Keyhain: Access token lost after App Store update

[ElKnarzo]

Hi,

we already use this pod in several of our projects. Now it happens in one of these projects that after updating the app from the AppStore, the access token, which is stored in the key chain of the device, is lost.

We tried to install the previous version on a device via xCode and updated it with the version from the AppStore. After this process, we were still logged in, in contrast to the users of our app.

Using a backend request log, which we are also developing, we were able to determine that the access token was still available before the update and had not expired. After the update to the same endpoint, this was not sent with it.

We haven't made any changes to the entitlements that could explain it. One assumption could be due to the re-sign of the app. This was signed with a new certificate because the certificate from the previous version had expired.

We would be grateful for any helpful input on this problem and how to solve it.

[ossus-lib]

This is strange, an app upgrade shouldn't touch the keychain items. Have you found out what happened?

[ElKnarzo]

Yes, we have found out. Between 2 iOS versions, Apple changed the storage location of the KeyChain, including the readout. The access token was still present in the old storage location, but of course not in the new one.

We were only able to find this out with the help of 2 different xCode versions. As a precaution, we now save the token in the NSUserDefaults and then move it back to KeyChain.