Wire clearKeychain on iOS — standalone step + launchApp flag#59
Merged
Wire clearKeychain on iOS — standalone step + launchApp flag#59
Conversation
Reported by @ross-aker in #57 — thank you for the clear repro. ClearKeychainStep had no handler in the WDA driver's Execute() dispatch, so a standalone `clearKeychain` step errored with "Step type '*flow.ClearKeychainStep' is not supported on iOS". The launchApp struct has a ClearKeychain field, but launchApp() never read it — so `launchApp: clearKeychain: true` was silently a no-op: the app relaunched with the previous user still logged in. Fix: - Add clearKeychain(step) handler that calls resetKeychain(), a shared helper that runs `xcrun simctl keychain <udid> reset` on simulators. - Wire *flow.ClearKeychainStep into driver.Execute() so the standalone step works. - In launchApp(), if step.ClearKeychain is set, invoke resetKeychain() after clearState and before launch. Failures log at Warn and do not abort the launch. Real-device behavior: returns a clear "unsupported on real iOS devices" result with a pointer to use `clearState` instead (reinstall drops the app's keychain entries). The iOS keychain on real devices is sandboxed per-app and cannot be reset via public API without jailbreak. Verified on iPhone 16 Pro simulator (iOS 18.6): standalone clearKeychain passes, launchApp with clearKeychain: true no longer silently no-ops, existing auth flows still pass. Fixes #57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes #57. Reported by @ross-aker — thank you for the repro.
Two gaps in the WDA driver:
clearKeychainstep hit the default case inExecute()dispatch and errored withStep type '*flow.ClearKeychainStep' is not supported on iOS.launchApp: clearKeychain: truewas silently a no-op — the struct has the field, butlaunchApp()never read it, so a previously-logged-in user stayed logged in even with the flag set.Changes
clearKeychain(step)handler + sharedresetKeychain()helper inpkg/driver/wda/commands.gothat runsxcrun simctl keychain <udid> reseton simulators.*flow.ClearKeychainStepintodriver.Execute()dispatch.launchApp(), fireresetKeychain()afterclearStateand before launch if the flag is set. Failure logs atWarnand does not abort the launch.Real-device behavior
Returns a clear "unsupported on real iOS devices" message pointing to
clearStateas an alternative (reinstall drops the app's keychain entries). The iOS keychain on real devices is sandboxed per-app and can't be reset via public API without jailbreak.Test plan
clearKeychain+launchApp { clearKeychain: true }) passes on iPhone 16 Pro simulator (iOS 18.6).login-valid-primary.yaml) still passes — no regression.go build ./...+go test ./pkg/driver/wda/...green.