Ionic and MSAL Authentication for app opened within in app browser - ionic-framework

I have an Ionic app that needs to authenticate using msal angular for Azure, the user is able to sign in flawlessly on the login screen that opens up in an in app browser.
I have a link to another app which uses the same token for login, so in the native devices this app opens up in another in app browser when clicked on that link, but the user is not SSO'ed into that app. But the user is SSO'ed automatically on the PWA version.
Any idea on how this can be achieved on the native devices as well? I know we need to access the token from the cookie jar but im unable to find an example/documentation of such a scenario.
Thanks in advance.

Related

How to support WebAuthn in WKWebViews or on PWA based IOS app

I am using webauthn for biometric authentication like fingerprint scan in my pwa.
Now to publish it on IOS as an app I have used pwabuilder.com to get an ios package, which packages pwa to load it in wkwebview so that it can run on ios as native app. Now when I am running this pwa ios package using xcode everything is working fine except biometric login.
I checked online and it seems wkwebviews don't support webauthn. Is there any work around for this?
We tried using SFSafariViewerController and with this, webauthn works fine but once user presses done on safariviewercontroller UI it reaches back to login page so we will need to send some authentication information to WKWebView which initiated that SFSafariViewerController in order to authenticate user. Can anyone tell us how can we share the data between SFSafariViewerController and WKWebView?

Yammer login to web app not working on Iphone

Recently i registered app on yammer to use yammer for login to my web app. There is a problem on iOS with this flow, because when i try to login I get mobile yammer app login pop up & after that it only opens yammer app, and no redirection to my web app actually happens.
This only happens on iphone, on all other devices it works, on android also works with yammer app installed. Somebody familiar with this ?

Logging into our site as part of FaceBook authentication on iOS

When a user clicks on the login with Facebook button on our website, we call:
https://www.facebook.com/dialog/oauth?client_id=xxxxxxx&
redirect_uri=http://xxxxx.com/Account/FBLogin&scope=email,publish_stream
Inside of our FBLogin (string code) method we do two things. First we call:
"https://graph.facebook.com/oauth/access_token?client_id=xxxxxxxxx&
redirect_uri=http://xxxxxx.com/Account/FBLogin&client_secret=xxxxxxxxxxxxx&code=" + code;
Then, if the FaceBook login was successful, we login the user into our site.
What is the equivalent of this workflow in iOS? We basically want to authenticate the user on our servers as part of the Facebook authentication. So when the Facebook authentication returns successfully, our user is also logged into our system.
Many thanks!
If you're using the Facebook iOS SDK, the SSO (single sign on) workflow is more like the Javascript SDK's workflow because the user is presented with what's similar to the JS SDK's popup: either in the form of a UIWebView, Safari Browser, or Facebook app (depending on the user's setup).
One of the most compelling features of the iOS SDK is Single Sign-On
(SSO). SSO lets users sign into your app using their Facebook
identity. If they are already signed into the Facebook iOS app on
their device, they do not have to type a username and password.
Furthermore, you can get permission from users to access their
Facebook profile information and social graph.
SSO primarily works by redirecting users to the Facebook app on their
devices. Since users are already logged into Facebook, they will not
need to enter their username and password to identify themselves. They
will see the Auth Dialog with the permissions that your app has asked
for, and will be redirected to your mobile app with the appropriate
access_token.
Developers should be aware that Facebook SSO will behave slightly
differently depending on what is installed on a user's device. This is
what happens in certain iOS configurations:
If the app is running in a version of iOS that supports multitasking,
and if the device has the Facebook app of version 3.2.3 or greater
installed, the SDK attempts to open the Auth Dialog within the
Facebook app. After the user grants or declines, the Facebook app
redirects back to the calling app, passing the access token,
expiration, and any other parameters the Facebook OAuth server may
return.
If the app is running in a version of iOS that supports multitasking,
but the device doesn't have the Facebook app of version 3.2.3 or
greater installed, the SDK will open the Auth Dialog in the Safari
mobile browser. After the user grants or revokes the authorization,
Safari redirects back to the calling app. Similar to the Facebook app
based authorization, this allows multiple apps to share the same
Facebook user access_token through the Safari cookie.
If the app is running in a version of iOS that does not support
multitasking, the SDK uses the old mechanism of popping up an inline
UIWebView, prompting the user to log in to Facebook and grant access.
The FBSessionDelegate is a callback interface that your app should
implement: The delegate methods will be invoked when the app
successful logs in or logs out. Read the iOS SDK documentation for
more details on this delegate.
... when the user finishes either signing in or not signing in and returns to your app from the "popup", your app has to decide what to do based on whether or not the user logged in/authorized the app (and a valid access token received).
Please read this for more info:
https://developers.facebook.com/docs/mobile/ios/build/#implementsso

App Store can accept this flow or not

I have integrated Facebook functionality into my applications. By using the link https://github.com/facebook/facebook-ios-sdk, I have integrated the Facebook. In this application, at the time of login, it's opening Safari and at the same time the application is going to the background and then after login again it's coming back to the application. My intention is that this flow can accept the application store or not.
This is the official Facebook iOS SDK and many apps in App Store already use it. So you can use it inside your app.
Also, the flow in your question is exactly what the documentation of the library describes and is, again, used by apps that are already in App Store:
If the device is running in a version of iOS that supports multitasking, but it doesn't have the Facebook app of version 3.2.3 or greater installed, the SDK will open the authorization dialog in Safari. After the user grants or revokes the authorization, Safari redirects back to the calling app. Similar to the Facebook app based authorization, this allows multiple apps to share the same Facebook user access_token through the Safari cookie.
So, yes, there is nothing wrong with this flow.

First time authorization fails with FBConnect via mobile app

After downloading my app from app store (or via OTA) and trying to share via FBConnect SDK, the mobile app is launched but returns almost immediately to the app with error -999, without asking user for authorizations.
After that, clicking on FB share button reopens the mobile app and all goes well, authorizations are asked, my app is called back and display the FB dialog.
That issue only happens once : if I uninstall/reinstall the app and remove the FBapp authorizations from my FB account, all goes well.
I already specified the BundleID/iTunes App ID in the "Native iOS App" menu, and use the last FacebookConnect SDK.
Anyone experienced the same issue ?