f5c4 
- An UICoordinator for iOS to support auth with a custom iOS browser like Chrome or Firefox.
- Implements openid#200.
WilliamDenniss added a commit to WilliamDenniss/AppAuth-iOS that referenced this issue Feb 9, 2018
@WilliamDenniss
Add custom browser support
6a82418 
- An UICoordinator for iOS to support auth with a custom iOS browser like Chrome or Firefox.
- Implements openid#200.
WilliamDenniss added a commit to WilliamDenniss/AppAuth-iOS that referenced this issue Feb 9, 2018
@WilliamDenniss
Add custom browser support
6c0f3e7 
- An UICoordinator for iOS to support auth with a custom iOS browser like Chrome or Firefox.
- Implements openid#200.
WilliamDenniss added a commit to WilliamDenniss/AppAuth-iOS that referenced this issue Feb 9, 2018
@WilliamDenniss
Add custom browser support
4ab7ce2 
- An UICoordinator for iOS to support auth with a custom iOS browser like Chrome or Firefox.
- Implements openid#200.
WilliamDenniss added a commit to WilliamDenniss/AppAuth-iOS that referenced this issue Feb 9, 2018
@WilliamDenniss
Add custom browser support
b0e4a30 
- An UICoordinator for iOS to support auth with a custom iOS browser like Chrome or Firefox.
- Implements openid#200.
WilliamDenniss added a commit to WilliamDenniss/AppAuth-iOS that referenced this issue Feb 10, 2018
@WilliamDenniss
Add custom browser support
376cbe0 
- An UICoordinator for iOS to support auth with a custom iOS browser like Chrome or Firefox.
- Implements openid#200.
WilliamDenniss added a commit that referenced this issue Feb 10, 2018
@WilliamDenniss
Add custom browser support
135f99d 
- An UICoordinator for iOS to support auth with a custom iOS browser like Chrome or Firefox.
- Implements #200.
@WilliamDenniss
Copy link
Member Author

WilliamDenniss commented Feb 10, 2018
edited
Loading

This has been implemented. Here's how to configure AppAuth to use a custom browser:

First, add the following array to your Info.plist (in XCode, right click -> Open As -> Source Code)

	<key>LSApplicationQueriesSchemes</key>
	<array>
		<string>googlechromes</string>
		<string>opera-https</string>
		<string>firefox</string>
	</array>

This is required so that AppAuth can test for the browser and open the app store if it's not installed. You only need to include the URL scheme of the browser you intend to use.

Then tweak your call to authStateByPresentingAuthorizationRequest

AppAuth-iOS/Examples/Example-iOS_ObjC/Source/AppAuthExampleViewController.m

Lines 215 to 218 in 135f99d

appDelegate.currentAuthorizationFlow =
[OIDAuthState authStateByPresentingAuthorizationRequest:request
presentingViewController:self
callback:^(OIDAuthState *_Nullable authState, NSError *_Nullable error) {

Change it to:

  OIDExternalUserAgentIOSCustomBrowser *externalUserAgent =
      [OIDExternalUserAgentIOSCustomBrowser CustomBrowserChrome];
  appDelegate.currentAuthorizationFlow =
   [OIDAuthState authStateByPresentingAuthorizationRequest:request
                                         externalUserAgent:externalUserAgent
                                                callback:^(OIDAuthState *_Nullable authState, NSError *_Nullable error)

As you can see, with the latter code block we are creating the external user-agent object manually and using it, rather than using the default. This technique can be used with the automatic code exchange of OIDAuthState (as shown above), and manually with OIDAuthorizationService:presentAuthorizationRequest:externalUserAgent:callback:.

That's it! With those two changes (which you can try on the included sample), AppAuth will use Chrome iOS for the authorization request (and open Chrome in the App Store if it's not installed).

⚠️Note: this feature is not intended for consumer apps. It is designed for advanced enterprise use-cases where the app developers have greater control over the operating environment and have special requirements that require a custom browser like Chrome.

Chrome, Firefox, Opera Mini and Safari are supported out of the box, however it's quite simple to support more browsers without changes to AppAuth, by following the patterns used for the included browsers.

Update 2018-03-07: This post was edited to reflect the recent renaming of UICoordinator to ExternalUserAgent.

@WilliamDenniss WilliamDenniss mentioned this issue Feb 10, 2018
Closed
@tomjackman
Copy link

@WilliamDenniss Mind adding how-to notes to the main Readme? It's not really visible that this feature exists there.

@WilliamDenniss
Copy link
Member Author

In due course. This only just landed in HEAD, needs an example too ideally.

@sattaman sattaman mentioned this issue Mar 5, 2018
Closed
@sattaman
Copy link

sattaman commented Mar 5, 2018

Will this change also allow consumer apps to login without SSO ?

@victorg1991 victorg1991 mentioned this issue Mar 7, 2018
Closed
@WilliamDenniss
Copy link
Member Author

@sattaman not directly, but a similar pattern could achieve that. Let's continue that discussion in #209 rather than here.

@jmelberg-okta jmelberg-okta mentioned this issue May 16, 2018
Closed
@munderk
Copy link

munderk commented Jul 6, 2018

Working with safari but not with chrome..

@WilliamDenniss
Copy link
Member Author

@munderk please file a bug report if you're experiencing an issue.

@openid openid locked as resolved and limited conversation to collaborators Jul 7, 2018
@WilliamDenniss
Copy link
Member Author

For the record, I just tested AppAuth's custom browser support with Chrome (v67.0.3396.87) on iOS 11.4.1, following these instructions, and everything worked as expected.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@WilliamDenniss WilliamDenniss

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@WilliamDenniss @sattaman @tomjackman @munderk