Fix Web Auth race condition [SDK-3522] #731
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
📋 Changes
This PR fixes a race condition in Web Auth code that lead to a crash when using Auth0.swift with async/await. In particular, the crash happens when the login button is rapidly tapped twice while the app window is not active yet, for example while dismissing the iOS Control Center.
The race condition happens due to the SDK cancelling the previous Web Auth transaction (when one exists) right before replacing it with a new one. Cancelling a transaction is an async operation as it leads to an error being reported via the result callback, and it might not complete before the new transaction fails too (because the app window is not active), leading to the continuation callback being called twice.
Besides no longer attempting to cancel the previous transaction (which is not really necessary, as the transaction is getting replaced), the changes also ensure the transaction is always cleared before calling the continuation callback –as it should.
📎 References
Fixes #729
🎯 Testing
The changes were tested manually with an iPhone 11 Pro running iOS 15.6, with Xcode 13.4.1 (13F100). The changes were profiled as well to check that no memory leak was introduced.