Using SFSafariViewControllerBrowser Logout Doesn't Work

The app I am working on is a Xamarin Forms app running on Android and iOS. When creating the Auth0Client for iOS, I specify the SFSafariViewControllerBrowser as UX doesn’t want the prompt that pops up. However, the logout does not work. The net effect is the user is auto-logged into the app. So no other user can log into the app.

public IAuth0Client Create()
{
     return new Auth0Client(new Auth0ClientOptions
     {
          Domain = EnvironmentConfiguration.Instance.Auth0Domain,
          ClientId = EnvironmentConfiguration.Instance.Auth0ClientKey,
          LoadProfile = false,
          Scope = "openid profile email",
          Browser = new SFSafariViewControllerBrowser()
     });
}

When I traced the code, the Logout does not return the callback URL code until the Login executes. For a temporary workaround. I added a
variable to track the logout. I had to have it set before the call to logout as the call never returns since the callback URL is not returned.

public async void Logout()
{
     BrowserResultType result;
     loggedOut = true; <= added to fake logout by forcing login prompt
     if (federated)
     {
          result = await Auth0Client.LogoutAsync(federated);
     } else {
          result = await Auth0Client.LogoutAsync();
     }
}

The configuration is correct as logout using the default SFAuthenticationSessionBrowser works.

Any ideas about how to fix the logout using SFSafariViewControllerBrowser? Also, is there a risk that Apple will not approve the new version of the app because of the use of SFSafariViewControllerBrowser?

Thank you

Hi @rsatter,

Thanks for reaching out to me. I am happy to help you find a solution to this issue. I wanted to start by making sure you had access to all the resources for the Xamarin SDKs.

I also want to make sure that @DamienG has eyes on your query. While the SDK is community supported, he might be able to point us in the right direction.

Can you produce a minimum viable reproduction of the issue? It would be very helpful.

Thanks,
Bobby

1 Like

I just tried to reproduce this using the iOS Test app that’s included in the SDK and changing the Browser to SFSafariViewControllerBrowser and both login and logout worked fine in my testing with the emulator

Typically this kind of problem occurs when the redirect URL is incorrect and so it doesn’t call back into the app but it seems strange that yours is working fine for login but not logout.

Can you try loading the sample app at auth0-oidc-client-net/test/iOS at master · auth0/auth0-oidc-client-net · GitHub and setting Browser = SFSafariViewController() in the MyViewController.cs and see whether the test app fails for you or not. This should eliminate some possibilities.

We can’t offer any assurances as to what Apple will or won’t do in future iOS updates with regards to SFSafariViewController. The SFAuthenticationSessionBrowser you mention is already deprecated despite coming out after SFSafariViewController and their latest guidance is to use ASWebAuthenticationSessionBrowser on iOS 12 - our default Browser implementation is AutoSelectBrowser which uses SFSafari on iOS < 11, SFAuthentication on iOS 11 and ASWeb on iOS 12+

[)amien

2 Likes

I can run this but it is not Xamarin Forms. The app you tried is a Xamarin native iOS. They are totally different.

As I said above, using the default, i.e. not specifying a browser logoff, works just fine. It is when I set the SFSafariViewControllerrBrowser that it does not work. I agree it has something to do with the return.

One thing I noticed when I tried ASWebAuthenticationSessionBrowser it crashes on login. While specifying SFAuthenticationSessionBrowser or nothing works fine.

The only thing I might be doing weird is specifying all 4 environment URL returns. We have dev, test, preprod and production environments. And rather than dealing with swapping out info files for just one XML node. I specify all 4 callbacks store, store.dev, store.test, and store.preprod.

I understand the test app is different but if the Xamarin iOS app works for you then theoretically similar code would work in Xamarin Forms.

One more thing you check would be to create your Auth0Options instance and assign it (temporarily) to an instance variable somewhere before passing it into the Auth0Client constructor.

Once the constructor has completed, check the Auth0Options class PostLogoutRedirectUri property to see what it has defaulted to and whether that matches your applications URL Types settings and also is whitelisted on the Auth0 dashboard under “Allowed Logout URL” for the application.

Sorry to take so long to get back to you. I did run the app and it works just fine. The configuration is matched to the app that will not logout. The test app logs out fine.

Yet the app that I am adding auth0 to does not. The only differences I see are

  • Xamarin Forms
  • Using a factory to create the client either for iOS or Android
  • Using dependency service to get auth client factory
  • Using dependency service to get auth service code to login and logout
  • Environment class that holds the client id and domain as properties

I did add the Auth0.OidcClient.Core andAuth0.OidcClient.iOS to my app. The logout still did not work using Safari Browser however using ASWebAuthenticationSessionBrowser does work for logging out.

Hi.

It could be any of the first 4 items on that list. If you have a minimal repro available we can step through we might be able to pinpoint the exact problem and offer a solution despite Xamarin Forms not being officially supported at this time.

I will see if I can make a simple repro. I am not sure that is possible since it could be caused by the complexity of the app and its architecture. Give me a few days. We are trying to get the app released. Once it is off to the app stores, I will see if I can get a repro.

1 Like

Thanks a lot for letting us know @rsatter!