ios
ios copied to clipboard
nextcloud
iOS app users should be able to take over credentials from the other app (Files & Talk)
@marinofaggiana @Ivansss you mentioned that the apps need to be in the same namespace / by the same developer for the credentials to be shared.
Is this not something we wanted to do, moving the apps under the same account? cc @karlitschek
Would be cool because re-typing credentials is really cumbersome. Ideally, if you already have the Nextcloud iOS app, the Nextcloud Talk iOS app should automatically log you in.
It is not technically possible, for now, @Ivansss do you have any idea ?
I stumbled into this post on hacker news that seems related to this. I've quoted the relevant comment below.
There are basically two ways this can work: the old way, and the new way.
In the old way, an implementation detail of the Keychain was that data saved in the Keychain would not be purged on app uninstall. Basically, the Keychain can be thought of as a fancy key-value store where your keyspace is further scoped to your app's bundle ID. It's intended to provide a secure place to generate and store keys, etc., but you can also just stick a bit of data in there.
So, user logs in, save their username to keychain. User deletes app. User reinstalls app. On app start, try to read the key you saved the username under. Is it there? Ok, this is a reinstall. No? Ok, this is a new installation or new phone.
There is no Apple documentation that says that this is the way it works, it's merely a quirk of how it's implemented. Obviously, it's a privacy concern. Apple closed this hole in one of the betas of iOS 10.3, but then restored the old behavior. I don't know why, but it's possible that many user workflows were relying on this behavior, or that it subtly broke something else (e.g. app groups).
The second way is using App Groups: https://developer.apple.com/library/archive/documentation/Mi...
In more recent versions of iOS, Apple introduced support for "app groups", which basically means a bunch of rights and privs that were scoped to the bundle id in the past are now optionally scoped to the bundle prefix (team id) or to a whitelisted set of apps that share a bundle prefix.
This allows for Facebook to share login session with Facebook Messenger, for instance. If you're Google, and you have multiple Google-owned products on the user's device, you can add them all to an app group. If up to all of the apps but one are deleted, and the last maintains user login data in the keychain, reinstallation of the other apps will allow them to recover data shared by other apps in their app group.
I don't know if there's a way a user on a non-jailbroken device can wipe the keychain without resetting the device. (You should also look into iCloud Keychain.)
Great, thank you @cwmke! :)
That means to achieve this we have to move both our Nextcloud app and the Talk app into the same namespace (which they currently are not). Nextcloud is on TWS, and Nextcloud Talk through Nextcloud GmbH.
Since this enhancement would simplify the log in process incredibly, we should consider moving them in the same organization. cc @marinofaggiana @karlitschek @Ivansss
Doing that atm would mean that ONE of the apps would lose current users and login credentials stored as far as I know.
Just something to keep in mind.
We need to know though that the majority of people in general do not use Nextcloud yet. So while yes it will inconvenience current users of one of the apps once; the way it currently is inconveniences all future possible users of both apps, which we want to be a lot of people.
TL;DR we should do this sooner than later, which is why this issue is open since 2 years already, back when we should have done it. ;) cc @karlitschek @jospoortvliet what do you think?
Business decision is that Talk subscription is possible without Files subscription so I don't think this is wise. (this was communicated by Frank a while back)
On Tue, 8 Oct 2019, 14:33 Jan-Christoph Borchardt, [email protected] wrote:
We need to know though that the majority of people in general do not use Nextcloud yet. So while yes it will inconvenience current users of one of the apps once; the way it currently is inconveniences all future possible users of both apps, which we want to be a lot of people.
TL;DR we should do this sooner than later, which is why this issue is open since 2 years already, back when we should have done it. ;) cc @karlitschek https://github.com/karlitschek @jospoortvliet https://github.com/jospoortvliet what do you think?
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/nextcloud/talk-ios/issues/12?email_source=notifications&email_token=AAABNMQX6OUPD4AJYZANPRDQNR4YFA5CNFSM4EBNYCQ2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAT7SII#issuecomment-539490593, or mute the thread https://github.com/notifications/unsubscribe-auth/AAABNMVOVIRZIZP5X55DIETQNR4YFANCNFSM4EBNYCQQ .
We just had this topic last week again in the office. This is not done yet, but definitely something we want to do.
Business decision is that Talk subscription is possible without Files subscription so I don't think this is wise. (this was communicated by Frank a while back)
@mario It could work both ways though, no? That is, if your users have Talk already and then you sign up for a Files subscription, all your users could just install the Files app and carry over their account from Talk?
We just had this topic last week again in the office. This is not done yet, but definitely something we want to do.
@nickvergessen should we then not reopen?
Well it's mostlikely going to affect the other app, but anyway we don't need a stray ticket.
We have already verify with Apple (yet 10 gg ago) and the App cannot be moved, so we need, if possible, search another street.
Yes, moving is not possible as was mentioned before already. The way to go would basically be to release a "new" version of the Files app in the Nextcloud org, where the Talk app already is, and slowly move over the existing users.
The longer we wait, the worse the issue is going to get. Especially if at some point we will have other apps than Files and Talk. cc @karlitschek @jospoortvliet
As far as I know this is resolved now since the app was recently also moved under the Nextcloud organization / publisher. Does that mean this specific issue is also fixed @marinofaggiana @tobiasKaminsky, or is anything additional needed for it?
Not yet, but from today the new version under the Nextcloud organization is available on Apple Store, so from the next version we can share the credential with the other Nextcloud iOS products (Talk, ...)
Awesome 🚀 i was wondering why i had to login again on my iOS devices today (after installing the most recent update). That explains it.
