[aerogear-dev] iOS OAuth2 library throwing error on keychain read

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[aerogear-dev] iOS OAuth2 library throwing error on keychain read

Michael Doo
In the Aerogear iOS OAuth2 library, getting an error when app enters foreground after period of being in background. Specifically, in TrustedPersistantOAuth2Session.swift, KeyChainWrap.read() is (very) occasionally throwing errSecMissingEntitlement and then throwing the user over to Safari for authentication. This is a show stopper bug for our app. Some discussion of the topic and acknowledgement by Apple here: https://forums.developer.apple.com/message/9225#9225.

Best,
Michael Doo

_______________________________________________
aerogear-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/aerogear-dev
Reply | Threaded
Open this post in threaded view
|

Re: [aerogear-dev] iOS OAuth2 library throwing error on keychain read

Corinne Krych
Hello Michael,

Going through the link you sent me I saw  my comments from last July. Unfortunately, the resolution of this long known keychain issue hasn't progressed much. Besides with the limitation of closed source lib :( it is difficult to know the details of the issue. Even in the cookbook demo app I had to backup and use UntrustedMemoryOAuth2Session [1].

What I would recommend is going another route and implement you own secure OAuth2Session storage[2] using encryption lib [3]. The problem is that when you encrypt you need ti input a password which a usability trade-off to have tokens stored in a secure encrypted version. You could use TouchID [4] to make it easy.

++
Corinne


On 3 February 2016 at 20:44, Michael Doo <[hidden email]> wrote:
In the Aerogear iOS OAuth2 library, getting an error when app enters foreground after period of being in background. Specifically, in TrustedPersistantOAuth2Session.swift, KeyChainWrap.read() is (very) occasionally throwing errSecMissingEntitlement and then throwing the user over to Safari for authentication. This is a show stopper bug for our app. Some discussion of the topic and acknowledgement by Apple here: https://forums.developer.apple.com/message/9225#9225.

Best,
Michael Doo

_______________________________________________
aerogear-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/aerogear-dev


_______________________________________________
aerogear-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/aerogear-dev