Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SIWA] Handle credential state changes #12585

Merged
merged 5 commits into from Oct 2, 2019
Merged

[SIWA] Handle credential state changes #12585

merged 5 commits into from Oct 2, 2019

Conversation

ScoutHarris
Copy link
Contributor

Ref #12399
Related WPAuth PR: wordpress-mobile/WordPressAuthenticator-iOS#139

This uses the WPAuth changes to:

  • Accept the CredentialState provided by WPAuth.
  • If the user id is revoked, log out of the account.

There should be no visible difference from the previous implementation.

To test:

This should be tested on a real device for proper keychain handling.

  • Log in / sign up with Apple.
  • Background the app.
  • Disconnect in your Apple account on the device.
    • Go to iOS Settings.
    • Select your iCloud account at the top.
    • Go to Password & Security > Apps Using Your Apple ID.
    • Select WordPress > Stop Using Apple ID.
  • Open the app.
  • The app should log you out.

Update release notes:

  • I have considered if this change warrants user-facing release notes and have added them to RELEASE-NOTES.txt if necessary.

@ScoutHarris ScoutHarris added the Sign In With Apple Sign In With Apple label Sep 30, 2019
@ScoutHarris ScoutHarris added this to the 13.4 milestone Sep 30, 2019
@ScoutHarris ScoutHarris self-assigned this Sep 30, 2019
@ScoutHarris ScoutHarris mentioned this pull request Sep 30, 2019
Merged
frosty
frosty reviewed Oct 1, 2019
View reviewed changes
Copy link
Contributor

@frosty frosty left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! One request for a change to fix a bug I found. We can address it separately if you like, but it might make sense to roll it in here :)

WordPress/Classes/System/WordPressAppDelegate.swift Outdated
DDLogInfo("checkAppleIDCredentialState: Unauthorized Apple ID. User signed out.")
switch state {
case .revoked:
DDLogInfo("checkAppleIDCredentialState: Revoked Apple ID. User signed out.")
self?.logOutDefaultWordPressComAccount()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should also ensure we delete the Apple ID from the keychain on log out. I noticed an issue with my device where it somehow still has the Apple ID in the keychain, even though I logged out and logged back in with a different account. Because of this, each time we do the apple credential state check here, the app sees I have a revoked ID and logs me out again.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @frosty . Nice catch! It has been done. See what you think now. Thanks!

@ScoutHarris ScoutHarris merged commit d3ac4a0 into develop Oct 2, 2019
@ScoutHarris ScoutHarris deleted the issue/12399-siwa_handle_credential_state_changes branch October 2, 2019 23:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@frosty frosty frosty approved these changes

@astralbodies astralbodies Awaiting requested review from astralbodies

Assignees

@ScoutHarris ScoutHarris

Labels
Sign In With Apple Sign In With Apple
Projects
None yet
Milestone
13.4
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@ScoutHarris @frosty