Blank screen after authenticating through an IdP
-
I am currently developing an iOS application using React Native and I've encountered a problem while trying to implement SAML-based authentication with FusionAuth.
I've created a new app within FusionAuth and confirmed that the authentication process works correctly, redirecting back to my iOS application post-authentication. However, when I attempt the same process using a SAML Identity Provider (IdP), I encounter an issue. I have set up the SAML IdP and enabled registrations with the FusionAuth app.
From the React Native application, I am able to trigger the authorize call, which allows me to sign in via the SAML IdP. After entering my credentials, the IdP successfully redirects the WebView to the FusionAuth URL. At this stage, I can confirm that the SAML IdP has authenticated the user successfully, as reflected in the FusionAuth logs.
The problem arises after this point. Rather than redirecting back to my iOS app, the WebView remains stuck on a blank screen. This behaviour is contrary to what I expected and I'm not sure how to address this. Can you provide some guidance on what might be going wrong here?
below is the log corresponding to this issue:
SAML v2 IdP AuthN Request Debug Log for [Sample-Idp] [c351023d-e28d-4d0f-ad90-xxxxxxxxx]6/8/2023 09:37:27 PM Z Build the AuthN SAML v2 request.
6/8/2023 09:37:27 PM Z Begin AuthN request by calling /api/identity-provider/start to register a SAML v2 request Id.
6/8/2023 09:37:27 PM Z Start request returned request Id [id53db49312f6b432887b28edeb6cxxxxx]
6/8/2023 09:37:27 PM Z AuthN request being sent to the identity provider.
6/8/2023 09:37:27 PM Z https://idp-url-here.com
6/8/2023 09:37:27 PM Z Binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
6/8/2023 09:37:27 PM Z Encoded request: SomeTokenHere
6/8/2023 09:37:27 PM Z Relay state: AnotherTokenHere
6/8/2023 09:37:27 PM Z Un-encoded XML request:<?xml version="1.0" encoding="UTF-8"?><ns3:AuthnRequest xmlns:ns3="urn:oasis:names:tc:SAML:2.0:protocol" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" xmlns:ns4="http://www.w3.org/2001/04/xmlenc#" AssertionConsumerServiceURL="https://xxxxxx.fusionauth.io/samlv2/acs" ID="xxxxIdHere" IssueInstant="2023-06-08T21:37:27.293Z" Version="2.0">
<Issuer>https://xxxxxx.fusionauth.io/samlv2/sp/some-id-here</Issuer>
<ns3:NameIDPolicy AllowCreate="false" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
</ns3:AuthnRequest>again, it works correctly and redirects back to the app when using the fusion auth authentication.
-
@alex-2 Hmmm, curious.
What is the redirect URI or redirect URIs of the application configuration?
Is there any additional debug information when you run this in the iOS simulator?
Where are you running FusionAuth? Is the SSL certificate self-signed?
Are you using a webview? That's not typically recommended, as using safari (ASWebAuthenticationSession, to be precise) is the better path. One possible solution would be to use AppAuth, an iOS library, and see if the issue is present there.