Reputation: 171
Do apple-app-site-association files work with GitHub Pages (i.e. site.github.io)?
I'm trying to setup strong passwords support for an app.
I have a valid JSON file with the correct items:
{
"appLinks": {
"apps": [],
"details": [{}]
},
"webcredentials": {
"apps": [ "<TEAMID>.<BUNDLEID>", "<TEAMID>.<BUNDLEID>" ]
}
}
I've included a ".nojekyll" file to the repo to allow for .folder access. I've validated that with (https://branch.io/resources/aasa-validator).
I've placed the file in /.well-known/apple-app-site-association
I've added the capability to my app and triple checked my TEAM ID and Bundle identifier.
I've also deleted the app from my device and installed and run with and without a debugger attached.
I'm beginning to think GitHub Pages for some reason or another does not support this functionality.
NOTE: my bundleIDs are explicit, meaning instead of "com.company.app", I'm using "app"
Am I right in thinking this?
Upvotes: 11
Views: 3160
Answers (4)
Reputation: 2172
You need to add a _config.yml file to the root of your GitHub page and add the following, then the <domain>/.well-known/apple-app-site-association can be accessed properly.
include:
- .well-known
Upvotes: 6
Reputation: 4795
As of 2021 this currently works for me with a custom Github Pages domain even though:
- github pages does not serve
apple-app-site-associationwith the correct json content-type -- it'soctet-streaminstead ofapplication/json. - the apple validation tool fails the universal link test
If you redirect from the apex domain to www then you'll probably need to specify the full www.yourdomain.com in your app config, not yourdomain.com.
Make sure this returns the file.
curl -v '<the_domain>/.well-known/apple-app-site-association'
Upvotes: 2
Reputation: 169
Nope, I haven't been able to make it work with GitHub Pages alone. If you don't care why you can skip this next bit.
Why GitHub Pages alone can't suffice
As far as I've found out, GitHub Pages alone will not serve up a file at .well-known/apple-app-site-association with Content-Type: application/json. Apple's validation tool wouldn't pass. It requires:
.well-known/apple-app-site-associationto be served (you can test withcurl -v mysite.com/.well-known/apple-app-site-association)- It must be served with a
Content-Type: application/jsonheader. - There cannot be any redirects; i.e. must work without adding
-Lto yourcurlcommand.
Here's the solutions I tried using only GitHub pages that all failed:
- First thing I figured out was adding
.nojekyllto the top directory of the repo so that.well-known/apple-app-site-associationcould be served.trying to redirect with a symlinkapple-app-site-associationtoapple-app-site-association.json- It was still served as
Content-Type: octet-stream
- It was still served as
- Creating the directory/file structure
.well-known/apple-app-site-association/index.json- This fails Apple validation because
mydomain.com/.well-known/apple-app-site-associationredirects tomydomain.com/.well-known/apple-app-site-association/before returning the correct content and correct content-type header.
- This fails Apple validation because
Cloudflare/CDN atop GH Pages Solution
However, I was also using Cloudflare to CDN the static pages my GitHub Pages site hosted. You can set this up at the free level and probably should if your page gets any real traffic. You could pick another CDN probably, but it will need custom routing of some kind that supports the content-type/no-redirect stuff Apple demands. In Cloudflare, I was able to effect this for free (unless I got a ton of traffic) with the free tier of their Workers. You can probably adapt the rest of this to your preferred CDN if you use another atop your GitHub Pages site.
From the "Workers" page on Cloudflare, click "Manage Workers" then "Create Worker." Copy/paste and the following JSON as needed (it contains your apple-app-site-association JSON):
addEventListener('fetch', event => {
event.respondWith(handleRequest(event.request))
})
/**
* Respond to the request
* @param {Request} request
*/
async function handleRequest(request) {
return new Response(JSON.stringify(
// This is actually your JSON. Because this is JavaScript, you can also add in comments if you like.
{
"applinks": {
"details": [
{
"appID": "Q94XRK95RT.io.beatscratch.beatscratchFlutterRedux",
"paths": [ "/app/", "/app"]
}
]
}
}) + "\n"
, {
headers: {
"content-type": "application/json",
},
status: 200
})
}
Note that I had to use the JSON structure from here. This got the above-linked validator to display "Error no apps associated with url" which sounds bad... but things work.
I named the Worker apple-app-site-association but you can name it whatever you like. You can then route my-site.com/.well-known/apple-app-site-association to the Worker.
Upvotes: 3
Reputation: 171
Looks like once the app has been uploaded and installed via TestFlight strong passwords and the association file is accessed.
It works!
Upvotes: 1
Related Questions
- How to securely associate a Github App Install ID with the account of a website integrating with the GitHub App?
- Auto generate strong password in Swift 5
- Apple-app-site-association is not working
- How could you access the GitHub API in Swift?
- universal Link's apple-app-site-association file in iOS14
- Password-Autofill: Can I place apple-app-site-association file elsewhere instead of root directory or .well-known
- OAuth authentication using GitHub in iOS apps - how does it work
- Does apple-app-site-association work with a web app?
- Issue with implementing "Login with Github" in iOS app
- OAuthSwift & Github - what Authorization callback URL should I use?