2

I'm trying to use shared web credentials. Domains that use wildcards won't work in a device, in a simulator they do work. Device is running iOS 12.3. Xcode 10.1.

My web app is built around WKWebView and it uses subdomains. The entitlements file in the iOS app contains this:

webcredentials:myapp.app
webcredentials:*.myapp.app

When I go to mydomain.myapp.app and request shared web credentials, I will get those credentials in a simulator. The device gives the error: 

Error Domain=NSOSStatusErrorDomain Code=-34018 "mydomain.myapp.app not found in com.apple.developer.associated-domains entitlement" UserInfo={NSDescription=mydomain.myapp.app not found in com.apple.developer.associated-domains entitlement}

If I enter the whole domain into the entitlements file, then this works in the device as well. But I don't need that whole domain in the simulator in the entitlements file, the wildcard works.

I'm building for target 10.0. I tried building for 12.1 but it didn't help. Note that I had to copy the "device files" from the Internet (somewhere from GitHub) as my version of Xcode didn't have the device files for iOS 12.3.

Any idea why wildcard doesn't work?

ile
  • 1,765
  • 1
  • 16
  • 19
  • Clean the build, delete the app from device, and then Build/Run a fresh copy of the app on device and let us know if that helped – staticVoidMan May 21 '19 at 11:22
  • Thanks @staticVoidMan, but I have done this countless of times. It doesn't help. – ile May 21 '19 at 19:33
  • Hm... btw, the `url` should be a website domain like `example.com`/`*.example.com` instead of `myapp.app`/`*.myapp.app` – staticVoidMan May 22 '19 at 00:27
  • No, I think myapp.app is a valid domain :-) https://stackoverflow.com/questions/11199845/where-can-i-purchase-app-tld – ile May 22 '19 at 10:32
  • Fair enough: `.app` is a valid domain. Now about the [missing entitlement](https://www.osstatus.com/search/results?platform=all&framework=all&search=-34018): Reboot the device, it might clear up this issue. – staticVoidMan May 22 '19 at 11:39
  • Good idea, but it didn't seem to help (rebooted device, osx too as it wanted to update something). Maybe this is a bug that I need to report. The "device files" workaround may also be one suspect. – ile May 22 '19 at 16:54
  • oh man, thats frustrating. Is your `apple-app-site-association` pointing back to the app properly? Btw, a [wildcard domain related bug](http://www.openradar.me/21387804) already exists and might be same in this case. – staticVoidMan May 22 '19 at 19:14
  • As u said, maybe the device files hack is interfering with ur debug process. So... try a vanilla iOS app from whatever Xcode version u have with just a username and password textfield set up, as well as the app capabilities on it having a valid associated domain, shared credentials, and `apple-app-site-association` pointing back to this PoC. – staticVoidMan May 22 '19 at 19:25
  • On a side note, check your wildcard domain at Apple's [App Search API Validation Tool](https://search.developer.apple.com/appsearch-validation-tool). Ex: to test the expression `*.myapp.app`, enter a valid string like `foo.myapp.app` and check the results. – staticVoidMan May 22 '19 at 23:21
  • Thanks for all the help. I ended up with a work-around. App's keychain + shared web credentials, although not perfect. – ile May 27 '19 at 02:19

1 Answers1

0

When testing universal links on device, there are a few requirements:

  1. Turn on Developer Mode on the device.
  2. Turn on Associated Domains Development in the Developer settings. (Developer settings will first occur after you have turned on Developer Mode).
  3. Build the app using developer certificate. (Enterprise will not work).
  4. Add ?mode=developer to the domain in entitlements if you are testing with a domain thats not publicly available (Behind VPN..)
einarnot
  • 486
  • 6
  • 19