Swift Facebook Auth

Hi Mythz,

Is there any examples / guidance on how to utilize the oauth/facebook authentication endpoints from a Ios swift app?


No we haven’t got an example for Swift, but like with all OAuth from Mobile Apps you’ll basically need to launch /auth/facebook in a new browser window and then when the User accepts your OAuth App request it gets redirected back where you need to inspect the HTTP Response Headers and extract the ss-id Cookie so you can add it to your HTTP Web Request.

The OAuth process should be generic for iOS Apps so I’d look to see if anyone’s wrapped this into a reusable component to make this easier, i.e. something like Xamarin.Auth Component for Swift.

Ok great thanks for this.

I experiencing another weird issue as well but this is from the normal browser using MVC (and the auth proxy).

If I call into the facebook auth endpoint using a continue querystring like this:


then I get 400 bad request. if I url encode the http://localhost/portal then it seems to be url encoding twice in the provider.

However the following authenticates


but as its relative it fails after because its actually redirecting to /auth/portal which obviously does not exist.

So what the guidance on passing a full continue url through to facebook? It works fine with twitter.



Actually I’ve managed to work around this by setting the ReferrerUrl in the UserSession prior to redirecting to /auth/facebook. So all good.

It should work, e.g:

If you want to redirect to a relative url it should start with /, e.g. /auth/facebook?Continue=/portal

Hmm does it work for you? I’m getting bad request every time. Apparently Facebook does not like query string parameters in the redirect url.

Yeah the link below should be redirecting, even though it’s an invalid url. Note the ?continue queryString is processed by ServiceStack’s Auth Service, i.e. Facebook doesn’t see it.

Ok I have no CallBackUrl actually configured. And when I inspect the FacebookAuthProvider the continue querystring is finding it’s way into the CallbackUrl when added to redirect_uri. Could this be the reason - if not callbackurl is configured then it uses the originating path?

The CallbackUrl gets sent to facebook but it should be referencing the ServiceStack Facebook Auth endpoint i.e. /auth/facebook which needs to process the callback from Facebook.

Typically you would just leave it for all providers as:

<add key="oauth.CallbackUrl" value="http://example.org/auth/{0}" />

Where ServiceStack will automatically substitute it with the provider name, e.g http://example.org/auth/facebook