我有一个iOS应用程序,使用UIWebView中的OAuth2对Uber API进行身份验证。升级到iOS 9时,我遇到了ATS阻止登录页面的https请求的问题。然后我为优步登录页面添加了一个例外,但随后发现登录页面向Facebook,亚马逊网络服务和其他网站提出了其他几个请求,这些请求都被ATS阻止。
我不想维护优步登录页面的例外列表,因为优步可以轻松更改其页面,我的应用程序也没有正确的例外情况。所以我决定给SFSafariViewController一个镜头。
我能够使用SFSafariViewController完成OAuth2流程,问题是当身份验证完成时,Uber会存储某种类型的Cookie。如果我想验证其他帐户并再次调出SFSafariViewController,则会从之前的身份验证中获取Cookie,并且无法对其他帐户进行身份验证。通过UIWebView删除Cookie,我通过NSHTTPCookieStorage解决了这个问题,但我没有看到从SFSafariViewController删除Cookie的方法。
答案 0 :(得分:2)
对于iOS 9及更高版本,最佳选择是使用WKWebView
中提供的WebKit Framework类提供了WKWebsiteDataStore,可用于删除webview使用的Cookie /缓存,例如:https://stackoverflow.com/a/31803708/313113或https://stackoverflow.com/a/32491271/313113
根据文档:SFSafariViewController与Safari共享Cookie和其他网站数据,并且因为它在您应用的流程之外运行(出于安全原因),您无法从应用内部修改其状态。 请联系Apple客户支持并获得以下回复的人员:https://stackoverflow.com/a/34136074/313113:
SFSafariViewController在我的应用程序进程之外运行并按顺序运行 为了安全我的应用程序无法修改SFSafariViewController的状态。在 换句话说,我的App无法清除存储的凭据 SFSafariViewController。
答案 1 :(得分:2)
So I ran into this same issue and saw your question when searching for how to solve this. In my case the best solution I came up with was doing the logout stuff for in the app and then presenting a SFSafariViewController pointed at our logout url. I then used this to close the SFSafariViewController as soon as it was done loading:
extension AlertsTableViewController: SFSafariViewControllerDelegate {
public func safariViewController(_ controller: SFSafariViewController, didCompleteInitialLoad didLoadSuccessfully: Bool) {
if controller == logoutSVC {
controller.dismiss(animated: false)
}
}
}
I stored the SFSafariViewController in logoutSVC so I only run this code if this is the logout SFSafariViewController. In your case it sounds like you just did an API call to revoke the OAuth token which is a little nicer since it doesn't show to the user at all but this is good for instances where you don't have such access. One more thing, for some reason I had to call the dismiss(animated: false) method on the SFSafariViewController instead of actual current UIViewController for some reason. Took me a sec to figure out why it wasn't working for me.