ASWebAuthenticationSession in MacOS 10.15 (Catalina)

Question

I am trying to implement the new ASWebAuthenticationSession in MacOS 10.15 and I'm getting a bit confused about the callbackURLScheme.

The header file for ASWebAuthenticationSession says:

The callback URL usually has a custom URL scheme. For the app to receive the callback URL, it needs to either register the custom URL scheme in its Info.plist, or set the scheme to callbackURLScheme argument in the initializer.

So I initialize like this:

self.webAuthSession = [[ASWebAuthenticationSession alloc] initWithURL:self.authURL
                                                    callbackURLScheme:@"myurlscheme://"
                                                    completionHandler:^(NSURL * _Nullable callbackURL, NSError * _Nullable error) {

}];

The oauth provider I am trying to access, does not support custom URL schemes, so I have it set to redirect to a web address which in turn redirects to my URL Scheme.

So, after clicking Login in my MacOS app, Safari presents a window that allows me to login to the service. After successfully logging in the redirect happens but the web page just goes to a screen saying

Safari can't open the specified address.

I can see that the address is myurlscheme://?code=1234567890abcdefgetc... which is correct but it's obviously not calling the ASWebAuthenticationSession callback.

If I add the URL Scheme to the plist, then the safari window shows a prompt asking if you want to open it in the my app.

I know I can then fetch the code from the App Delegate's application:openURLs: method, but this is fiddly, has an unnecessary prompt for the user to click, and also leaves the ASWebAuth... safari window open. This should all be automatic through the callback.

The only way I get the callback to fire, is by closing the safari window in which case it calls back with error.

Same for me. Works perfectly on iOS and doesn't work well on MacOS. Still looking for workaround to close Safari after redirect prompt. `session.cancel()` doesn't work for this case. — Max Potapov, Oct 04 '19 at 11:09
I might submit a bug report to Apple. I think you should do the same. — Darren, Oct 04 '19 at 12:30

score 4 · Answer 1 · answered Nov 27 '19 at 12:19

I have just returned to this to try again and it seems to be working fine on MacOS 10.15.1 and 10.15.2 beta.

I have noticed that the callbackURLScheme parameter must not include ://

I'm not able to go back and test it again on 10.15 but i'm happy to use this now assuming everyone on 10.15 would have updated to 10.15.1

score 0 · Answer 2 · answered Mar 26 '20 at 21:41

Darren is right in MacOS you must remove the :// from the callbackURLScheme. iOS works fine no matter if you :// or not. However, in MacOS Catalyst there seems to be a bug. My app is getting focused once I login, but isn't getting the callback. Haven't found a way to fix it yet.

ASWebAuthenticationSession in MacOS 10.15 (Catalina)

2 Answers2

Linked