Support iOS 12

SFAuthenticationSession is deprecated in iOS 12. Uses the replacement (and functionally equivalent) ASWebAuthenticationSession on iOS 12+. The AuthenticationServices framework is now required. AppAuth now requires Xcode 10 to build (but still supports a deployment target of iOS 7), per our policy to only support the current development tools.
manotnemanja · Sep 21, 2018 · 2c934c9 · 2c934c9
1 parent 488bfe9
commit 2c934c9
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 3 deletions.
diff --git a/AppAuth.podspec b/AppAuth.podspec
@@ -40,7 +40,7 @@ It follows the OAuth 2.0 for Native Apps best current practice
   # iOS
   s.ios.source_files      = "Source/iOS/**/*.{h,m}"
   s.ios.deployment_target = "7.0"
-  s.ios.framework         = "SafariServices"
+  s.ios.frameworks        = "SafariServices", "AuthenticationServices"
 
   # macOS
   s.osx.source_files = "Source/macOS/**/*.{h,m}"

diff --git a/AppAuth.xcodeproj/project.pbxproj b/AppAuth.xcodeproj/project.pbxproj
@@ -383,6 +383,7 @@
 		34AF736B1FB4E4B30022335F /* OIDURLSessionProvider.m in Sources */ = {isa = PBXBuildFile; fileRef = 039697451FA8258D003D1FB2 /* OIDURLSessionProvider.m */; };
 		34AF736C1FB4E4B40022335F /* OIDURLSessionProvider.m in Sources */ = {isa = PBXBuildFile; fileRef = 039697451FA8258D003D1FB2 /* OIDURLSessionProvider.m */; };
 		34AF736D1FB4E4B40022335F /* OIDURLSessionProvider.m in Sources */ = {isa = PBXBuildFile; fileRef = 039697451FA8258D003D1FB2 /* OIDURLSessionProvider.m */; };
+		34B822932153602C00D96702 /* AuthenticationServices.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 34B822922153602C00D96702 /* AuthenticationServices.framework */; };
 		34D5EC451E6D1AD900814354 /* OIDSwiftTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 34D5EC441E6D1AD900814354 /* OIDSwiftTests.swift */; };
 		34FEA6AE1DB6E083005C9212 /* OIDLoopbackHTTPServer.h in Headers */ = {isa = PBXBuildFile; fileRef = 34FEA6AC1DB6E083005C9212 /* OIDLoopbackHTTPServer.h */; };
 		34FEA6AF1DB6E083005C9212 /* OIDLoopbackHTTPServer.m in Sources */ = {isa = PBXBuildFile; fileRef = 34FEA6AD1DB6E083005C9212 /* OIDLoopbackHTTPServer.m */; };
@@ -588,6 +589,7 @@
 		34A663271E871DD40060B664 /* OIDIDToken.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = OIDIDToken.m; sourceTree = "<group>"; };
 		34A6638A1E8865090060B664 /* OIDRPProfileCode.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = OIDRPProfileCode.m; sourceTree = "<group>"; };
 		34A663911E886AED0060B664 /* OIDRPProfileCode.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = OIDRPProfileCode.h; sourceTree = "<group>"; };
+		34B822922153602C00D96702 /* AuthenticationServices.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = AuthenticationServices.framework; path = System/Library/Frameworks/AuthenticationServices.framework; sourceTree = SDKROOT; };
 		34D5EC431E6D1AD900814354 /* OIDAppAuthTests-Bridging-Header.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "OIDAppAuthTests-Bridging-Header.h"; sourceTree = "<group>"; };
 		34D5EC441E6D1AD900814354 /* OIDSwiftTests.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = OIDSwiftTests.swift; sourceTree = "<group>"; };
 		34FEA6AC1DB6E083005C9212 /* OIDLoopbackHTTPServer.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = OIDLoopbackHTTPServer.h; sourceTree = "<group>"; };
@@ -633,6 +635,7 @@
 			isa = PBXFrameworksBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
+				34B822932153602C00D96702 /* AuthenticationServices.framework in Frameworks */,
 				3417422D1C5D850C000EF209 /* Security.framework in Frameworks */,
 				3417422B1C5D8502000EF209 /* SafariServices.framework in Frameworks */,
 				341741F51C5D8283000EF209 /* libAppAuth-iOS.a in Frameworks */,
@@ -875,6 +878,7 @@
 		341742291C5D84D0000EF209 /* Frameworks */ = {
 			isa = PBXGroup;
 			children = (
+				34B822922153602C00D96702 /* AuthenticationServices.framework */,
 				3417422C1C5D850C000EF209 /* Security.framework */,
 				3417422A1C5D8502000EF209 /* SafariServices.framework */,
 			);

diff --git a/Source/iOS/OIDExternalUserAgentIOS.m b/Source/iOS/OIDExternalUserAgentIOS.m
@@ -19,6 +19,7 @@
 #import "OIDExternalUserAgentIOS.h"
 
 #import <SafariServices/SafariServices.h>
+#import <AuthenticationServices/AuthenticationServices.h>
 
 #import "OIDErrorUtilities.h"
 #import "OIDExternalUserAgentSession.h"
@@ -49,6 +50,7 @@ @implementation OIDExternalUserAgentIOS {
 #pragma clang diagnostic ignored "-Wpartial-availability"
   __weak SFSafariViewController *_safariVC;
   SFAuthenticationSession *_authenticationVC;
+  ASWebAuthenticationSession *_webAuthenticationVC;
 #pragma clang diagnostic pop
 }
 
@@ -88,7 +90,34 @@ - (BOOL)presentExternalUserAgentRequest:(id<OIDExternalUserAgentRequest>)request
   BOOL openedSafari = NO;
   NSURL *requestURL = [request externalUserAgentRequestURL];
 
-  if (@available(iOS 11.0, *)) {
+  // iOS 12 and later, use ASWebAuthenticationSession
+  if (@available(iOS 12.0, *)) {
+    __weak OIDExternalUserAgentIOS *weakSelf = self;
+    NSString *redirectScheme = request.redirectScheme;
+    ASWebAuthenticationSession *authenticationVC =
+        [[ASWebAuthenticationSession alloc] initWithURL:requestURL
+                                      callbackURLScheme:redirectScheme
+                                       completionHandler:^(NSURL * _Nullable callbackURL,
+                                                           NSError * _Nullable error) {
+      __strong OIDExternalUserAgentIOS *strongSelf = weakSelf;
+      if (!strongSelf) {
+          return;
+      }
+      strongSelf->_webAuthenticationVC = nil;
+      if (callbackURL) {
+        [strongSelf->_session resumeExternalUserAgentFlowWithURL:callbackURL];
+      } else {
+        NSError *safariError =
+            [OIDErrorUtilities errorWithCode:OIDErrorCodeUserCanceledAuthorizationFlow
+                             underlyingError:error
+                                 description:nil];
+        [strongSelf->_session failExternalUserAgentFlowWithError:safariError];
+      }
+    }];
+    _webAuthenticationVC = authenticationVC;
+    openedSafari = [authenticationVC start];
+  // iOS 11, use SFAuthenticationSession
+  } else if (@available(iOS 11.0, *)) {
     __weak OIDExternalUserAgentIOS *weakSelf = self;
     NSString *redirectScheme = request.redirectScheme;
     SFAuthenticationSession *authenticationVC =
@@ -97,8 +126,9 @@ - (BOOL)presentExternalUserAgentRequest:(id<OIDExternalUserAgentRequest>)request
                                    completionHandler:^(NSURL * _Nullable callbackURL,
                                                        NSError * _Nullable error) {
       __strong OIDExternalUserAgentIOS *strongSelf = weakSelf;
-      if (!strongSelf)
+      if (!strongSelf) {
           return;
+      }
       strongSelf->_authenticationVC = nil;
       if (callbackURL) {
         [strongSelf->_session resumeExternalUserAgentFlowWithURL:callbackURL];
@@ -112,13 +142,15 @@ - (BOOL)presentExternalUserAgentRequest:(id<OIDExternalUserAgentRequest>)request
     }];
     _authenticationVC = authenticationVC;
     openedSafari = [authenticationVC start];
+  // iOS 9 and 10, use SFSafariViewController
   } else if (@available(iOS 9.0, *)) {
     SFSafariViewController *safariVC =
         [[[self class] safariViewControllerFactory] safariViewControllerWithURL:requestURL];
     safariVC.delegate = self;
     _safariVC = safariVC;
     [_presentingViewController presentViewController:safariVC animated:YES completion:nil];
     openedSafari = YES;
+  // iOS 8 and earlier, use mobile Safari
   } else {
     openedSafari = [[UIApplication sharedApplication] openURL:requestURL];
   }