ASWebAuthenticationSession

Inherits: RefCounted < Object

Presents a secure web-based authentication flow (OAuth) using the system browser.

Description

Wraps Apple’s ASWebAuthenticationSession so you can perform OAuth-style logins (e.g. Facebook/Google) with a callback URL.

This presents a system-controlled authentication UI and returns the callback URL when the provider redirects back to your app.

Notes:

  • You must configure your callback URL scheme in your app (e.g. via Info.plist URL Types).

  • Use prefers_ephemeral if you want to avoid shared cookies (useful for “pick account” flows).

var web_auth := ASWebAuthenticationSession.new()

func _ready():
    web_auth.completed.connect(_on_web_auth_completed)
    web_auth.failed.connect(_on_web_auth_failed)
    web_auth.canceled.connect(_on_web_auth_canceled)

func login_facebook():
    var auth_url = "https://www.facebook.com/v18.0/dialog/oauth?client_id=...&redirect_uri=mygame://oauth&response_type=code"
    web_auth.start(auth_url, "mygame", false)

func _on_web_auth_completed(callback_url: String):
    print("Callback URL: ", callback_url)
    # parse 'code=' etc.

func _on_web_auth_failed(message: String):
    push_error("Web auth failed: %s" % message)

func _on_web_auth_canceled():
    print("User canceled")

Methods

void

cancel()

bool

start(auth_url: String, callback_scheme: String, prefers_ephemeral: bool)

Signals

canceled() 🔗

Emitted when the user cancels the authentication UI.

completed(callback_url: String) 🔗

Emitted when the authentication session completes successfully.

callback_url is the full callback URL as a string.

failed(message: String) 🔗

Emitted when the authentication session fails.

message is the localized error description.

Method Descriptions

void cancel() 🔗

Cancels the running authentication session (if any).

bool start(auth_url: String, callback_scheme: String, prefers_ephemeral: bool) 🔗

Starts the authentication session.

auth_url is the provider authorization URL.

callback_scheme is your app’s callback URL scheme (pass an empty string to not restrict).

prefers_ephemeral controls whether the session uses an ephemeral browser session.

Returns true if the session started.