I'm using AppAuth-iOS for my AD B2C login, AppAuth-iOS uses SFAuthenticationSession for making authentication requests on iOS 11+. I assumed that when I call SFSafariViewController to open a link to a webapp that does SSO with the B2C, it will automatically authenticate the user into it. However this does not seem to work.
Is it not supposed to work? Am I doing it the wrong way?
I've tried modifying the AppAuth-iOS pod in my project and tried to open the authentication request in a webview and use webview to also open the link.. does not work. Also, I've read about instances of Safari not sharing cookies, does this also apply to webview? Does webview use Safari browser? I've also read other stuff related to this problem but they are confusing me, and in the end, for me, there's no closure to them.
This is the code from OIDExternalUserAgentIOS.m of AppAuth-iOS that is used for communicating the app to B2C login:
SFAuthenticationSession *authenticationVC =
[[SFAuthenticationSession alloc] initWithURL:requestURL
callbackURLScheme:redirectScheme
completionHandler:^(NSURL * _Nullable callbackURL,
NSError * _Nullable error) {
__strong OIDExternalUserAgentIOS *strongSelf = weakSelf;
if (!strongSelf)
return;
strongSelf->_authenticationVC = nil;
if (callbackURL) {
[strongSelf->_session resumeExternalUserAgentFlowWithURL:callbackURL];
I use this code to open the link,
SFSafariViewController *svc = [[SFSafariViewController alloc] initWithURL:URL];
svc.delegate = (AppDelegate *)[UIApplication sharedApplication].delegate;
[self presentViewController:svc animated:YES completion:nil];
I'm hoping that SSO will work between SFAuthenticationSession and SFSafariViewController.
Thank you very much.
I'm assuming that you tried to used WKwebView. If so wkwebview does not share cookies with Safari web browser. Each web view run in a different process than we have an isolation.