Storing Cookies in Keychain

Question

My app uses OAuth when logging in. A user is presented with a web view, once they sign in they are given the required tokens, however a cookie is also set. I am using that cookie when opening an WKWebView within my app so I can render an authenticated page.

These are not persisted across app restarts however, initially I was storing these on UserDefaults depending on the application life cycle change

applicationDidBecomeActive

applicationWillEnterForeground

applicationDidEnterBackground

applicationWillTerminate

However I do like the idea of storing anything sensitive in here and would much rather store the cookie on the keychain.

What I cannot understand is how I can serialize it in a way that lets me store it?

When I log out a stored cookie, an example I can see is

<NSHTTPCookie
    version:0
    name:SOMETHING_SOMETHING
    value:a_random_hash
    expiresDate:'2020-04-20 18:50:49 +0000'
    created:'2019-04-21 18:50:49 +0000'
    sessionOnly:FALSE
    domain:.domain.tld
    partition:none
    sameSite:none
    path:/
    isSecure:TRUE
    isHTTPOnly: YES
 path:"/" isSecure:TRUE isHTTPOnly: YES>)

Why not store cookies in [cookie storage](https://developer.apple.com/documentation/foundation/nshttpcookiestorage)? — user28434'mstep, Apr 25 '19 at 08:30
It was my understanding these are not persisted across restarts etc — Tim J, Apr 25 '19 at 08:33
Relevant: https://stackoverflow.com/questions/11570737/shared-instance-of-nshttpcookiestorage-does-not-persist-cookies — user28434'mstep, Apr 25 '19 at 08:35
hmmm for me they simply do not persist once the application has been closed and re opened if the cookie does not have an expiry date — Tim J, Apr 25 '19 at 08:48
possibly duplicate with https://stackoverflow.com/questions/26997601/store-nshttpcookie-in-ios-keychain-using-swift/68826223#68826223 I also have a solution to solve this issue: https://stackoverflow.com/a/68826223/2082851 — nahung89, Aug 18 '21 at 03:36

Storing Cookies in Keychain

0 Answers0