Method checkAndPerformV1TokenMigration does not delete old V1 tokens on success

[delitestudio]

Hi, we have used checkAndPerformV1TokenMigration method to upgrade old V1 tokens to the new format but we've seen that after an uninstall of the application the procedure starts over migrating old tokens, even if a unlinkAndResetClients has been called.

We think the checkAndPerformV1TokenMigration does not delete old tokens from keychain after successful migration. Is there a way to solve this problem? Thanks!

[greg-db]

Thanks @delitestudio ! For reference, the implementation of checkAndPerformV1TokenMigration can be found here.

It doesn't delete the original tokens, and unlinkAndResetClients would only apply to the new tokens. Also, the bit that indicates the migration already occurred is stored in NSUserDefaults, which is cleared on uninstall.

Is the concern that it may surprise users that they are automatically migrated again after uninstalling the app once, despite the call to unlinkAndResetClients? (Users can always unlink all access tokens for an app from their account security page though.) I'll send this along as a request to automatically delete the old tokens when checkAndPerformV1TokenMigration succeeds though.

As a workaround, you can delete the old tokens yourself if you'd like. You can see how they're retrieved from the keychain here and here.

[delitestudio]

Hello @greg-db and thanks for your fast answer.

Is the concern that it may surprise users that they are automatically migrated again after uninstalling the app once, despite the call to unlinkAndResetClients?

We think it's not a big problem for users and we suppose that if they uninstall an application there's a little chance that they will re-install it. It just turned out in our debug sessions and we decided to alert you of this behaviour. We personally believe it will be cleaner to remove old tokens after a successful migration because there is little/no chance they will be reused.

[greg-db]

I see, thank you!