-
Notifications
You must be signed in to change notification settings - Fork 3.9k
Replace WebView in SAML sign in implementation #73410
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Julesssss
merged 17 commits into
Expensify:main
from
software-mansion-labs:feat/change-saml-signin-implementation
Nov 21, 2025
Merged
Changes from all commits
Commits
Show all changes
17 commits
Select commit
Hold shift + click to select a range
a937a2b
Prepare setup to remove WebView from SAML implementation
staszekscp 6a9b8ba
Remove expo-linking and maybeCompleteAuthSession
staszekscp 6a0b38b
Fix comments
staszekscp 852f386
Do not open auth session more than once per component life
mateuuszzzzz eb1f6cd
Merge branch 'main' into feat/change-saml-signin-implementation
mateuuszzzzz fcac729
Merge remote-tracking branch 'origin/main' into feat/change-saml-sign…
staszekscp a6d31dc
Merge remote-tracking branch 'origin/main' into feat/change-saml-sign…
staszekscp 29be792
Merge remote-tracking branch 'origin/main' into feat/change-saml-sign…
staszekscp 573ac74
Remove comments
staszekscp ad93a6a
Remove unnecessary return from a useEffect
staszekscp 75e781a
Add callSAMLSignOut with expo-web-browser
staszekscp 546f662
Cleanup callSAMLSignOut
staszekscp f9de2bd
Merge remote-tracking branch 'origin/main' into feat/change-saml-sign…
staszekscp a7f1e13
Fix linter and prettier
staszekscp 2360864
Navigate back when dismissing the browser
staszekscp d41cc41
Update submodule
staszekscp dd7042f
Extract SAML_REDIRECT_URL to CONST
staszekscp File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need to pass
redirectUrltoopenAuthSessionAsync?I can’t test this and I’m not very familiar with the internals, but based on the docs and what AI explained, the flow probably looks like this:
iOS:
ASWebAuthenticationSessionwon’t detect a successful redirect unless a validredirectUrlis provided. Without it, the sheet won’t auto-close. The promise resolves only when the user manually dismisses it, returningtype: 'cancel'with no URL. Your logout logic will still run (since it doesn’t depend on the URL), but you won’t get a deterministic success signal.Android: You’ll usually get a “dismissed” result rather than a “success” unless the login flow triggers a deep link back into the app. And since you're not listening for
Linkingevents, you wouldn't make use of the returned URL anyway.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes,
redirectUrlis something that app is listening for to close the browser and come back to the app. The problem is that we would have to change the backend, and trigger a specific redirect withexpensifyscheme and 302 code to make that work. That's why for the V1 we're going to skip it, and allow users to close the browser upon sing out.