Update dependencies and enhance webAuth methods to support HTTPS #1125
Conversation
…eychain dependencies
src/webauth/agent.ts
Outdated
| @@ -113,13 +117,17 @@ class Agent { | |||
| ); | |||
| let redirectUri = | |||
| options.returnToUrl ?? this.callbackUri(parameters.domain, scheme); | |||
|
|
|||
| // Determine if we should use HTTPS | |||
| const useHTTPS = scheme.startsWith('https'); | |||
There was a problem hiding this comment.
Is passing customeScheme only way the user can set https scheme ?
There was a problem hiding this comment.
yes keeping same implementation fro android and iOS.
EXAMPLES.md
Outdated
| - [Accept user invitations](#accept-user-invitations) | ||
| - [Bot Protection](#bot-protection) | ||
| - [Domain Switching](#domain-switching) | ||
| - [Examples using react-native-auth0](#examples-using-react-native-auth0) |
There was a problem hiding this comment.
The top-level link (the title) does not seem to be necessary.
There was a problem hiding this comment.
This happened due to VS code auto format feature on save. Its updating my md file without any warning. Reverted back to prev.
EXAMPLES.md
Outdated
| Register https://yourdomain.com/{YOUR_APP_BUNDLE_ID}/{PLATFORM}/callback as an allowed callback URL in your Auth0 Dashboard | ||
| Configure your app to handle Universal Links (iOS) and App Links (Android) | ||
| Set up your domain with proper verification for these deep linking mechanisms |
There was a problem hiding this comment.
| Register https://yourdomain.com/{YOUR_APP_BUNDLE_ID}/{PLATFORM}/callback as an allowed callback URL in your Auth0 Dashboard | |
| Configure your app to handle Universal Links (iOS) and App Links (Android) | |
| Set up your domain with proper verification for these deep linking mechanisms | |
| 1. Register https://yourdomain.com/{YOUR_APP_BUNDLE_ID}/{PLATFORM}/callback as an allowed callback URL in your Auth0 Dashboard. | |
| 2. Configure your app to handle Universal Links (iOS) and App Links (Android). | |
| 3. Set up your domain with proper verification for these deep linking mechanisms. |
There was a problem hiding this comment.
BTW, Auth0 already supports configuring (3) for the developer. They just need to configure some values in their Auth0 application's configuration on the Dashboard. We should mention this here and point to some docs pages with more specific instructions.
There was a problem hiding this comment.
This also works with the tenant subdomain, eg. some-tenant.us.auth0.com
There was a problem hiding this comment.
updated the examples.
|
BTW, HTTPS callbacks should be the default and recommended option for Web Auth on iOS, so the README setup instructions should be updated accordingly. E.g.: https://github.com/auth0/Auth0.swift#configure-web-auth-ios--macos |
|
(after which the instructions on EXAMPLES.md will be redundant, so these should be removed) |
EXAMPLES.md
Outdated
|
|
||
| 1\. Register [https://yourdomain.com/{YOUR\_APP\_BUNDLE\_ID}/{PLATFORM}/callback](https://yourdomain.com/{YOUR_APP_BUNDLE_ID}/{PLATFORM}/callback) as an allowed callback URL in your Auth0 Dashboard | ||
| 2\. Configure your app to handle Universal Links \(iOS\) and App Links \(Android\) | ||
| 3\. Set up your domain with proper verification for these deep linking mechanisms |
There was a problem hiding this comment.
Set up your domain with proper verification for these deep linking mechanisms
This can be confusing for the customers, since this seems to imply that this requires a custom domain, when it's not the case. Also, we should link to proper documentation explaining how to do this setup. Otherwise, it's not really helpful.
There was a problem hiding this comment.
BTW, this doesn't actually belong here. First, this is already being explained in the README's setup instructions. Second, this is inside the Authentication API's examples section, when it's about Web Auth.
There was a problem hiding this comment.
So this should be removed.
| ``` | ||
| This configuration allows your iOS app to handle Universal Links properly. | ||
|
|
||
| Refer to the example of [Using custom scheme for web authentication redirection](https://github.com/auth0/react-native-auth0/blob/master/EXAMPLES.md#using-custom-scheme-for-web-authentication-redirection) | ||
|
|
There was a problem hiding this comment.
This is missing the Configure the Team ID and bundle identifier part, as explained here: https://github.com/auth0/Auth0.swift#configure-the-team-id-and-bundle-identifier
I understand that it's explained in https://auth0.com/docs/get-started/applications/enable-universal-links-support-in-apple-xcode, but we should minimize the levels of indirection for essential setup instructions.
… App Links support
Changes
References
Checklist