Description
[REQUIRED] Step 1: Describe your environment
- Xcode version: Xcode 13.4
- Firebase SDK version: 9.0.0
- Installation method:
CocoaPods - Firebase Component: Auth
- Target platform(s):
iOS
[REQUIRED] Step 2: Describe the problem
We've been getting user reports that after updating to an app version that included 9.0.0, they've been getting logged out after closing the app and waiting some time, resulting in a degraded experience.
Steps to reproduce:
Sadly this is one of those issues that can't be reliably reproduced. We believe it's related to the Keychain and prewarming mitigation fix put in place in #9622, specifically to the part that checks whether [UIApplication isProtectedDataAvailable] returns true. There have been reports of isProtectedDataAvailable not returning true after application(_:didFinishLaunchingWithOptions:), such as https://sourcediving.com/solving-mysterious-logout-issues-on-ios-15-8b818c089466. (this also contains some reproduction instructions, like force closing the app, putting the phone to sleep, waiting 30 minutes, unlock the phone and open the app)
Reading the code change in #9622, if isProtectedDataAvailable is false, then it will wait for the UIApplicationProtectedDataDidBecomeAvailable notification, which might never arrive if isProtectedDataAvailable never changed to true. This would result in the Auth component not being up to date on user launch, which would result in our app deciding it is logged out.
Workaround
To work around this issue, we should be able to manually send the UIApplicationProtectedDataDidBecomeAvailable in application(_:didFinishLaunchingWithOptions:) at some point after initializing the Auth component, but it might be tricky to figure out the right place if Auth is abstracted into other app-specific components.
Should there be an option to deactivate this automatic mitigation/checks in light of isProtectedDataAvailable not working as expected in all cases? I'll leave that up to the Firebase team, but as it stands, 9.0.0 introduces a new authentication issue for us that wasn't there before (at least in our case), and for now, we'll just stay in 8.15.0 which does not contain this change.
