Comments (10)
I ended up circumventing this behavior by implementing a variant of the suggestion: I only call SafariWebAuth.clearSession when my SAML users do a logout action. This allows me to do a federated logout for them and not for my Database Connection users. I identify my SAML users by looking for 'samlp' in the UserProfile sub property, as you suggested.
I chose this way because I don't have easy access to the WebAuth object to add parameters because I'm using the Lock.swift library which wraps the WebAuth object.
Thanks for your help in working through this.
from auth0.swift.
Great, as an FYI you can specify parameters in the Lock options that will be passed through to webAuth
.
.withOptions {
$0.parameters = ["prompt" : "login"]
}
from auth0.swift.
Hey @srgray can you walk me through the steps to reproduce and also what iOS you were testing on. Thx
from auth0.swift.
I have tested this on iOS 10.2 and 11.1 simulators. The behavior is the same for both iOS 10/11.
Here are my Auth0 configuration details:
I have 2 types of users in my Auth0 configuration: those associated to a Database Connection and those associated to an Enterprise Connection (SAML IDP). For my SAML Connection configuration, I have specified a 'Sign Out URL'.
My iOS application, upon user action of Logout, invokes the SafariWebAuth.clearSession function with 'federated' parameter = true for all users (regardless of user type). For the SAML users, they are properly redirected to the configured SAML 'Sign Out URL' and successfully signed out of the SAML IDP (further notes on: #175 ).
But, upon Logout, my non-SAML users (Database Connection) are also redirected to the configured SAML 'Sign Out URL'.
My assumption is that Auth0 would be able to recognize the type of user and appropriately redirect only the SAML users to the SAML 'Sign Out URL'.
from auth0.swift.
If the Authentication was performed using a Database Connection, you don't really logout
, all you are looking to do is clear the last login
session that would be the DB connection (Presuming you are using WebAuth for everything?) so you would call clearSession without federated.
I am wondering if you call it with federated it remembers the last federated connection perhaps e.g. SAML
clearSession
may not be the best option for every possible use case, you should also have a look at the SAML Logout Docs https://auth0.com/docs/logout#saml-logout.
from auth0.swift.
An alternative approach is to force a login, if you add .parameters(["prompt" : "login"])
from auth0.swift.
Yes, I am using WebAuth (through the Lock.swift library).
Can you explain more about .parameters(["prompt" : "login"])
? Is that something to add to the WebAuth object?
from auth0.swift.
Sorry, yes add that to your WebAuth
object.
login
The Authorization Server SHOULD prompt the End-User for reauthentication.
So when you have logged in for example with the Database connection, instead of calling clearSession
, you could set a flag somewhere so next time you call WebAuth you add the prompt
key with value login
to force a reauthentication.
from auth0.swift.
OK, I'll give this a try.
What is the recommended way for my iOS app to 'know' that a Database Connection was used to login (so that I can set a flag for the next call to WebAuth)?
from auth0.swift.
Take a look at https://auth0.com/docs/user-profile/normalized/auth0#uniquely-identify-users
for the general idea.
When you retrieve the UserProfile check the sub property
from auth0.swift.
Related Issues (20)
- Github Slack integration HOT 4
- Screen hint and Prompt Parameters don't seem to have an effect HOT 7
- Passwordless Email doesnt open application HOT 2
- webAuth() leaks continuation when using SFSafariViewController and formSheet presentation style
- The credentials renewal failed. CAUSE: Unknown or invalid refresh token. HOT 23
- iOS Framework depending on Auth0 fails to build due to SimpleKeychain HOT 1
- SFSafariViewController (SwiftUI) HOT 2
- Support configuring endpoint HOT 2
- Swift Cannot read properties of undefined (reading ‘passwordless_method’) HOT 1
- AQA testing cannot access web context on web auth with auth0. HOT 3
- CI build error due to recent Package.swift update HOT 13
- Versions prior to 2.4.0 (namely the previous one 2.3.2) are not compatible with iOS 12 anymore HOT 2
- Crash with numeric bundle indentifier HOT 1
- The .start method callback is sometimes not called HOT 5
- The callback execution thread is not consistent HOT 4
- Auth0 not working in iOS 17. Not able to login HOT 8
- In v2 we can no longer build out our own token request HOT 9
- Login with OTP with custom realm HOT 1
- Custom minTTL support with renew() API HOT 2
- Passwordless authentication does not accept additional parameters HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from auth0.swift.