auth0 / auth0.swift Goto Github PK
View Code? Open in Web Editor NEWAuth0 SDK for Apple platforms
Home Page: https://auth0.github.io/Auth0.swift
License: MIT License
Auth0 SDK for Apple platforms
Home Page: https://auth0.github.io/Auth0.swift
License: MIT License
When doing import Auth0
I get the error "Cannot load underlying module for 'Auth0" I'm on swift 4 xcode 9 and have the latest Auth0 Pod version installed with xcworkspace open.
This method signature is documented, but isn't available in the API (i'm using auth0 version 1.5.0)
Auth0
.authentication()
.login(
usernameOrEmail: "[email protected]",
password: "a secret password",
connection: "Username-Password-Authentication"
)
.start { result in
switch result {
case .success(let credentials):
print("access_token: \(credentials.accessToken)")
case .failure(let error):
print(error)
}
}
Heyo!!
So, maybe this is related to the confusion around API usage in my previous issue. Could be.
I'm able to successfully create a user using this code:
https://gist.github.com/jyaunches/6ddd423a09b1afa3ad2c0b7d3401d8a2
When I try to then log the user in, the credentials returned don't have an idToken value.
As title says
Auth0.authentication().login
goes onto a background thread, I cant see that stated in the docs and I would of thought it was the responsibility of the call to bring it back to the main thread?
Sorry if this is not the case, this is also the case the creating a user.
The iTunes transporter currently errors when processing an application using any of the RC versions (currently 1.0.0-rc4
). Currently using carthage to build the framework.
ERROR ITMS-90060: "This bundle is invalid. The value for key CFBundleShortVersionString '1.0.0-rc.4' in the Info.plist file must be a period-separated list of at most three non-negative integers.
Manually (or using plistbuddy
) changing the version of the framework's plist to 1.0.0 and rebuilding removes the error. I know this is "RC", but this was found when submitting our builds to TestFlight for internal testing.
The delegation endpoint API for refreshing the id_token is missing.
Is this planned? If so, when will this become available?
Cheers!
Note that logging in to retrieve credentials with Auth0 returns: access_token
, expires_in
, id_token
, refresh_token
, scope
and token_type
; however when refreshing the credentials, refresh_token
is not returned in the response.
If using the CredentialsManager
, after logging in one would call store(credentials:)
to persist the credentials for later use.
When credentials are needed, one would call credentials(withScope:callback:)
on a CredentialsManager
instance, and if the access token is expired the credentials manager is kind enough to renew the token on our behalf, transparently returning brand new credentials, which we then save again using store(credentials:)
again.
However, since the credentials are stored onto one key in the keychain, and given the fact that refresh_token
is not returned in the response when refreshing the token, the new credentials have no refresh token.
Inside retrieveCredentials(withScope:callback:)
of CredentialsManager
there is a check to make sure the credentials have a refresh token, if it isn't there then the credentials manager returns a .noRefreshToken
error.
At this point in time I must log out and login again.
We think this is an oversight on the CredentialsManager
.
I did however want to raise this issue on the chance that I'm not using the SDK as intended. I would greatly appreciate any advice or information on this.
Thank you
Hello,
I'm trying to refresh credentials using a refresh token. I tried ...
Auth0
.authentication()
.renew(withRefreshToken: refreshToken)
.start { result in
...
}
and the result was Unsupported grant type: refresh_token
.
Is this a bug or am I doing something wrong. Thanks!
Can you explain the reason for deprecating the tokenInfo
from #70?
Version:
1.7.1
Description:
UserInfo class does not contain information about user id. I know we can retrieve it by "sub" property, but I think it is more clear if UserInfo object can show "userId" property.
Json object retrieved calling UserInfo API already contains this property: "user_id". It's just matter to parse json object properly
Expectation:
Have userId field available in UserInfo class
Hey! I'm trying to use the iOS swift Custom Login functionality as documented here, but it seems like the callback to the app is not working properly. Sometimes it works, but other times it just hangs on Safari after the login was already successfully made.
From looking at the request logs, it seems like it's a problem related with the state
parameter. It looks like the SessionManager is not resetting properly every time we try to do a new login. Is there a way I can either forcefully reset the SessionManager every time or any other solution?
We already tried setting the state
ourselves with .state("some-string")
to make sure the field is being renewed every login, but even then, it doesn't seem like it uses that state
, but it uses the one from the SessionManager..
Any help with this would be greatly appreciated, since right now the system works every 2nd or 3rd time only.
Can't implement login via Office 365 when I use purchased connection for my project.
Heyo,
So, when I authenticate as per the example in the README:
I get a build error that I'm required to send other stuff. Notable these things are:
It's totally fine if these are, in fact, required.. but seems like the example should reflect that.
I'm not sure if this is an issue with the Auth0 library or a misuse/misconfiguration on my part.
When specifying the federated parameter, the Auth0 logout url redirects to the Enterprise Connection (SAML) logout URL for all of my users, not just the SAML users (as I expect). I expect only my SAML users to be redirected to the SAML logout URL.
So as usual when there is a new release things stop working.
Done a pod update to 1.9
It now complains about
Header 'Auth0-Swift.h' not found
Cannot convert value of type '(_) -> ()' to expected argument type 'SFAuthenticationSession.CompletionHandler' (aka '(Optional, Optional) -> ()')
in SafariAuthenticationSessionCallback.
Any ideas?
Using the Authentication API for login with database connection, I now get the following error on failure:
"Grant type 'http://auth0.com/oauth/legacy/grant-type/ro' not allowed for the client."
It once worked, but no longer does. How can I modify this code to work:
Auth0
.authentication()
.login(
usernameOrEmail: "[email protected]",
password: "a secret password",
connection: "Username-Password-Authentication"
)
.start { result in
switch result {
case .success(let credentials):
print("access_token: (credentials.accessToken)")
case .failure(let error):
print(error)
}
}
I'm trying to proceed with simple example downloaded from your site for iOS. Unfortunately, when I login I get Access denied error. Logs show following callback is been called:
auth0.samples.auth0sample://sanjo.eu.auth0.com/ios/auth0.samples.Auth0Sample/callback?error=unauthorized&error_description=Access%20denied.&state=3nDQbr9tNB2gWN5I0Af1sTpCyj0hfawUFmcYPaOOscE
Any help on how to debug this?
We need to require a user to confirm their identity to access part of an application.
Re-invoking the web auth: Auth0.webAuth(). ... .start(...)
presents the log in view, but gives the option to continue with the same user without re-entering a password with the message, "Last time you logged in with".
There appears to be an option rememberLastLogin
to disable this, but it's unclear if that's supported by the Swift SDK.
not able to login today but I could before three days...
I logged it and got this "error":"access_denied","error_description":"secret must be a string or buffer"
Can any one help?
SWIFT 3
I'm pretty sure yesterday I was using a swift-4 branch and things were fine. Today I can't compile the project and the swift 4 branch seems to be gone?
The error I'm getting is:
/Users/niklas/Documents/development/iOS-b2b/Pods/Lock/Lock/DatabaseChangePasswordInteractor.swift:72:14: Value of type 'Authentication' has no member 'changePassword'
I want to be able to add scope
to a startPasswordless(phoneNumber)
authParams call, similarly to how you have it setup in startPasswordless(email)
. It's an optional request parameter for the API call: https://auth0.com/docs/api/authentication#get-code-or-link and should be allowed in both phone number and email calls. Can this please be added?
When performing a federated logout, SilentSafariViewController dismisses before the federated logout can complete. (tested on iOS 10)
I suspect that SilentSafariViewController successfully loads the Auth0 logout page and its delegate method is called to dismiss the controller before the redirect to the federated logout page can occur.
I verified this by placing an arbitrary delay of 1 second before the call to dismiss SilentSafariViewController. In that case, the federated logout did occur successfully. But this arbitrary delay doesn't seem like the correct solution to this issue.
Hi ๐
I am using this library in an iOS App that needs authentication to Firebase with the id_token got by calling FIRAuth.auth()?.signIn(withCustomToken:...)
From what I understood I need to do the following steps in order to get this custom token:
Auth0.authentication() .login(...)
methodAuth0.authentication().tokenInfo(...) method
But I this library I cannot find any method to get a delegation token. Is this missing or I have misunderstood the logic ?
Thanks a lot ๐
After adhering to the new Auth0 changes, I am not receiving userMetadata
for users created via email.
Facebook auth
Auth0
.webAuth()
.connection("facebook")
.scope("openid offline_access")
.parameters(["device": "A_UNIQUE_ID"])
.start { result in
DispatchQueue.main.async {
self.handleAuthResult(result)
}
}
Email sign up
Auth0
.authentication()
.createUser(
email: email,
password: password,
connection: "Username-Password-Authentication"
)
.start { result in
switch result {
case .success(_):
self.performEmailLogin(email, password: password)
case .failure(let error):
print("Failed with \(error)")
}
}
Email log in
Auth0
.authentication()
.login(
usernameOrEmail: email,
password: password,
realm: "Username-Password-Authentication",
scope: "openid profile offline_access")
.start { result in
DispatchQueue.main.async {
self.handleAuthResult(result)
}
}
I save the user's info via
Auth0
.users(token: idToken)
.patch(profile.id, userMetadata: metadata)
.start { result in
switch result {
case .success(let userInfo):
print("user: \(userInfo)")
case .failure(let error):
print(error)
}
}
Whether it's email or facebook user, it returns with .success
, and I can see the metadata in userInfo
.
Now, if I call
Auth0
.authentication()
.userInfo(token: accessToken)
.start { result in
switch result {
case .success(let profile):
self.profile = profile
case .failure(let error):
print("Error: \(error). Invalid accessToken. Checking refresh token.")
}
}
If the user is created via facebook, this works fine. If the user is created via email, the userMetadata
contains 0 elements..
I think this is a bug, as everything is exactly the same between facebook and email auth, and these methods are as per the doc's guidelines.
I have two problems:
In the plist of the project the bundle version is set to 1.0.0-rc.4 which is unsupported:
CFBundleShortVersionString1.0.0-rc.4
Is this a bug or am I suppose to use another string in my Cartfile to install the framework with support for Swift 3?
it's a swift lint violation on enum and switch
Previously, I was able to use a "legacy" call to generate id_token
that contained the user's app_metadata
like this:
authentication.login(usernameOrEmail: email,
password: password,
connection: "Username-Password-Authentication",
scope: "openid app_metadata offline_access",
parameters: ["device": deviceName])
However, per June 8 update, the Legacy: RO jwt-bearer
grant type isn't supported anymore... which means said method call doesn't work.
I've updated to use the new realm
login method like this:
authentication.login(usernameOrEmail: email,
password: password,
realm: "Username-Password-Authentication",
scope: "openid app_metadata offline_access")
This correctly generates an id_token
, but it no longer includes app_metadata
on it.
How can I generate an id_token
that includes app_metadata
using this new method?
Hi,
We're in a process of migrating our codebase to Swift 3 to support iOS 10. We're are using Auth0 SDK for our iOS, Android & Web-based products. Our codebase migration has hit a deadlock since Auth0 1.0.1-rc.2 for iOS does not support Swift 3. Please update us as soon as possible.
Thanks,
Team Pixerf
Hi,
we created a new client id, unfortunately I am no more able to login. I get this error:
Grant type 'http://auth0.com/oauth/legacy/grant-type/ro' not allowed for the client.
What must I do?
Thanks
In Xcode 9, Swift, I'm getting the error, "No such module 'Auth0.'"
I added the following to my pod file pod "Auth0", '[email protected]'
and it fails saying [!] Oh no, an error occurred.
I can install the swift 3.0 pod perfectly fine using pod "Auth0", '1.0.0-rc.4'
without the @swift-2.3
suffix.
Can this target IOS 8+ instead of IOS 9+?
or whats the best solution to do if not ?
thanks
At the first login to Facebook the redirect URL contains "fragment" _=_
For example
com.auth0.akswiftauth0test://juliazhelem.eu.auth0.com/ios/com.auth0.AKSwiftAuth0Test/callback?code=pMmrjQQO7EAQGJmt&state=pg76m1ep6TD0RwYzwrlszuh7bpXjwIBmaxW_NWacZCM#_=_
Auth0.swift analyzes this URL and marks it as โnot completedโ (Auth0.resumeAuth(url, options: options) returns "false")
For the next logins to Facebook the redirect URL does not contain any fragments and everything works fine
Possible solution:
Function SafariSession.resume(...) does not check "fragment", only "query".
So changing let items = components.a0_values
to let items = components.a0_queryValues
in file https://github.com/auth0/Auth0.swift/blob/master/Auth0/OAuth2Session.swift#L86 might fix the issue
The current major version of Alamofire is 3.x.
So we found this error while switching over to new dev accounts today.
I read about it here and here. I've updated Auth0 to v1.6.0. I'm registering users via
Auth0
.authentication()
.signUp(
email: email,
password: password,
connection: "Username-Password-Authentication"
)
.start { result in
DispatchQueue.main.async {
self.handleAuthResult(result)
}
}
I tried adding parameters: ["grant_type": "implicit"]
(tried multiple grant_types i have enabled) but no success.
What to do?
Hello ๐,
I didn't saw a guide on how to contribute or something like that, so sorry in advance if the issue description is not in the best.
I'm using your framework in a new app that in be released in a near future and i tried to use with the new Xcode 9, which avoid my rage to go up anytime it crashes, but i found that it didn't compile.
Mostly, it doesn't compiles due to:
Nimble and OHHTPStubs, they are in old versions or specific language versions.
Updating those to the latest released versions fix the compile issue of the dependencies.
The subclass of SFSafariViewController
is using an deprecated convenience init
.
Adding a conditional availability on the required init
fixes the problem.
if #available(iOS 11.0, *) {
let configuration: SFSafariViewController.Configuration = {
$0.entersReaderIfAvailable = false
return $0
}(SFSafariViewController.Configuration())
super.init(url: URL, configuration: configuration)
} else {
super.init(url: URL, entersReaderIfAvailable: false)
}
I will open a PR with this, feel free to reject it.
It would be really nice if we could use the beta version of xcode 9 to develop, since it brings a few stability improvements, but is a beta tool which you may not want to support until it is released.
๐ป
I'm using Auth0.authentication().login method to log-in user into my app but response returns credentials with expiresIn property empty. Now when I try to renew idToken with CredentialsManager.credentials it checks for expiresIn being set and being a future date and always returns .noRefreshToken. Can someone please point me in the right direction for solving this, should expiresIn be set or am I using wrong method?
Hi,
I am trying to refresh token using renew method but it does not work. Returned credentials.idToken is set to nil. Here is my code.
auth0.logging(enabled: LOG_NETWORK_MANAGER_AUTHENTICATION_ENABLED)
.renew(withRefreshToken: refreshToken)
.start { [ weak self ] result in
switch result {
case .success(let credentials):
if let idToken = credentials.idToken {
saveAccessToken(idToken)
}
case .failure(let error):
LOG_NETWORK_MANAGER_AUTHENTICATION("Id Token renew failed with error: \(error)")
}
}
Thanks
Hi there,
I want to use link, unlink accounts and support IOS 8 since we have to!
so whats the best way to overcome the auth0 IOS 8 support, could i use rest api's to link, unlink account ?
thanks in advance
When logging to get user credentials, the expiresIn
field is nil
. All other fields are returned fine.
pod Version: 1.2
Auth0.authentication()
.login(
usernameOrEmail: "meow",
password: "meow",
connection: "Username-Password-Authentication",
scope: "openid offline_access user_metadata",
parameters: ["device": "iPhone"]
)
.start() { result in
switch result {
case .success(let credentials):
print("access token: \(credentials.accessToken)")
print("id token: \(credentials.idToken)")
print("refresh token: \(credentials.refreshToken)")
print("expires in: \(credentials.expiresIn)")
}
}
print output:
access token: Optional("aAaaaAAA")
id token: Optional("aAAsdf.asdfASDa.asdf")
refresh token: Optional("aaaSSsfSSDFSDSFSDFDSFss")
expires in: nil
Am I missing something? Is this the intended behavior?
NOTE: token values in the print output are replaced with dummy values...
SFSafariViewController
will no longer share cookies with Safari starting from iOS 11. This makes it hard to sign user out from social identity provider. Alternative approach is to use SFAuthenticationSession for authentication/authorisation. It was discussed in openid/AppAuth-iOS#120 and there's a proposed pull request openid/AppAuth-iOS#129
Is there any ongoing development to support iOS 11?
Running under iOS 11 (and Swift >= 3.2), SafariWebAuth.clearSession ignores the federated flag passed into the function. It does not add the 'federated' parameter to the logoutURL.
I try to logout using the below code:
var auth0 = Auth0.webAuth()
auth0.clearSession(federated: true) { outcome in
DispatchQueue.main.async {
let credentialsManager = CredentialsManager(authentication: Auth0.authentication())
_ = credentialsManager.clear()
CredentialsHelper.resetCredentials()
}
}
After that is executed successfully, I try to login again, I tap on Google
authentication, Auth0
won't ask me for credentials and just logs me in.
Another part of the issue (related tho), is that if I deleted the app, and then re-installed it again, how can I clear the IdP values so Google
login would ask for credentials again, without using the above method? As that would trigger a webView
to appear (on iOS 11 at least) and disappear suddenly for the user after he launches the app for the first time, which is a bad UX.
After logging in with facebook webAuth, I get credentials, but the refreshToken property is nil. Is this expected behavior?
(Sorry for the poor formatting - couldn't figure out the spacing.)
Auth0.webAuth()
.connection("facebook")
.start{ result in
switch result {
case .success(let credentials):
// credentials.refreshToken is nil here
case .failure(let error):
print(error)
}
}
Are you evaluating to support Xcode 8?
We need to use your framework in one of our projects and since iOS 10 is going to be released tomorrow, we need this ASAP.
Please, let us know what you can do about it.
Thanks.
Guys I've just updated my pods and got version 1.7.2
Being that is a minor release should not break any thing right(semver)?
In this case is not Auth0 that is breaking is the dependency on cryptoSwift 0.7.0 that is to work with XCode 9 and Swift 4. The error is the same as stated in the cryptoSwift issue #485
Reverted back to 1.7.1 and all was fine.
Using this
keychain.setData(NSKeyedArchiver.archivedDataWithRootObject(profile), forKey: "profile")
from the Auth0 documentation: https://auth0.com/docs/quickstart/native/ios-swift/03-session-handling#validate-an-existent-idtoken
The application is crashing and returning this:
-[A0Profile encodeWithCoder:]: unrecognized selector sent to instance *** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '-[A0Profile encodeWithCoder:]: unrecognized selector sent to instance'
I'm trying to implement renewal via refresh tokens, but I'm getting an error of Unsupported grant type: refresh_token
.
I seem to get a valid refresh token back from the login call. But when I try to use it, I get the error above.
Is there another scope I need? Or something I need to adjust in my settings somewhere?
Here is my login code:
authentication.login(usernameOrEmail: username, password: password, multifactorCode: nil, connection: "Username-Password-Authentication", scope: "openid email offline_access", parameters: ["device": UIDevice.current.name]).start { result in
switch result {
case .success(let credentials):
if let idToken = credentials.idToken, let refreshToken = credentials.refreshToken {
let keychain = KeychainSwift()
keychain.set(idToken, forKey: "auth0_idToken")
keychain.set(refreshToken, forKey: "auth0_refreshToken")
}
case .failure(let error):
print("Error: \(error)")
}
}
And here is my renew code:
guard let refreshToken = keychain.get("auth0_refreshToken") else {
return
}
authentication.renew(withRefreshToken: refreshToken).start { result in
switch result {
case .success(_):
break
case .failure(_):
break
}
}
I was able to login with this method
auth0.login(usernameOrEmail: email,
password: password,
multifactorCode: nil,
connection: "connection-name",
scope: "openid profile",
parameters: [:])
And I noticed /ro
is now deprecated, and new method is favored https://github.com/auth0/Auth0.swift/blob/swift-4/Auth0/Authentication.swift#L85
So I switch to use the new one as
auth0.login(usernameOrEmail: email,
password: password,
realm: "realm-name",
audience: "audience-name",
scope: "openid profile")
But this one gives me 401 unauthorized error.
By looking at the doc https://auth0.com/docs/api/authentication#authorization-code, I realized the client_secret
is marked as required. So I hardcoded my client_secret, and managed to get it to work.
But this made me wonder if it is an issue to the Auth0Authentication.swift
implementation, or did I miss any configurations which could allow me to login without hardcoding the client_secret
on iOS side? Thanks.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.