Use ASWebAuthenticationSession to display OIDC account management URL (#7671)

Co-authored-by: Doug <douglase@element.io>
2026-04-18 23:48:29 +02:00 · 2023-09-12 18:05:52 +01:00
parent a7c8905b10
commit dde602beac
7 changed files with 158 additions and 19 deletions
--- a/Riot/Modules/Settings/Security/ManageSession/ManageSessionViewController.m
+++ b/Riot/Modules/Settings/Security/ManageSession/ManageSessionViewController.m
@@ -45,7 +45,7 @@ enum {
 };


-@interface ManageSessionViewController () <UserVerificationCoordinatorBridgePresenterDelegate>
+@interface ManageSessionViewController () <UserVerificationCoordinatorBridgePresenterDelegate, SSOAuthenticationPresenterDelegate>
 {
    // The device to display
    MXDevice *device;
@@ -64,6 +64,8 @@ enum {

@property (nonatomic, strong) ReauthenticationCoordinatorBridgePresenter *reauthenticationCoordinatorBridgePresenter;

+@property (nonatomic, strong) SSOAuthenticationPresenter *ssoAuthenticationPresenter;
+
@end

@implementation ManageSessionViewController
@@ -679,17 +681,19 @@ enum {
 {
    UIAlertController *alert = [UIAlertController alertControllerWithTitle: [VectorL10n manageSessionRedirect] message: nil preferredStyle:UIAlertControllerStyleAlert];
    
-    __weak typeof(self) weakSelf = self;
+    MXWeakify(self);
    UIAlertAction *action = [UIAlertAction actionWithTitle:[VectorL10n ok]
                                                     style:UIAlertActionStyleDefault
                                                   handler: ^(UIAlertAction * action) {
-        [UIApplication.sharedApplication openURL:url options:@{} completionHandler:^(BOOL success) {
-            if (success && weakSelf)
-            {
-                [weakSelf withdrawViewControllerAnimated:YES completion:nil];
-            }
-        }];
+        MXStrongifyAndReturnIfNil(self);
+        SSOAccountService *service = [[SSOAccountService alloc] initWithAccountURL:url];
+        SSOAuthenticationPresenter *presenter = [[SSOAuthenticationPresenter alloc] initWithSsoAuthenticationService:service];
+        presenter.delegate = self;
+        self.ssoAuthenticationPresenter = presenter;
+        
+        [presenter presentForIdentityProvider:nil with:@"" from:self animated:YES];
    }];
+    
    [alert addAction: action];
    [self presentViewController:alert animated:YES completion:nil];
 }
@@ -755,4 +759,27 @@ enum {
    [self reloadDeviceWithCompletion:^{}];
 }

+#pragma mark - SSOAuthenticationPresenterDelegate
+
+- (void)ssoAuthenticationPresenterDidCancel:(SSOAuthenticationPresenter *)presenter
+{
+    self.ssoAuthenticationPresenter = nil;
+    MXLogDebug(@"OIDC account management complete.")
+    [self withdrawViewControllerAnimated:YES completion:nil];
+}
+
+- (void)ssoAuthenticationPresenter:(SSOAuthenticationPresenter *)presenter authenticationDidFailWithError:(NSError *)error
+{
+    self.ssoAuthenticationPresenter = nil;
+    MXLogError(@"OIDC account management failed.")
+}
+
+- (void)ssoAuthenticationPresenter:(SSOAuthenticationPresenter *)presenter
+  authenticationSucceededWithToken:(NSString *)token
+             usingIdentityProvider:(SSOIdentityProvider *)identityProvider
+{
+    self.ssoAuthenticationPresenter = nil;
+    MXLogWarning(@"Unexpected callback after OIDC account management.")
+}
+
@end