I'm having trouble dealing with concurrency with the SFAuthorizationPluginView. Does anybody know how this can be solved?
https://developer.apple.com/documentation/securityinterface/sfauthorizationpluginview
The crux of it is:
If I inherit an object as part of an API, and the API is preconcurrency, and thus is nonisolated (but in reality is @MainActor), how do I return a @MainActor GUI element?
https://developer.apple.com/documentation/securityinterface/sfauthorizationpluginview/firstresponder()
The longer story:
I made my view class inherit SFAuthorizationPluginView.
The API is preconcurrency (but not marked as preconcurrency)
I started using concurrency in my plugin to retrieve data over XPC. (https://developer.apple.com/documentation/xpc/xpcsession + https://developer.apple.com/documentation/swift/withcheckedthrowingcontinuation(isolation:function:_:))
Once I retrieve the data over XPC, I need to post it on GUI, hence I've set my view class as @MainActor in order to do the thread switch.
Swift compiler keeps complaining:
override func firstResponder() -> NSResponder? {
return usernameField
}
"Main actor-isolated property 'usernameField' can not be referenced from a nonisolated context; this is an error in the Swift 6 language mode"
override func firstResponder() -> NSResponder? {
MainActor.assumeIsolated {
return usernameField
}
}
"Sending 'self' risks causing data races; this is an error in the Swift 6 language mode"
I think fundamentally, the API is forcing me to give away a @MainActor variable through a nonisolated function, and there is no way to shut up the compiler.
I've tried @preconcurrency and it has no effect as far as I can tell. I've also tried marking the function explicitly as nonisolated.
The rest of the API are less problematic, but returning a GUI variable is exceptionally difficult.
Selecting any option will automatically load the page
Post
Replies
Boosts
Views
Activity
Issue solved. Retracting question.
Hi there,
I'm trying to use SFAuthorizationPluginView in order to show some fields in the login screen, have the user click the arrow, then continue to show more fields as a second step of authentication. How can I accomplish this?
Register multiple SecurityAgentPlugins each with their own mechanism and nib?
Some how get MacOS to call my SFAuthorizationPluginView::view() and return a new view?
Manually remove text boxes and put in new ones when button is pressed
I don't believe 1 works, for the second mechanism ended up calling the first mechanism's view's view()
Cheers,
-Ken
Hi there,
I’m having issue using Apple’s API. I can’t initialize SFAuthorizationPluginView using Swift.
I’ve done numerous google searches, but haven’t found any examples/tutorials of anyone using Swift for SFAuthorizationPluginView / AuthorizationPluginCreate.
I managed to get the AuthorizationPlugin and AuthorizationMechanism up, but simply creating the SFAuthorizationPluginView fails the failable initiator.
https://developer.apple.com/documentation/securityinterface/sfauthorizationpluginview
Here are some log messages I wrote:
error 16:08:33.689244-0800 kernel Library Validation failed: Rejecting '/Library/Security/SecurityAgentPlugins/XXXAgent.bundle/Contents/MacOS/XXXAgent' (Team ID: 7X6364JT77, platform: no) for process 'SecurityAgentHel(2689)' (Team ID: N/A, platform: yes), reason: mapping process is a platform binary, but mapped file is not
error 16:08:33.689501-0800 SecurityAgentHelper-arm64 Error loading /Library/Security/SecurityAgentPlugins/XXXAgent.bundle/Contents/MacOS/XXXAgent (78): dlopen(/Library/Security/SecurityAgentPlugins/XXXAgent.bundle/Contents/MacOS/XXXAgent, 0x0106): tried: '/Library/Security/SecurityAgentPlugins/XXXAgent.bundle/Contents/MacOS/XXXAgent' (code signature in <BFF0D7BA-5CF8-3F2F-A604-DCC235499234> '/Library/Security/SecurityAgentPlugins/XXXAgent.bundle/Contents/MacOS/XXXAgent' not valid for use in process: mapping process is a platform binary, but mapped file is not), '/System/Volumes/Preboot/Cryptexes/OS/Library/Security/SecurityAgentPlugins/XXXAgent.bundle/Contents/MacOS/XXXAgent' (no such file), '/Library/Security/SecurityAgentPlugins/XXXAgent.bundle/Contents/MacOS/XXXAgent' (code signature in <BFF0D7BA-5CF8-3F2F-A604-DCC235499234> '/Library/Security/SecurityAgentPlugins/XXXAgent.bundle/Contents/MacOS/XXXAgent' not valid for use in process: mapping process is a platform binary, but mapped file is not)
default 16:08:33.760679-0800 SecurityAgentHelper-arm64 callbacks: Optional(0x00000001001b1f88)
default 16:08:33.760710-0800 SecurityAgentHelper-arm64 andEngineRef: Optional(0x0000000156f384d0)
error 16:08:33.762404-0800 SecurityAgentHelper-arm64 Test API call result: OSStatus 0 i.e. No error.
error 16:08:33.763298-0800 SecurityAgentHelper-arm64 Failed to create Authorization Plugin Adapter
default 16:08:33.763524-0800 authd engine 66: running mechanism XXXAgent:XXXAgentMechanism (1 of 1)
Here is the calling code with the error message:
class AuthorizationMechanismXXX : AuthorizationMechanism
{
let mLogger = …
let mAuthorizationPluginView : AuthorizationPluginViewAdapter?
override init(inPlugin: UnsafeMutablePointer<AuthorizationPlugin>,
inEngine: AuthorizationEngineRef,
inMechanismId: AuthorizationMechanismId)
{
…
let pCallbacks : UnsafePointer<AuthorizationCallbacks> = inPlugin.pointee.EngineCallback()
self.mAuthorizationPluginView = AuthorizationPluginViewAdapter(callbacks: pCallbacks, andEngineRef: inEngine)
if (self.mAuthorizationPluginView == nil)
{
mLogger.error("Failed to create Authorization Plugin Adapter")
}
super.init(inPlugin: inPlugin, inEngine: inEngine, inMechanismId: inMechanismId)
}
Here is the class:
class AuthorizationPluginViewAdapter : SFAuthorizationPluginView
{
let mLogger = …
let mLoginView = NSHostingView(rootView: LoginView())
override init!(callbacks: UnsafePointer<AuthorizationCallbacks>!, andEngineRef engineRef: AuthorizationEngineRef!)
{
mLogger.notice("callbacks: \(callbacks.debugDescription, privacy: .public)")
mLogger.notice("andEngineRef: \(engineRef.debugDescription, privacy: .public)")
var sessionId: UnsafeMutablePointer<AuthorizationSessionId?>?
let result = callbacks.pointee.GetSessionId(engineRef, sessionId)
LogSecurityOSStatus(logger: mLogger, osStatus: result, message: "Test API call result")
super.init(callbacks: callbacks, andEngineRef: engineRef)
mLogger.notice("Never gets here")
}
override func buttonPressed(_ inButtonType: SFButtonType)
{
if (inButtonType == SFButtonTypeOK)
{
let osStatus = callbacks().pointee.SetResult(engineRef(), AuthorizationResult.allow)
if (osStatus != errSecSuccess)
{
LogSecurityOSStatus(logger: mLogger, osStatus: osStatus, message: "Error setting authorization result")
}
}
else if (inButtonType == SFButtonTypeCancel)
{
let osStatus = callbacks().pointee.SetResult(engineRef(), AuthorizationResult.deny)
if osStatus != errSecSuccess
{
LogSecurityOSStatus(logger: mLogger, osStatus: osStatus, message: "Error setting authorization result")
}
}
else
{
mLogger.error("Invalid buttonType.")
}
}
override func view(for inType: SFViewType) -> NSView!
{
if (inType == SFViewTypeIdentityAndCredentials)
{
mLogger.debug("Identity and credentials")
}
else if (inType == SFViewTypeCredentials)
{
mLogger.debug("Credentials only")
}
else
{
mLogger.error("Invalid buttonType.")
}
return mLoginView
}
}
Here is the view:
import SwiftUI
struct LoginView: View {
var body: some View {
Text(/*@START_MENU_TOKEN@*/"Hello, World!"/*@END_MENU_TOKEN@*/)
}
}
#Preview {
LoginView()
}