App Rejected Due to Apple Login

[mehroozkhan]

Describe the bug

Our app has been rejected from app store multiple times because apple team keep getting error when they try Apple Login.
Message From Apple Review Team on every build submission is:

The app exhibited one or more bugs that would negatively impact App Store users.
Bug description: Sign in with Apple process failed to proceed.
Review device details:

• Device type: iPad Air (5th generation)
• OS version: iOS 17.5.1

Attachment:

We have tested our apps in development mode and in Test Flight multiple times with different apple accounts, never got any error.
On Investigating the Amplify Error code, it is the AuthError.InvalidState error.

Login Code:
`func socialSignInWithWebUI(provider: AuthProvider?) async {

    let signInResult: AuthSignInResult
    do {
        if let provider = provider {
            signInResult = try await Amplify.Auth.signInWithWebUI(for: provider,presentationAnchor: self.view.window!)
        } else {
            signInResult = try await Amplify.Auth.signInWithWebUI(presentationAnchor: self.view.window!)
        }
        
        if signInResult.isSignedIn {
            
            let userInfo = try? await Amplify.Auth.getCurrentUser()
            
            onLogin?(userInfo?.username, nil)
            
        }
    } catch {
        print("Unexpected error: \(error)")
        self.viewModel.showLoader.value = false
        self.viewModel.alertMessage.value = AlertMessage(title: "Error", body: error.localizedDescription)
    }
}`

Also tried with the .preferPrivateSession() option, still rejected with this too.

Steps To Reproduce

We can't reproduce it on our end.

Expected behavior

Apple Review team successfully login and approve the app.

Amplify Framework Version

2.35.4

Amplify Categories

Auth

Dependency manager

Swift PM

Swift version

5.10

CLI version

12.10.1

Xcode version

15.4

Relevant log output

<details>
<summary>Log Messages</summary>


INSERT LOG MESSAGES HERE

```

Is this a regression?

No

Regression additional context

No response

Platforms

iOS

OS Version

iOS 17.5.1

Device

iPad Air (5th generation)

Specific to simulators

No response

Additional context

No response

[sebaland]

Hi @mehroozkhan, thanks for opening this issue.

We'll take a look and see if we can figure out what might be happening and post updates here

[5d]

Hi @mehroozkhan ,

Before displaying the sign-in UI, did you check the user's auth status? One potential issue that could cause the Amplify.AuthError.invalidState error is attempting to initiate a sign-in process when there is already an active and valid user session.

[mehroozkhan]

@5d Thanks for your reply. Yes I do check first if the user is signed in or not through fetchAuthSession API.

    static func configure(splashSeen: Bool = false, onboarding: Bool, registration: Bool, keychainServices: KeychainServicesProtocol, completion: @escaping (LaunchInstructor)->Void) {
        
        Task {
            
            let result = await fetchCurrentAuthSession(keychainServices: keychainServices)
            
            if !splashSeen {
                completion(.splash)
            }
            else if !onboarding {
                completion(.onboarding)
            }
            else if result {
                completion(.main)
            } else {
                completion(.auth)
            }
        }
    }
    
    static func fetchCurrentAuthSession(keychainServices: KeychainServicesProtocol) async -> Bool {
        do {
            let session = try await Amplify.Auth.fetchAuthSession()
            if let cognitoTokenProvider = session as? AuthCognitoTokensProvider {
                let tokens = try cognitoTokenProvider.getCognitoTokens().get()
                keychainServices.setAPIToken(token: tokens.idToken)
            }
            
            return session.isSignedIn
        } catch {
            return false
        }
    }

[mehroozkhan]

our app got approved without changing anything in the apple login now. Very strange Apple!

[github-actions]

This issue is now closed. Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

[willbonde]

@mehroozkhan I think I may have identified the issue

It seems like the first time an Apple Account uses social login on an app (that is, the first time ever, of any app) the user is prompted to accept Apple Terms and Conditions for social login. This only happens once.

I've now been able to reproduce this reliably, but it MUST be a new Apple Account. Once you've accepted Apple's T&C, it continues to work flawlessly. It seems like sometimes you get someone using a new Apple Account at Apple, sometimes not

I'd be curious if you could duplicate this with a brand new Apple Account that you've never signed on. @sebaland @5d

I'm writing something up to post on the Discord, too. I may be filing a new issue - lmk if you can try it @mehroozkhan !