A swift client library for GoTrue.

Overview

gotrue-swift

Swift client for the GoTrue API.

Using

The usage should be the same as gotrue-js except:

Oauth2:

  • signIn with oauth2 provider only return provider url. Users have to launch that url to continue the auth flow.
  • After receiving callback uri from oauth2 provider, use getSessionFromUrl to parse session data.

Persist/restore session:

  • Default persist storage provided using UserDefaults.

Contributing

  • Fork the repo on GitHub
  • Clone the project to your own machine
  • Commit changes to your own branch
  • Push your work back up to your fork
  • Submit a Pull request so that we can review your changes and merge

License

This repo is licensed under MIT.

Credits

Comments
  • getSessionFromUrl expects query but receives fragment (using ASWebAuthenticationSession)

    getSessionFromUrl expects query but receives fragment (using ASWebAuthenticationSession)

    I'm a bit confused about how this lib is supposed to be used for signing in via a Provider (e.g. Google Oauth).

    As mentioned by this issue in the supabase/supabase repo (see screenshot below) callbacks come with params as a fragment, not a query.

    However this lib asserts that a query is required to parse a Provider based sign-in: https://github.com/supabase-community/gotrue-swift/blob/5a5aca5aa63fbb4639458dc0c044f17586c3c9d7/Tests/GoTrueTests/GoTrueTests.swift#L45-L68

    So the following code fails:

    func authenticate() {
      let client = SupabaseClient(supabaseUrl: host, supabaseKey: clientId)
    
      client.auth.signIn(provider: .google, options: .init(redirectTo: "my-app://supabase-oauth-callback", scopes: nil)) { authReslt in
        switch authReslt {
        case .success(let url):
          let session = ASWebAuthenticationSession(url: url, callbackURLScheme: "my-app") { callbackUrl, error in
            guard error == nil, let callbackUrl = callbackUrl else { return } // handle this error case
    
            // will fail on the line below because the url will be `my-app//supabase-oauth-callback#access_token=.....`
            // rather than `my-app//supabase-oauth-callback?access_token=.....`
            client.auth.getSessionFromUrl(url: callbackUrl.absoluteString) { sessionResult in
              switch sessionResult {
              case .success:
                // login succeeded
              case .failure:
                // handle login failure           
              }
            }
          }
          
          session.presentationContextProvider = self
          session.start()             
        case .failure:
          continuation.resume(returning: false)
        }
      }
    }
    

    This is the exact callbackUrl that this code receives:

    my-app://supabase-oauth-callback#access_token=ACCESS_TOKEN&expires_in=3600&provider_token=PROVIDER_TOKEN&refresh_token=REFRESH&token_type=bearer
    

    supabase/supabase discussions/2133

    Screenshot 2022-06-08 at 23 28 30
    opened by ky1ejs 7
  • Sign up returns error even though account is registered successfully

    Sign up returns error even though account is registered successfully

    I'm getting error even though account is successfully registered.

    Here's my code and the error: Screen Shot 2022-03-29 at 3 38 16 PM

    I'm using 0.0.4 and I have no problem when using the account to sign in.

    opened by mhaezaragoza 4
  • Make it easier to call session start for Partner login

    Make it easier to call session start for Partner login

    I'd imagine it to be fairly common that when a user of gotrue-swift wants to complete the Partner sign in process and start a session, they don't care about the Session that is created.

    opened by ky1ejs 3
  • The data couldn’t be read because it isn’t in the correct format.

    The data couldn’t be read because it isn’t in the correct format.

    Hey,

    currently experimenting with google authentication. I am able to retrieve an url after the user logs in via google. Then I am trying to get a session from this url. But it throws me this error:

    The data couldn’t be read because it isn’t in the correct format.

    This is the URL I get:

    myapp://callback#access_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJhdXRoZW50aWNhdGVkIiwiZXhwIjoxNjYwNTIyOTIxLCJzdWIiOiI0NTc1ZTgzOC03NjM4LTQ4ZjgtOGFlMC1mZGNiODk0M2E4MmMiLCJlbWFpbCI6Imdlcm5lci5iYXN0aUBnb29nbGVtYWlsLmNvbSIsInBob25lIjoiIiwiYXBwX21ldGFkYXRhIjp7InByb3ZpZGVyIjoiZW1haWwiLCJwcm92aWRlcnMiOlsiZW1haWwiLCJnb29nbGUiXX0sInVzZXJfbWV0YWRhdGEiOnsiYXZhdGFyX3VybCI6Imh0dHBzOi8vbGgzLmdvb2dsZXVzZXJjb250ZW50LmNvbS9hL0FJdGJ2bWtWWjI5d2stS0pTYVZQQVF0c19oc013Z0c3Rk54dHE5czhpNG4xPXM5Ni1jIiwiZW1haWwiOiJnZXJuZXIuYmFzdGlAZ29vZ2xlbWFpbC5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZnVsbF9uYW1lIjoiU2ViYXN0aWFuIEdlcm5lciIsImlzcyI6Imh0dHBzOi8vd3d3Lmdvb2dsZWFwaXMuY29tL3VzZXJpbmZvL3YyL21lIiwibmFtZSI6IlNlYmFzdGlhbiBHZXJuZXIiLCJwaWN0dXJlIjoiaHR0cHM6Ly9saDMuZ29vZ2xldXNlcmNvbnRlbnQuY29tL2EvQUl0YnZta1ZaMjl3ay1LSlNhVlBBUXRzX2hzTXdnRzdGTnh0cTlzOGk0bjE9czk2LWMiLCJwcm92aWRlcl9pZCI6IjExMTAzNDk1NjQxOTI5OTMyMDI2MCIsInN1YiI6IjExMTAzNDk1NjQxOTI5OTMyMDI2MCJ9LCJyb2xlIjoiYXV0aGVudGljYXRlZCJ9.sCPFtWFCQlFzpfx7PyobNCdnxYJqVgmTVyT5xnzg6IM&expires_in=3600&provider_token=ya29.A0AVA9y1vR1d7i6J7ag2je4YV2pS86q9d-zqsZPpUtO5VCDzZSmfAp2MPav8tGFKTexPlzwipMjDdIaGugS93FQXqJa-Ckk_x_V4GBoTdJbUT0vq90cJ_dX_B173FvKa5tFbueB6hmEBhH8IxHOmI4inliOiBYaCgYKATASATASFQE65dr83WmW95n0vDmiN7M6TAYs6w0163&refresh_token=Tp3Vto4DMhUzkonpf-rwsA&token_type=bearer

    Using the latest version. URL Types URL scheme and callbackURLScheme are set to: myapp redirectURL and Redirect URLs in supabase are set to: myapp://callback"

    Can anyone help me?

    Kind regards Sebastian Gerner

    opened by bastigerner 2
  • autoRefreshToken not working

    autoRefreshToken not working

    I'm currently facing the problem that users get logged out after the JWT Token expires. I assumed the Token gets automatically refreshed when the autoRefreshToken value is set to true but it doesn't.

    Error: PostgrestError(details: nil, hint: nil, code: nil, message: "JWT expired")

    Additionally, some of the examples (sign in/sign out) in the README.md are not working with the newest version and other docs are missing (authEventChange for example).

    opened by jjlange 2
  • auth.session cannot decode UUID

    auth.session cannot decode UUID

    Hi @grsouza, I have this error when using auth.session(from:), do you have any idea what's wrong?

    dataCorrupted(Swift.DecodingError.Context(codingPath: [CodingKeys(stringValue: "identities", intValue: nil), _JSONKey(stringValue: "Index 0", intValue: 0), CodingKeys(stringValue: "id", intValue: nil)], debugDescription: "Attempted to decode UUID from invalid UUID string.", underlyingError: nil))

    BTW, I'm updating from 0.0.4 (no error) to 0.0.9 (error).

    Also checked in Supabase logs, request has 200 response -- so no problem server-side.

    opened by mhaezaragoza 1
  • Linux compatibility

    Linux compatibility

    Add FoundationNetworking if available. This is allowing Linux platforms to compile the framework, since the migration of URL-related function to the FoundationNetworking framework. Update the Package.swift to accept the same platforms as supabase-swift.

    opened by mbarnach 1
  • Example code in the GitHub documentation on how to use GoTrue in Swift

    Example code in the GitHub documentation on how to use GoTrue in Swift

    As a Supabase user, I want to see an explicit code example in Swift, to be able to set up a basic user management within minutes and have a reference to the JS documentation.

    Currently the documentation doesn't help me that much as a beginner in Swift and with no experience in JS. I personally liked the introduction in the PostgREST (see https://github.com/supabase-community/postgrest-swift section "Usage") where you get a basic example to keep the connection to a db up and running. I was able to get data within 20 min. of work based on the PostgRest "tutorial".

    I wish for a short documentation of getting started with a basic user management:

    • Create a user with Supabase by providing an e-mail-address and a password (I assume it's the default).
    • Assign a session to a user so she or he can INSERT into a db with authored access only (using Supabase RLS templates).
    opened by LeoHeuser 1
  • Use Keychain for Session Storage, Session Bug Fix

    Use Keychain for Session Storage, Session Bug Fix

    What does this PR Do?

    • Moves session storage away from UserDefaults and into the more secure Keychain.
    • Fixes a bug where, after signing out, the user and session variables still held the old data from before signing out.

    Why?

    The Keychain should be used to store user data such as refresh tokens, access tokens and emails. When this data is stored in UserDefaults it can be stolen quite easily by just reading the public plist file that UserDefaults creates. This can lead to bad actors stealing user tokens with ease and using that to steal private data. This is not good.

    Storing this data in the Keychain is the safe alternative. GoTrueKeychain implements the necessary functions for storing and deleting session data from the Keychain, and GoTrueSessionManager manages migrating from UserDefaults to Keychain, and fetching and storing session data using the keychain wrapper.

    The Keychain wrapper stores the session data in a service called "supabase.gotrue.swift" so as to separate the keys stored by supabase and the keys stored by the app's developer.

    My Keychain implementation also allows for developers to set an accessGroup to store the session data in, which will allow developers to share auth state between the app and extensions such as widgets or Siri Shortcuts. By default the access group is not set and is stored in the default Keychain.

    One thing that Supabase could implement that Firebase lacks on iOS is the ability to migrate from one keychain access group to another. Possibly with an API like: auth.migrateFrom(keychainGroup, to) but that can come later. This implementation does allow for flexibility like that in the future.

    opened by thecoolwinter 1
  • Fix UserIdentity id decoding

    Fix UserIdentity id decoding

    Fixes #33

    What is the current behavior?

    The UserIdentity id attribute is currently defined as UUID, but this isn't always true.

    What is the new behavior?

    Change UserIdentity id type to String

    opened by grsouza 0
  • sample app crashing using xcframework + bazel

    sample app crashing using xcframework + bazel

    I've isolated the class - and made a complete minimal example using bazel.

    
    git clone https://github.com/wweevv-johndpope/DemoBazel/tree/supabase
    ./xcodegen app
    
    

    you may need to enable auto signing of app

    Screen Shot 2022-09-05 at 10 19 59 pm

    Please help - I'm a bit behind on timelines because of this crash.

    related - duplicated https://github.com/binaryscraping/swift-composable-keychain/issues/1

    (it seems like because the xcframework is not around - the keychain is deallocated - and not retaining itself?) I'm not sure the approach using self inside xcframework is doable?

    UPDATE I made this cheatsheet for bazel + XCFRAMEWORKS there's a way to do xcframeworks via zip + sha - but for now just dumping them into repo works for me. https://docs.google.com/presentation/d/1ZYwyA_zHjDugt4UH-APJt4qBSt_fbY_286WrgFQvdfA/edit#slide=id.p

    related https://github.com/supabase-community/supabase-swift/issues/38

    I don't know why the zombies doesn't work for these xcframeworks... that should stop the deallocation - and allow app to continue... Screen Shot 2022-09-05 at 10 43 56 pm

    UPDATE I made some effort to rewire the classes so that a chunk is instantiate from swift file locally from app. Good news is - it doesn't crash.

    https://github.com/wweevv-johndpope/DemoBazel/tree/gotrue-swift

    it's less than ideal - but can live with it for time being. So there's no supabase.xcframework and there's no gotrue.xcframework

    The BUILD files x2 compile the swift files

    Screen Shot 2022-09-05 at 11 36 26 pm

    https://github.com/wweevv-johndpope/DemoBazel/tree/gotrue-swift/GoTrue

    https://github.com/wweevv-johndpope/DemoBazel/tree/gotrue-swift/Thirdparty/Supabase

    not the bundle is dirty and there's problem some clean up necessary but it's working locally. We need to get the classes working within framework.

    opened by johndpope 0
  • The data couldn’t be read because it isn’t in the correct format(missing Provider case `phone`)

    The data couldn’t be read because it isn’t in the correct format(missing Provider case `phone`)

    Description

    GoTrue fails to decode UserIdentity.provider entity.

    Fix

    Add Provider case phone

    public enum Provider: String, Codable, CaseIterable {
     case phone
    }
    
    bug 
    opened by khamb 0
  • Support Sign in With Apple

    Support Sign in With Apple

    Feature request

    Following on the thread in https://github.com/supabase/supabase/discussions/1882 and https://github.com/supabase/supabase/discussions/2805 I looked into adding support for AuthenticationServices and in this regard ASAuthorizationAppleIDCredential.

    Is your feature request related to a problem? Please describe.

    When GoTrue signs users in using SIWA they're redirected to the OAuth apple site where they sign in and eventually GoTrue received the above parameters, just through the OAuth callback flow. If this flow were to be used on iOS, it would be a very clunky UX, and could be grounds for an iOS app to be rejected from review.

    Describe the solution you'd like

    I started work on this here: https://github.com/catlan/gotrue-swift/commit/bac99073ad56ce6fa3257f33a22a628a135e0e9a

    The problem is that the response I get: "Invalid token: signing method RS256 is invalid"

    I'm not too familiar with either Sign in With Apple nor supabase. Any clues on what is required to make this work?

    enhancement 
    opened by catlan 9
Releases(0.1.0)
  • 0.1.0(Jan 3, 2023)

  • 0.0.9(Oct 6, 2022)

    What's Changed

    • Fix UserIdentity id decoding by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/35
    • Support provider_refresh_token in session by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/34

    Full Changelog: https://github.com/supabase-community/gotrue-swift/compare/0.0.8...0.0.9

    Source code(tar.gz)
    Source code(zip)
  • 0.0.8(Aug 28, 2022)

  • 0.0.7(Jul 8, 2022)

    What's Changed

    • Add missing attributes to models by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/30
    • Add X-Client-Info HTTP header
    • Add a new method refreshCurrentSessionIfNeeded()

    Full Changelog: https://github.com/supabase-community/gotrue-swift/compare/0.0.6...0.0.7

    Source code(tar.gz)
    Source code(zip)
  • 0.0.6(Jul 2, 2022)

    Fixes

    • Trigger signout event even when API call fails. by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/29

    Other changes

    • Add Examples by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/27
    • Add section on how to run the Examples by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/28

    Full Changelog: https://github.com/supabase-community/gotrue-swift/compare/0.0.5...0.0.6

    Source code(tar.gz)
    Source code(zip)
  • 0.0.5(Jun 13, 2022)

    What's Changed

    • Extract session from fragment instead of query by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/23
    • Make it easier to call session start for Partner login by @ky1ejs in https://github.com/supabase-community/gotrue-swift/pull/25
    • Add @discardableResult to some methods by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/26

    New Contributors

    • @ky1ejs made their first contribution in https://github.com/supabase-community/gotrue-swift/pull/25

    Full Changelog: https://github.com/supabase-community/gotrue-swift/compare/0.0.4...0.0.5

    Source code(tar.gz)
    Source code(zip)
  • 0.0.4(May 15, 2022)

    What's Changed

    • Add resetPasswordForEmail method by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/18
    • Added refreshSession method by @jjlange in https://github.com/supabase-community/gotrue-swift/pull/20
    • fix: add missing trigger for sign out event and signing out by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/21

    New Contributors

    • @jjlange made their first contribution in https://github.com/supabase-community/gotrue-swift/pull/20

    Full Changelog: https://github.com/supabase-community/gotrue-swift/compare/0.0.3...0.0.4

    Source code(tar.gz)
    Source code(zip)
  • 0.0.3(Apr 16, 2022)

    What's Changed

    • Async/Await by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/16

    Full Changelog: https://github.com/supabase-community/gotrue-swift/compare/0.0.2...0.0.3

    Source code(tar.gz)
    Source code(zip)
  • 0.0.2(Mar 27, 2022)

  • 0.0.1(Feb 22, 2022)

    What's Changed

    • fix: add new providers by @kangmingtay in https://github.com/supabase-community/gotrue-swift/pull/1
    • Fix folder name by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/2
    • Support multiple subscriptions to auth state change by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/3
    • Add new providers by @HarryET in https://github.com/supabase-community/gotrue-swift/pull/6
    • Add async/await support by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/5
    • Fix crash by replace all unowned self with weak self by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/7
    • Use Keychain for Session Storage, Session Bug Fix by @thecoolwinter in https://github.com/supabase-community/gotrue-swift/pull/9
    • Refresh session object after "refreshSession" method is called by @AngCosmin in https://github.com/supabase-community/gotrue-swift/pull/12
    • Add linkedin, notion and twitch OAuth providers by @grsouza in https://github.com/supabase-community/gotrue-swift/pull/13

    New Contributors

    • @kangmingtay made their first contribution in https://github.com/supabase-community/gotrue-swift/pull/1
    • @grsouza made their first contribution in https://github.com/supabase-community/gotrue-swift/pull/2
    • @HarryET made their first contribution in https://github.com/supabase-community/gotrue-swift/pull/6
    • @thecoolwinter made their first contribution in https://github.com/supabase-community/gotrue-swift/pull/9
    • @AngCosmin made their first contribution in https://github.com/supabase-community/gotrue-swift/pull/12

    Full Changelog: https://github.com/supabase-community/gotrue-swift/commits/0.0.1

    Source code(tar.gz)
    Source code(zip)
Owner
Supabase Community
Supabase Community
Swift iPhone and iPad Client for Polls API, using Hyperdrive API client

Polls Client This is a Swift iPhone and iPad client for the Polls API - a simple application allowing users to view polls and vote in them. Polls is a

Apiary 34 Jul 15, 2022
Swift client library to interact with Supabase Storage

storage-swift Swift Client library to interact with Supabase Storage.

Supabase Community 21 Dec 1, 2022
Client library for making in-app purchases on iOS and macOS Automattic apps

MobilePayKit Client library for making in-app purchases on iOS and macOS Automattic apps Introduction MobilePayKit is a client library for making in-a

Automattic 8 Oct 20, 2022
A small SwiftUI based chat client for IRC, using swift-nio-irc

NeoIRC A simple Internet Relay Chat client implemented using SwiftNIO and SwiftUI. Inspired by: For maximum NIO someone (I’m tempted) should adopt NIO

The Noze Consortium 18 Jun 22, 2022
Seaglass is a truly native macOS client for Matrix. It is written in Swift and uses the Cocoa user interface framework.

Seaglass is a truly native macOS client for Matrix. It is written in Swift and uses the Cocoa user interface framework.

null 1 Jan 17, 2022
A Swift client for Supabase

supabase-swift Supabase client for swift. Mirrors the design of supabase-js Installation Swift Package Manager: Add the following lines to your Packag

Supabase Community 188 Dec 30, 2022
iOS client for Giphy written in Swift with ReactiveCocoa

Giraffe iOS client for Giphy written in Swift with ReactiveCocoa Requirements iOS 10.0 Beta Xcode 8 Beta 2 Swift 2.3 Carthage Why S

Yevhen Dubinin 43 Feb 10, 2022
A completely native Discord client for macOS built 100% in Swift and SwiftUI

Swiftcord A completely native Discord client for macOS built 100% in Swift and SwiftUI This project aims to create a fully functional native Discord c

CryptoAlgo-Dev 1.1k Jan 9, 2023
A cross-platform Reddit client built in SwiftUI

A cross-platform Reddit client created in SwiftUI. Get the Public Beta Note: This project is far from complete. It still lacks many features of your t

Carson Katri 1.2k Dec 25, 2022
An open-source SwiftUI Stack Overflow client

StackOv A SwiftUI Stackoverflow client We are currently in the developing process of the next version of StackOv app. The demo version of StackOv is a

Surf 235 Dec 17, 2022
Tutorial GraphQL + Node Express + MySQL, and sample for Android / iOS client

GraphQL-tutorial Tutorial for GraphQL + Node Express + MySQL, and sample for Android / iOS client Blog NeoRoman's GraphQL-tutorial (Korean) Materials

Henry Kim 4 Oct 20, 2022
Native Jellyfin Client for iOS and tvOS

Swiftfin Swiftfin is a modern client for the Jellyfin media server. Redesigned in Swift to maximize direct play with the power of VLC and look native

Jellyfin 1.1k Jan 6, 2023
Basic Unsplash client for iOS made with SwiftUI (beta).

PapersSwiftUI Basic Unsplash client for iOS made with SwiftUI (beta). Note SwiftUI is still in beta and I'm also still learning how it works. To-Do: P

Don 19 Dec 17, 2022
💥 a modern xkcd iOS client

XKCDY / app This is the source code of the XKCDY app. I built this app primarily as a way to learn Swift and SwiftUI. Because I was learning as I buil

null 32 Oct 30, 2022
A xkcd client written in SwiftUI.

xkcd A xkcd client written in SwiftUI. Architechture: Tried to use MVVM but with CoreData... If you know, you know. Features: Supports Dark/Light mode

Sina Rabiei 10 Oct 21, 2022
The alternative last.fm client for iOS made with SwiftUI

first.fm - The alternative last.fm client for iOS (it's actually not available on the App Store... yet) Features Your profile (top artists, tracks and

Stanislas 22 Aug 22, 2022
Client that retrieves specific information about stocks.

Client that retrieves specific information about stocks. This app is used as training to develop design pattern skills, in this case: the Coordinator Pattern

Marco Marinò 1 Apr 26, 2022
Tanukis-Stash - Open source e621 client for iOS built with SwiftUI

The Tanuki's Stash The worlds first e621 client for iOS, iPadOS, and macOS built

Jay 3 Jul 29, 2022
Mastodon and Twitter client for iOS, iPadOS & macOS

Note: Mamoot! is under heavy development and is obviously far from complete at this moment. We're currently looking for more people to work with us, s

null 13 Nov 22, 2022