[Webkit-unassigned] [Bug 213510] iOS 14: ITP causes issues for hybrid (WKWebView) apps using cookies for authentication etc.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Mar 17 04:31:26 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=213510
Aurel Avramescu <aurel at urban-mobility.io> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |aurel at urban-mobility.io
--- Comment #45 from Aurel Avramescu <aurel at urban-mobility.io> ---
Hi all,
Let's consider the following situation (that I am struggling currently with):
- I have IoS app A
- IdP SSO Proxy
- 2 federated IdP's -> IdP1 and IdP2
1. The user choose IdP1 to register with
2. He gets the confirmation email
3. Open email app and click on the confirmation
4. The IdP1 process all the data and perform a post back to IdP proxy
5. The IdP proxy cannot find his cookies, because is no shared cookie storage between apps developed by different developers and even if the use is authenticated, throws a 400 because can't match the correlation id
None of the cookies are cross-domain, the only problem it is with the cookie storage, and basically it is very, very difficult to use federated SSO with native apps, or at least in this moment I am running out of ideas.
Regards,
Aurel
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210317/2cc37a08/attachment.htm>
More information about the webkit-unassigned
mailing list