AppAuth-iOS
AppAuth-iOS copied to clipboard
openid
[iOS/iPhone] AppAuth prevents redirect uri deeplink from azure b2c
I'am working with azure b2c and configured an redirect uri deep link. If I successfully signed in in the web view I don't get the response due of the following code snipped in OIDAuthorizationService.m. As soon as I comment out the if condition it works as expected.
Using this pod wrapped by the flutter plugin https://pub.dev/packages/flutter_appauth
- (BOOL)resumeExternalUserAgentFlowWithURL:(NSURL *)URL {
// rejects URLs that don't match redirect (these may be completely unrelated to the authorization)
if (![self shouldHandleURL:URL]) {
return NO;
}
Your suggestion to comment that code helped me track down the issue.
The deep link copied from the Azure Portal does not include a "path" component. Say you copied msauth.com.package.name://auth. When you run it, the redirect URL returned from the sign in flow looks like msauth.com.package.name://auth/?code=XXXX&state=YYYY. The matchesRedirectionURL function attempts to compare (down to the path component) the actual redirect URL msauth.com.package.name://auth/ with the original one msauth.com.package.name://auth but they don't match.
The fix seems simple: append a forward slash to redirect URL copied from Azure before passing it to authorizeAndExchangeCode of the flutter plugin.
Ideally shouldHandleURL: should be a method that the client calls before calling resumeExternalUserAgentFlowWithURL. This is how most other external URL handling services behave and this way the client gets an opportunity to accept a particular URL it knows is fine to be handled.
