Use Safari for OIDC account URL. (#1591)

* Handle RP-Initiated Logout URL.

Safari is only used on devices, the simulator doesn't work properly.

ElementX/Sources/Application/AppCoordinator.swift

@@ -397,19 +397,25 @@ class AppCoordinator: AppCoordinatorProtocol, AuthenticationCoordinatorDelegate,
         }
 
         Task {
-            //  first log out from the server
-            _ = await userSession.clientProxy.logout()
+            // First log out from the server
+            let accountLogoutURL = await userSession.clientProxy.logout()
 
-            //  regardless of the result, clear user data
+            // Regardless of the result, clear user data
             userSessionStore.logout(userSession: userSession)
             tearDownUserSession()
 
-            // reset analytics
+            // Reset analytics
             ServiceLocator.shared.analytics.optOut()
             ServiceLocator.shared.analytics.resetConsentState()
 
             stateMachine.processEvent(.completedSigningOut(isSoft: isSoft))
 
+            // Handle OIDC's RP-Initiated Logout if needed. Don't fallback to an ASWebAuthenticationSession
+            // as it looks weird to show an alert to the user asking them to sign in to their provider.
+            if let accountLogoutURL, UIApplication.shared.canOpenURL(accountLogoutURL) {
+                await UIApplication.shared.open(accountLogoutURL)
+            }
+
             hideLoadingIndicator()
         }
     }

ElementX/Sources/Screens/Settings/SettingsScreen/SettingsScreenCoordinator.swift

@@ -88,12 +88,19 @@ final class SettingsScreenCoordinator: CoordinatorProtocol {
             return
         }
 
-        // Safari never works in the simulator, use a Web Authentication Session instead.
-        accountSettingsPresenter = OIDCAccountSettingsPresenter(accountURL: accountURL, presentationAnchor: window)
-        accountSettingsPresenter?.start()
+        #if targetEnvironment(simulator)
+        let canOpenURL = false // Safari can't access the cookie on the iOS 16 simulator 🤷‍♂️
+        #else
+        let canOpenURL = UIApplication.shared.canOpenURL(accountURL)
+        #endif
 
-        // Safari isn't working with the shared browser session 😕
-        // UIApplication.shared.open(accountURL)
+        if canOpenURL {
+            UIApplication.shared.open(accountURL)
+        } else {
+            // Fall back to an ASWebAuthenticationSession to handle the URL inside the app.
+            accountSettingsPresenter = OIDCAccountSettingsPresenter(accountURL: accountURL, presentationAnchor: window)
+            accountSettingsPresenter?.start()
+        }
     }
 
     private func presentAnalyticsScreen() {

ElementX/Sources/Services/Client/ClientProxy.swift

@@ -306,13 +306,13 @@ class ClientProxy: ClientProxyProtocol {
         }
     }
 
-    func logout() async {
+    func logout() async -> URL? {
         await Task.dispatch(on: clientQueue) {
             do {
-                // We aren't currently handling the RP initiated sign out URL.
-                _ = try self.client.logout()
+                return try self.client.logout().flatMap(URL.init(string:))
             } catch {
                 MXLog.error("Failed logging out with error: \(error)")
+                return nil
             }
         }
     }

ElementX/Sources/Services/Client/ClientProxyProtocol.swift

@@ -107,7 +107,7 @@ protocol ClientProxyProtocol: AnyObject, MediaLoaderProtocol {
 
     func sessionVerificationControllerProxy() async -> Result<SessionVerificationControllerProxyProtocol, ClientProxyError>
 
-    func logout() async
+    func logout() async -> URL?
 
     func setPusher(with configuration: PusherConfiguration) async throws
 

ElementX/Sources/Services/Client/MockClientProxy.swift

@@ -116,8 +116,8 @@ class MockClientProxy: ClientProxyProtocol {
         }
     }
 
-    func logout() async {
-        // no-op
+    func logout() async -> URL? {
+        nil
     }
 
     var setPusherErrorToThrow: Error?

changelog.d/pr-1591.change

@@ -0,0 +1 @@
+Use Safari for OIDC account management.