Authenticator intercepts URLs if urlScheme is elsewhere in the app, causes UDID to reset

[idpaterson]

I love the custom urlScheme for authentication because it makes integration easy without requiring a URL based on the app ID. However, it was not clear in the documentation that the authenticator will attempt to handle all URLs with that scheme as if they were a UDID-containing URL.

I set the urlScheme to a generic scheme that is based on the bundle ID. In QA we found that a few navigational links in the app were no longer working and traced it back to -[BITAuthenticator UDIDFromOpenURL:annotation:isValidURL:]. The assumption made in this method is that any URL with the urlScheme is to be handled as a UDID link, so it was short-circuiting our own link handling.

Furthermore, every time we clicked a custom link it reset the UDID in HockeySDK and the next launch showed an authenticator popup.

I think there are two options here but I would prefer the first since it seems safer if a dev doesn't read the docs well enough:

1. Add a sanity check to ensure that the URL is actually intended for HockeySDK, setting *isValid = NO if it is unrecognized to avoid deleting the stored UDID
2. Update the documentation to state that the URL scheme has to be unique to HockeySDK (in which case we would just append .ha as an alternate scheme)

Maybe the best route is to do both, make sure that URL handling does not break if the same scheme is used but suggest using a separate scheme to avoid collisions (for instance if the app also has an *://authorize url)?

[diederich]

Good points, thanks and sorry for the trouble.

We'll look into it and probably do both as suggested.

[diederich]

I hope the above commit fixes your use case. Please let us know if it's not working as expected.

[idpaterson]

Perfect, same fix I applied in the interim. Thank you for that and also the explicit documentation!