Hey folks! Hope everyone is having an excellent week.
We are experiencing a pretty strange bug where it appears as if our iOS application attempts to refresh tokens against localhost
, regardless of the way our Auth0 client is configured, and only when the user signs in via a SAML SSO workflow.
This same bug is not present under “normal” Username/Password login, and only occurs on token refresh. This same SAML SSO workflow is operational without issue on all of our other clients, which are primarily JS. Curious if anyone has any idea why this might be happening - relevant snippets and error below -
Error:
The credentials renewal failed. CAUSE: Unable to complete the operation. CAUSE: Error Domain=NSURLErrorDomain Code=-1004 "Could not connect to the server." UserInfo={_kCFStreamErrorCodeKey=61, NSUnderlyingError=0x2813b2df0 {Error Domain=kCFErrorDomainCFNetwork Code=-1004 "(null)" UserInfo={_NSURLErrorNWPathKey=satisfied (Path is satisfied), interface: lo0, _kCFStreamErrorCodeKey=61, _kCFStreamErrorDomainKey=1}}, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <FE5FFC3E-454B-4BDA-82A7-58A5095BAD1E>.<1>, _NSURLErrorRelatedURLSessionTaskErrorKey=(
"LocalDataTask <FE5FFC3E-454B-4BDA-82A7-58A5095BAD1E>.<1>"
), NSLocalizedDescription=Could not connect to the server., NSErrorFailingURLStringKey=https://localhost/oauth/token, NSErrorFailingURLKey=https://localhost/oauth/token, _kCFStreamErrorDomainKey=1}
public func configure(clientID: String, domain: String) {
if self.clientId != clientID,
self.domain != domain {
self.clientId = clientID
self.domain = domain
credentialsManager = CredentialsManager(authentication: Auth0.authentication(clientId: clientId, domain: domain))
}
}
public func login() async throws -> [String: String] {
do {
let credentials = try await Auth0.webAuth(clientId: clientId, domain: domain)
.parameters(["prompt": "login"])
.scope("openid profile offline_access")
.audience("[valid audience]")
.start()
print("updated credentials: \(credentials)")
let _ = self.credentialsManager.store(credentials: credentials)
let tenantAndExtension = try await self.getTenantExtension()
return tenantAndExtension
} catch {
throw error
}
}
Thanks in advance for your time here! Any and all ideas and feedback would be greatly appreciated.