Keep authgearSessionStateDidChange only

All standard attributes and custom attributes should be shown

Please refer to authgear/authgear-sdk-android#9 for the rationale.

• Do not add prompt=login to example
• Store id token
• Add getIDTokenHint
• Expose refreshIDToken
• Add canReauthenticate
• Add getAuthTime
• Add reauthenticate
• Update example to show how to use reauthentication

authgear/authgear-server#973

• Support ui variant: asWebAuthenticationSession, wkWebView and wkWebViewFullScreen

shouldRefreshAccessToken can be called in worker thread, and refreshToken etc are read, are variables read/write atomic by default in swift?
https://github.com/authgear/authgear-sdk-ios/blob/master/Sources/Authgear.swift#L110
https://github.com/authgear/authgear-sdk-ios/blob/master/Sources/Authgear.swift#L502

iOS issue for authgear/authgear-server#1391

Fails before the lint and build started

  sudo xcode-select -s /Applications/Xcode_11.app/Contents/Developer
  shell: /bin/bash -e {0}
xcode-select: error: invalid developer directory '/Applications/Xcode_11.app/Contents/Developer'

Describe the bug
The "Face ID permission denied" error message is If the developer should performed checking, then it is likely that you have denied the permission of Face ID., which is confusing to users.

Authgear Version

• Version: Staging

To Reproduce
Steps to reproduce the behavior:

1. Log in to the app project portal on iOS devices with added biometric features
2. Deny the app request for the Biometric permission
3. Enable biometric
4. See the confusing error message

Expected behavior
Should show clear error messages about the missing access permission for Biometrics features (biometric features can be fingerprint but not Face ID)

Screenshots

Client Env (if applicable, please complete the following information):

• Device: Samsung s21 FE, iPhone 11 Pro
• OS: win 11, Android 12, iOS 16
• Browser: Chrome
• Browser Version: 108.0.5359.99

Description

Duplicated installation info in Readme and Authgear Doc website

Expected

As suggested by @chpapa, should consolidate all info on Authgear Doc website to reduce redundancy and for easier maintenance.

Screenshots

ref authgear/authgear-server#1119

• Demonstrate usage of all basic authgear API
  • authorize
  • logout
  • authenticate anonymously
  • promote user
  • open url
• show basic authgear config
  • client id
  • authgear endpoint
• show obtained user info
  • access token
  • is anonymous (get from claim)
  • user name (get from claim)

When programmatically focus an input field after a navigation event,
By default webkit would not show the keyboard on screen.

There is a workaround (becomeFirstResponder on viewDidAppear) would work on iOS16.

Todo: Support iOS16 but not older iOS versions

If we use ASWebAuthenticationSession, there will be an alert with message{appName} want to use {domain} to sign in ..., some customers might not want the alert. Hence we want an alternative way to complete auth with Authgear web UI.

We want the new solution to be able to handle callback from Authgear server

Note that prompt is actually space-separated values in the OIDC spec. So the precise data type should be an array of string.

All "c" in the wechat name should be lower case

ref authgear/authgear-server#1049

• configure can be called more than once.
• configure does NOT do network IO.
• configure does local file IO.
• Refresh access token lazily.
• API to support developer calling their app server with access token
  • authgear.refreshTokenIfNeeded() developer should call it before every api call to ensure access token up to date
  • authgear.accessToken get the access token from authgear SDK and inject into their application request
  • authgear.clearSessionState() allow developer to clear SDK logged in state, when they find user session is invalid

Provide delegate for developer to call WeChat SDK when user click login with wechat

• do not request full access for third-party clients
• open settings page through app session in webview

authgear/authgear-sdk-flutter#11

iOS is using make authentication session for open URL, not sure if this is correct

Session action would not be executed if handler is nil.

https://forums.swift.org/t/xcode-14-1-withcheckedcontinuations-body-will-run-on-background-thread-in-case-of-starting-from-main-actor/60953/4

• Support App2AppOptions in constructor (1)

• Modify finishAuthentication to pass x_app2app_device_key_jwt during token exchange (2)

  • Generate and store device key in keychain
  • Only pass this parameter if App2AppOptions is not null
    - [ ] Modify refreshAccessToken to pass x_app2app_device_key_jwt during refresh (1)
    - Only pass this parameter if App2AppOptions is not null

• Implement method startApp2AppAuthentication(authorizationEndpoint: String, redirectURI: string)

  • Open authorizationEndpoint with code challenge. Enforce using universal link (2)

• Implement method approveApp2AppAuthenticationRequest(request: App2AppAuthenticationRequest)

  • Call token endpoint using grant_type=urn:authgear:params:oauth:grant-type:app2app with proper jwt (1)
  • Open redirect_uri with code. Enforce using universal link

• Implement method rejectApp2AppAuthenticationRequest(request: App2AppAuthenticationRequest, error: Error)

• Implement parseApp2AppAuthenticationRequest

  • Parse url to obtain client_id redirect_uri code_challenge (1)

• Implement method handleApp2AppAuthenticationResult(uri: Uri)

  • Do all things we did in finishAuthentication (2)

• Use secure enclave if possible

• Implement app2app in exmaple app (3)

In Decodable+Any.swift, using Optional, violate typeSugar lint rule

Currently when encountering error in biometric api, we throw the original error from the native api to user. For user to handle the error more easily, we should provide utils function for user to identify errors, like what we did in js sdk.

https://github.com/authgear/authgear-sdk-js/blob/master/packages/authgear-react-native/src/error.ts#L82

Video tested on chromium edge 87.0.664.75 windows

Testing on chrome 87.0.4280.141 windows it doesn't seem like a full page load but a loading bar is shown 🤔

Current behavior is that logging out only revoke the refresh token, but the user session in the web is still valid. After a user log out, and login again, since the session in the web view is still valid, the web view would redirect the user to redirect uri directly without user inputting anything. This is undesirable if user really wants to login with another account.

Adding prompt="login" is the oauth way to suppress the auto-redirect behavior and allow authorization with another account.

• The API reference in https://authgear.github.io/authgear-sdk-ios/ is outdated
• There is no release since 2020, while the SDK has been changed a lot