Keychain is cleared on upgrade from 3.8.0 to 3.10.8 / 3.11.0

Question

Keychain is cleared on upgrade from 3.8.0 to 3.10.8 / 3.11.0

Closed this issue 3 years ago · 6 comments

We are using oktaoidc in iOS app. Presently we have upgraded oktaOIDC from 3.8.0 to 3.10.8 / 3.11.0.
In this process last logged in user value stored in keychain is cleared. In earlier cases it never cleared on upgrade.
Let me know is there any solution not clear the keychain value.

Thank you,
Shivayogi

Answer 1 · 2021-12-14T10:12:25.000Z

Hey @shivayogic

Sorry to hear about the issue.

I took a look at git history but didn't find any suspicious changes to related logic.

How do you think may it be related to #320? It would be great if you provide some technical details (logs, crash logs, steps to reproduce etc.).

Answer 2 · 2021-12-14T13:08:52.000Z

Hey, In my opinion #320 is not the scenario. Below are the steps:

In the previous version of App we are using OktaOIDC 3.8.0
When we log into the app user is authenticated and stored in keychain of okta
Now I will update the OktaOIDC pod to 3.10.8 or even 3.11.0 in my app and upgrade it one the App which was built in step 1
Launch the app. When I tried to get the key from keychain which was stored as part 2 was cleared out. Hence I have logout of the user.

My question is, Is keychain will be cleared on upgrade of the sdk?

Answer 3 · 2021-12-14T16:11:42.000Z

This behavior is not supposed to be.

So I created internal issue, ref. OKTA-454163. Let you know about the results.
For now, if it's possible downgrade to 3.8.0. Thanks

Answer 4 · 2021-12-14T17:23:07.000Z

Thank you for looking into the issue.

Answer 5 · 2021-12-21T13:48:05.000Z

Hey @shivayogic
I tried to reproduce the issue on our sample in different ways but I have no problem. Switching from 3.8.0 to 3.11.0 works, I get the same access token from Keychain.
I investigate our code and seems OktaOidcKeychain has not been changed for a while. So Keychain related functionality works as worked before.

Pay attention, we deprecated clear method. It does clears everything from Keychain, even keys not related to the SDK (all previously saved in the app keys).

We would appreciate if you provide more details. Also, it would be extremely helpful if you can reproduce the issue on our samples.

Answer 6 · 2022-01-10T17:13:09.000Z

@shivayogic I hope it works for you.
I close the issue for now as no response provided. Please, feel free to drop any updates here or re-open the issue.