AppAuth-iOS
AppAuth-iOS copied to clipboard
openid
Is there a way to clear the credentials stored by AppAuth in iOS
I am using AppAuth 1.3.0 lib for authenticating my App. It popup safari viewcontroller and after entering the credentials, i am logging in. But after logout when i tried to login with different credentials, it is login in with same old credentials. Until i close and open the App, its using the same credentials. How to clear the old credentials which is stored from AppAuth lib?
Please help me to resolve this issue
Any solution??
I've tried clean cookies:
HTTPCookieStorage.shared.removeCookies(since: Date.distantPast)
And Clean records:
fetchDataRecords(ofTypes: WKWebsiteDataStore.allWebsiteDataTypes()) { records in records.forEach { record in self.removeData(ofTypes: record.dataTypes, for: [record], completionHandler: {}) print("[WebCacheCleaner] Record \(record.displayName) deleted") } }
But without success.
Please help me to resolve this issue
Any solution??
I've tried clean cookies:
HTTPCookieStorage.shared.removeCookies(since: Date.distantPast)And Clean records:
fetchDataRecords(ofTypes: WKWebsiteDataStore.allWebsiteDataTypes()) { records in records.forEach { record in self.removeData(ofTypes: record.dataTypes, for: [record], completionHandler: {}) print("[WebCacheCleaner] Record \(record.displayName) deleted") } }But without success.
No i didn't get solution
@arvinthmani I got a solution.
In my case I'm using endpoint session with parameter "id_token_hint" (accessToken set on parameter).
Call endPointSession endpoint using self.entityAuthState.authState?.lastAuthorizationResponse.request.configuration.discoveryDocument?.endSessionEndpoint
You need check with your back end if need send any specific parameter or I just call this end point is enough.
AppAuth uses ASWebAuthenticationSession which shares cookies with Safari (except for session cookies). To log out of the browser session, the IdP needs to delete that cookie (e.g. through a user initiated logout action, or through support of the OIDC Logout protocol).
These credentials are not stored in AppAuth. As far as AppAuth is concerned, once you delete the OIDAuthState object all grants are gone.
Hello @WilliamDenniss , had you disable SafariViewController cookies? because when we do first time sign-in then sign out. again sign in then it is not asking different credentials. it is going for auto login. when we remove our app from cache the again open our app then sign in, that time we can login with different credential. could you please help me for that? and have you config SafariViewcontroller like this: let config = SFSafariViewController.Configuration() config.entersReaderIfAvailable = true
AppAuth uses ASWebAuthenticationSession which shares cookies with Safari (except for session cookies). To log out of the browser session, the IdP needs to delete that cookie (e.g. through a user initiated logout action, or through support of the OIDC Logout protocol).
These credentials are not stored in AppAuth. As far as AppAuth is concerned, once you delete the OIDAuthState object all grants are gone.
@WilliamDenniss - what are your thoughts on defaulting the prefersEphemeralWebBrowserSession to true for ASWebAuthenticationSession sessions?
as per: https://developer.apple.com/documentation/authenticationservices/aswebauthenticationsession/3237231-prefersephemeralwebbrowsersessio
https://developer.apple.com/documentation/authenticationservices/authenticating_a_user_through_a_web_service
@adozenlines didn't work by
additionalParameters: ["prompt": "login"] ? Anyone solve this issue?
