auth0/auth0-flutter

Logout does not support SafariViewController

Closed this issue · 2 comments

MatthiasDh commented

Checklist

Description

Reading the docs it state that we can use the SafariViewController for authentication on login by providing
safariViewController: const SafariViewController(), to the login params.

However when doing the Logout, we can't specify that we want to use the safariViewController, as such, the credentials aren't cleared correctly.

When trying to log in again, it instant logs in as it is using the SafariViewController again and that has not been cleared.

I am not sure if I am missing something or that this is an actual bug/improvement.

Reproduction

call .login(safariViewController: const SafariViewController()) and enter your credentials.
call logout, this will not show the SafariViewController
call .login(safariViewController: const SafariViewController()) again, this now instant logs in without asking for your credentials as it uses the SafariViewControllers cookies/cache (assumption)

Additional context

No response

auth0_flutter version

^1.2,1

Flutter version

3.10.0

Platform

iOS

Platform version(s)

17

Widcket commented

Hi @MatthiasDh, thanks for raising this.

This is intentional; according to SFSafariViewController's docs, it must be used "to visibly present information to users":

Screenshot 2023-10-13 at 9 30 45 AM

This is the case for login, but not for logout. You can delete the stored credentials though (using the Credentials Manager), and use 'prompt': 'login' to force the login page.

final credentials = await auth0.webAuthentication().login(
    // ...
    parameters: {
      'prompt': 'login'
    }); // Ignore the cookie (if present) and show the login page

Since the SFSafariViewController's cookies are scoped to your app, this should not pose an issue.

MatthiasDh commented

This makes sense, thanks for the reply and help.

Can confirm that the prompt login worked!

  • 👍1