Konstantin Lapine

Looks like this issue has been discussed at length in #232

@grEvenX, as you are aware, this is not really an AppAuth-iOS specific issue. My (non-production) experience, which I described in #396, was that the authorization endpoint needs to be visited...

Session cookies issued by some IdPs are not shared anyway. I, as well, would welcome a configuration option that allows to avoid the consent dialog (at the expense of sharing...

👍 to the second paragraph. Instead of necessitating developers to maintain a copy of [OIDExternalUserAgentIOS](https://github.com/openid/AppAuth-iOS/commits/master/Source/iOS/OIDExternalUserAgentIOS.m) (trying to show active development here), could the class included in the lib take an...

I am not sure there is any advantage of using `ASWebAuthenticationSession` over `SFSafariViewController`, unless App Store review process exhibits some preferences. I was mainly concerned about maintaining a custom copy...

> Here's my example for SFSafariViewController, as you can see it's just a single class that you'd add to your project, and you can customize it however you like (e.g....

In AppAuth-iOS context, which, I assume, we ought to be in, the authentication cookie is to be a `persistent` one in iOS 11+. At least by default. A session cookie...

It depends on iOS version. In iOS 11+ `SFSafariViewController` does not share cookies with anything; hence, cannot be used for SSO. In iOS 9-10 it does–with its own instances. AppAuth-iOS...

> Universal links require control over the server side and configuring a `.well-known` endpoint for ensuring it works. Even when I configured this for a previous client, I could never...