Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

System dialog to save password appears for split-second and user has no way to save password #725

Closed
6 tasks done
kirill-konshin opened this issue Sep 20, 2023 · 7 comments
Closed
6 tasks done

System dialog to save password appears for split-second and user has no way to save password #725

kirill-konshin opened this issue Sep 20, 2023 · 7 comments
Assignees
@Widcket
Labels
iOS Used to denote issues raised for iOS Platform waiting for customer This issue is waiting for a response from the issue or PR author

Comments

@kirill-konshin
Copy link

kirill-konshin commented Sep 20, 2023
edited
Loading

Checklist

Description

On iOS after successful login with password, the system prompt to save password is shown but immediately disappears, sometimes not even visible, sometimes visible for split second.

I double checked expo settings, and when I create a password manually in iOS settings, it is prefilled, so from OS standpoint app is configured properly, in my opinion, Auth0 just does not wait for the dialog to save password to be dismissed and rushes back to app...

Community post was not answered...

Reproduction

  1. Call await authorize({audience: 'xxx'},{customScheme: 'xxx'})
  2. Fill out the email/password
  3. Click log in
  4. Dialog to save email/password is shown for split second (or not shown at all)
  5. Auth0 window closes and app logs in normally

Additional context

I tried it with and without ephemeralSession: true, no difference.

react-native-auth0 version

2.17.4

React Native version

0.72.3

Expo version

49.0.5

Platform

iOS

Platform version(s)

iOS 16
@kirill-konshin kirill-konshin added the bug This points to a verified bug in the code label Sep 20, 2023
@poovamraj poovamraj added the iOS Used to denote issues raised for iOS Platform label Sep 21, 2023
@poovamraj
Copy link
Contributor

@Widcket can you check this one out.

@kirill-konshin
Copy link
Author

Important remark. Ideally the password save dialog should work regardless of ephemeralSession: true/false.

As described in https://github.com/auth0/Auth0.swift/blob/master/FAQ.md#1-how-can-i-disable-the-login-alert-box the ephemeralSession: true can be used to bypass the login consent dialog, but password save dialog is still needed.

@Widcket
Copy link
Contributor

Widcket commented Sep 25, 2023

Hi @kirill-konshin, thanks for raising this.

Please note that the SDK just defers to the underlying iOS APIs for web-based authentication, in this case, ASWebAuthenticationSession.

The “Save password” prompt gets dismissed because the redirect to the app callback happens immediately, thus the modal gets dismissed (and with it the prompt). Others report that it is a bug with ASWebAuthenticationSession. As such, I'm afraid there's not much we can do about it.

I'd suggest filing a feedback report with Apple.

Important remark. Ideally the password save dialog should work regardless of ephemeralSession: true/false.

Again, this is handled by ASWebAuthenticationSession, not the SDK. If ASWebAuthenticationSession is configured to not store cookies (what ephemeralSession: true does) then nothing that depends on the persistence of cookies will work.

@Widcket
Copy link
Contributor

Widcket commented Sep 25, 2023

The “Save password” prompt gets dismissed because the redirect to the app callback happens immediately, thus the modal gets dismissed (and with it the prompt). AzureAD/microsoft-authentication-library-for-objc#848 that it is a bug with ASWebAuthenticationSession. As such, I'm afraid there's not much we can do about it.

A possible workaround could be to redirect to an interstitial page hosted by you (using an Auth0 Action), that has a button to perform the redirect back to the app (instead of it happening immediately).

@Widcket Widcket added waiting for customer This issue is waiting for a response from the issue or PR author and removed bug This points to a verified bug in the code labels Sep 25, 2023
@poovamraj
Copy link
Contributor

@kirill-konshin hope this helps. We will close this issue for now. Feel free to comment here and we can reopen it for further help.

@kirill-konshin
Copy link
Author

@poovamraj this helps, but it does not solve the issue, as EXPO / React Native consumer of the lib, I have no control over what is happening in native code. In my opinion the lib (or it's native counter part) has to properly handle the redirect. Somehow other apps are able to do this right...

@Widcket this will produce suboptimal experience, as users will have to press a button every time.

I'd say Apple will more likely to react on your feedback rather than on mine :)

@Widcket
Copy link
Contributor

Widcket commented Oct 11, 2023

I'm afraid this is a bug on ASWebAuthenticationSession, not the SDK, and as such there's not much we can do about it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Widcket Widcket

Labels
iOS Used to denote issues raised for iOS Platform waiting for customer This issue is waiting for a response from the issue or PR author
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kirill-konshin @Widcket @poovamraj