How to get an auth code using ASWebAuthenticationSession?

Asked 25/2, 2020 at 16:0 Answered 25/8, 2022 at 8:6

ios swift oauth stripe-payments aswebauthenticationsession

I'm trying to obtain an auth code from Stripe's OAuth endpoint using ASWebAuthenticationSession - this event happens after the my Stripe redirect url gets called.

Unfortunately, the authSession's completion handler doesn't call back with a callbackURL. And I need this callbackURL to query the auth code. I've read different articles on this topic but I can't figure out why my implementation doesn't work they way I expect it to.

Here's my code:


class CreateStripeConnectAccountController: UIViewController {

  var authSession: ASWebAuthenticationSession!

  override func viewDidLoad() {
      super.viewDidLoad()
      configureAuthSession()
  }

  private func configureAuthSession() {

    let urlString = Constants.URLs.stripeConnectOAuth // Sample URL

    guard let url = URL(string: urlString) else { return }

    let callbackScheme = "myapp:auth"    

    authSession = ASWebAuthenticationSession(url: url, callbackURLScheme: callbackScheme, completionHandler: { (callbackURL, error) in
       guard error == nil, let successURL = callbackURL else {
          print("Nothing")
          return
       }

       let oauthToken = NSURLComponents(string: (successURL.absoluteString))?.queryItems?.filter({$0.name == "code"}).first

       print(successURL.absoluteString)
    })

    authSession.presentationContextProvider = self
    authSession.start()
  }
}

extension CreateStripeConnectAccountController: ASWebAuthenticationPresentationContextProviding {
    func presentationAnchor(for session: ASWebAuthenticationSession) -> ASPresentationAnchor {
        self.view.window ?? ASPresentationAnchor()
    }
}

Siftings answered 25/2, 2020 at 16:0 Comment(7)

Consider posting this question on their Github (if there's any), if no one answers this. – Smokejumper 25/2, 2020 at 16:18

@Glenn good idea – Siftings 25/2, 2020 at 17:33

@uchennaaguocha have you enabled your app for universal deep links? The alternative approach here is to completely handle OAuth in webviews, then have your "redirect_url" page manually link back to your iOS app Also, what happens in your app when you've completed the OAuth flow in the AuthContext? It is expected to open the redirect url you've specified in your Connect settings – Gassman 25/2, 2020 at 21:5

@Gassman My original approach involved the webview. My user will create a Stripe Connect account, and once they're done, the redirect url will get called. It would redirect the user back to the app. Earlier this week my app got rejected because Apple deprecated UIWebview APIs. So, that's why I'm using ASWebAuthenticationSession instead of the webview. – Siftings 25/2, 2020 at 21:57

@uchennaaguocha appreciate the details! I'm doing the same on my end and it is working. i.e. Stripe Connect page -> redirect URL -> that page deep links to my iOS app. Can you double check what is your url scheme and what url scheme your redirect page is redirecting to? You can also use WKWebView instead of UIWebView now – Gassman 25/2, 2020 at 22:12

@Gassman I just reviewed my code and I'm using WKWebView too lol. My url scheme is "bolar:app" and redirect uri is a Firestore cloud function url. – Siftings 25/2, 2020 at 22:26

@Gassman I think I know why my application got rejected in the first place. I was using a deprecated protocol called UIWebViewDelegate instead of WKUIDelegate. I'm going to give this a try and let you know it goes. – Siftings 25/2, 2020 at 22:29

I believe the issue is that you are giving nil for callbackURLScheme. You need to give a URL scheme that redirects to your app:

See apple's authentication example: https://developer.apple.com/documentation/authenticationservices/authenticating_a_user_through_a_web_service

And here's apple's docs on how to create a custom URL scheme for your app: https://developer.apple.com/documentation/uikit/inter-process_communication/allowing_apps_and_websites_to_link_to_your_content/defining_a_custom_url_scheme_for_your_app.

Armourer answered 25/2, 2020 at 18:35 Comment(5)

Thanks for the suggestion. I'm going to take a look into that now. – Siftings 25/2, 2020 at 18:39

Yeah let me know. That seems like the most likely cause to me, but I could be wrong about that! – Armourer 25/2, 2020 at 18:41

@wilco0 I tried it and it didn't work out for me. I create a URL type with my custom url scheme and called authSession.start(). By the time the authentication finished, authSession callback/completion handler didn't get triggered. – Siftings 25/2, 2020 at 20:36

Do you mind posting your updated code so I can see? – Armourer 25/2, 2020 at 21:6

I got update my original post. You should see a constant called "callbackScheme". It's the same url scheme that I used as a URL Type. – Siftings 25/2, 2020 at 21:52

I know it's old, but anyway. Make sure, that callbackScheme and scheme that is used in redirect_uri are the same.

Inefficacious answered 23/4, 2020 at 10:46 Comment(0)

Your callbackScheme myapp:auth is incorrect format.

The symbol : cannot be used in the scheme name of a URI.

See the following RFC definition of Scheme.

Scheme names consist of a sequence of characters beginning with a letter and followed by any combination of letters, digits, plus ("+"), period ("."), or hyphen ("-").

https://datatracker.ietf.org/doc/html/rfc3986#section-3.1

Thefore, revising the callbackURLscheme as myapp-auth or myapp.auth works well.

Strade answered 18/6, 2021 at 15:4 Comment(0)

try setting your callbackScheme = "myapp" to receive callback

and from your server-side it should return "myapp://auth?token=1234"

Hope it helps.

Bluefarb answered 25/8, 2022 at 8:6 Comment(0)

Recommended topics

Hot tags