Yes, in July we recommended using the system browser rather than WebViews.
About that time Apple announced Safari view controller and Google Chrome custom tabs. The code in the OS is now stable and we have done a fair amount of testing. The OIDF will shortly be publishing reference libraries for iOS and Android to how how to best use View Controllers, and PKCE in native apps on those platforms. We do need to update this doc to reflect what we have learned in the last 6 months. One problem we do still have is not having someone with Win 10 mobile experience to help document the best practices for that platform. I don’t understand that platform well enough yet to include anything. John B. > On Jan 20, 2016, at 12:40 PM, Aaron Parecki <aa...@parecki.com> wrote: > > The section on embedded web views doesn't mention the new iOS 9 > SFSafariViewController which allows apps to display a system browser within > the application. The new API doesn't give the calling application access to > anything inside the browser, so it is acceptable for using with OAuth flows. > I think it's important to mention this new capability for apps to leverage > since it leads to a better user experience. > > I'm sure that can be addressed in the coming months if this document is just > the starting point. > > I definitely agree that a document about native apps is necessary since the > core leaves a lot of guessing room for an implementation. > > For reference, > https://developer.apple.com/library/prerelease/ios/releasenotes/General/WhatsNewIniOS/Articles/iOS9.html#//apple_ref/doc/uid/TP40016198-DontLinkElementID_26 > > <https://developer.apple.com/library/prerelease/ios/releasenotes/General/WhatsNewIniOS/Articles/iOS9.html#//apple_ref/doc/uid/TP40016198-DontLinkElementID_26> > > And see the attached screenshot for an example of what it looks like. > > <embedded-oauth-view.png> > > ---- > Aaron Parecki > aaronparecki.com <http://aaronparecki.com/> > @aaronpk <http://twitter.com/aaronpk> > > > On Tue, Jan 19, 2016 at 3:46 AM, Hannes Tschofenig <hannes.tschofe...@gmx.net > <mailto:hannes.tschofe...@gmx.net>> wrote: > Hi all, > > this is the call for adoption of OAuth 2.0 for Native Apps, see > http://datatracker.ietf.org/doc/draft-wdenniss-oauth-native-apps/ > <http://datatracker.ietf.org/doc/draft-wdenniss-oauth-native-apps/> > > Please let us know by Feb 2nd whether you accept / object to the > adoption of this document as a starting point for work in the OAuth > working group. > > Note: If you already stated your opinion at the IETF meeting in Yokohama > then you don't need to re-state your opinion, if you want. > > The feedback at the Yokohama IETF meeting was the following: 16 persons > for doing the work / 0 persons against / 2 persons need more info > > Ciao > Hannes & Derek > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org <mailto:OAuth@ietf.org> > https://www.ietf.org/mailman/listinfo/oauth > <https://www.ietf.org/mailman/listinfo/oauth> > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
