From 70fe6458e5e7eb04fb0b8c7c952492517f20954d Mon Sep 17 00:00:00 2001 From: Michael Stingl Date: Tue, 8 Jul 2025 22:12:37 +0200 Subject: [PATCH 1/4] Integrate OAuth2/OIDC logout on bookmark deletion MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Call deauthenticateConnection before erasing vault when deleting bookmarks - Ensures proper logout at IdP level (token revocation/OIDC end session) - Maintains user-friendly behavior: deletion proceeds even if logout fails - Update SDK submodule to include logout support 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- ios-sdk | 2 +- .../OCBookmarkManager+Management.swift | 85 +++++++++++++------ 2 files changed, 59 insertions(+), 28 deletions(-) diff --git a/ios-sdk b/ios-sdk index 9aeaf1aa4..038cfd9aa 160000 --- a/ios-sdk +++ b/ios-sdk @@ -1 +1 @@ -Subproject commit 9aeaf1aa4a6237ed0db62d48d83e91cd0b9f190c +Subproject commit 038cfd9aadc567ea710de67d7475fe722517b2f8 diff --git a/ownCloudAppShared/SDK Extensions/OCBookmarkManager+Management.swift b/ownCloudAppShared/SDK Extensions/OCBookmarkManager+Management.swift index 706a93fe4..f959051f6 100644 --- a/ownCloudAppShared/SDK Extensions/OCBookmarkManager+Management.swift +++ b/ownCloudAppShared/SDK Extensions/OCBookmarkManager+Management.swift @@ -46,33 +46,29 @@ public extension OCBookmarkManager { alertController.addAction(UIAlertAction(title: destructiveTitle, style: .destructive, handler: { (_) in if !OCBookmarkManager.attemptLock(bookmark: bookmark, presentErrorOn: hostViewController, action: { bookmark, lockActionCompletion in OCCoreManager.shared.scheduleOfflineOperation({ (bookmark, offlineOperationCompletion) in - let vault : OCVault = OCVault(bookmark: bookmark) - - vault.erase(completionHandler: { (_, error) in - OnMainThread { - if error != nil { - // Inform user if vault couldn't be erased - let alertController = ThemedAlertController(title: NSString(format: failureTitle as NSString, bookmark.shortName as NSString) as String, - message: error?.localizedDescription, - preferredStyle: .alert) - - alertController.addAction(UIAlertAction(title: OCLocalizedString("OK", nil), style: .default, handler: nil)) - - hostViewController.present(alertController, animated: true) - } else { - // Success! We can now remove the bookmark - OCMessageQueue.global.dequeueAllMessages(forBookmarkUUID: bookmark.uuid) - - if let bookmark = OCBookmarkManager.shared.bookmark(for: bookmark.uuid) { - OCBookmarkManager.shared.removeBookmark(bookmark) - } - } - - completion?() // delete(withAlertOn:) completion Handler - offlineOperationCompletion() // OCCoreManager.scheduleOfflineOperation completion handler - lockActionCompletion() // OCBookmarkManager.attemptLock completion handler - } - }) + // Attempt to logout/deauthenticate from the server before erasing local data + if let authMethod = bookmark.authenticationMethod { + let connection = OCConnection(bookmark: bookmark) + + authMethod.deauthenticateConnection(connection, withCompletionHandler: { (_, _) in + // Proceed with vault erasure regardless of deauthentication result + // This ensures users can always remove bookmarks even if logout fails + self.performVaultErasure(bookmark: bookmark, + hostViewController: hostViewController, + failureTitle: failureTitle, + completion: completion, + offlineOperationCompletion: offlineOperationCompletion, + lockActionCompletion: lockActionCompletion) + }) + } else { + // No authentication method, proceed directly with vault erasure + self.performVaultErasure(bookmark: bookmark, + hostViewController: hostViewController, + failureTitle: failureTitle, + completion: completion, + offlineOperationCompletion: offlineOperationCompletion, + lockActionCompletion: lockActionCompletion) + } }, for: bookmark) }) { completion?() @@ -81,4 +77,39 @@ public extension OCBookmarkManager { hostViewController.present(alertController, animated: true, completion: nil) } + + private func performVaultErasure(bookmark: OCBookmark, + hostViewController: UIViewController, + failureTitle: String, + completion: (() -> Void)?, + offlineOperationCompletion: @escaping () -> Void, + lockActionCompletion: @escaping () -> Void) { + let vault = OCVault(bookmark: bookmark) + + vault.erase(completionHandler: { (_, error) in + OnMainThread { + if error != nil { + // Inform user if vault couldn't be erased + let alertController = ThemedAlertController(title: NSString(format: failureTitle as NSString, bookmark.shortName as NSString) as String, + message: error?.localizedDescription, + preferredStyle: .alert) + + alertController.addAction(UIAlertAction(title: OCLocalizedString("OK", nil), style: .default, handler: nil)) + + hostViewController.present(alertController, animated: true) + } else { + // Success! We can now remove the bookmark + OCMessageQueue.global.dequeueAllMessages(forBookmarkUUID: bookmark.uuid) + + if let bookmark = OCBookmarkManager.shared.bookmark(for: bookmark.uuid) { + OCBookmarkManager.shared.removeBookmark(bookmark) + } + } + + completion?() // delete(withAlertOn:) completion Handler + offlineOperationCompletion() // OCCoreManager.scheduleOfflineOperation completion handler + lockActionCompletion() // OCBookmarkManager.attemptLock completion handler + } + }) + } } From 4e17ff8686a2888aa4ec3fe7ef8e532b2456877d Mon Sep 17 00:00:00 2001 From: Michael Stingl Date: Tue, 8 Jul 2025 22:32:06 +0200 Subject: [PATCH 2/4] Update SDK to include oidc-post-logout-redirect-uri configuration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- ios-sdk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ios-sdk b/ios-sdk index 038cfd9aa..8c8f09243 160000 --- a/ios-sdk +++ b/ios-sdk @@ -1 +1 @@ -Subproject commit 038cfd9aadc567ea710de67d7475fe722517b2f8 +Subproject commit 8c8f092439e10364eeea45193bd60bfe198b0740 From 1f591f3dc54dc9c94700f1bf459a0b63261fe4a4 Mon Sep 17 00:00:00 2001 From: Michael Stingl Date: Tue, 8 Jul 2025 22:35:37 +0200 Subject: [PATCH 3/4] Update SDK to fix CI build issue MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- ios-sdk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ios-sdk b/ios-sdk index 8c8f09243..5aca57c5c 160000 --- a/ios-sdk +++ b/ios-sdk @@ -1 +1 @@ -Subproject commit 8c8f092439e10364eeea45193bd60bfe198b0740 +Subproject commit 5aca57c5cc015cbf201a09799d44cf53b31acd10 From 96a7498ed35c9feaf126ef189ec8e6aba0e1fd93 Mon Sep 17 00:00:00 2001 From: Michael Stingl Date: Tue, 8 Jul 2025 22:46:02 +0200 Subject: [PATCH 4/4] Update SDK to fix more CI build issues MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- ios-sdk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ios-sdk b/ios-sdk index 5aca57c5c..3bb166c5d 160000 --- a/ios-sdk +++ b/ios-sdk @@ -1 +1 @@ -Subproject commit 5aca57c5cc015cbf201a09799d44cf53b31acd10 +Subproject commit 3bb166c5da6117da49de317da79903ff347e465a