Potential ZSS Authentication Issue under iOS 8

09 December 2014

Recent iOS library changes (in iOS 8 and/or Xcode 6) may cause ZSS Client Authentication to fail under the following circumstances:

An iOS app uses the ZumeroSync class from the ios folder in the ZSS SDK, or the same class via the ZumeroSync Cocoapod.
The app calls the version of [ZumeroSync Sync] that takes an (NSDictionary *)authScheme parameter (not the version that takes an authSchemeJS JSON string)
The app actually passes an authentication scheme, username and password (anonymous syncs are not affected)

If all of these conditions are met, client apps that synced in the past may now fail to do so.

Note: by default, apps generated by ZAG will not be affected, as they use the authSchemeJS version of Sync.

This bug will be fixed in a future ZSS release, but in the meantime you can work around the problem by using the authSchemeJS version of Sync. Pay attention to the following requirements:

No extraneous spaces in the JSON string - that is, no spaces before/after strings, semicolons, colons or braces.
The JSON string must contain only the scheme_type and table fields.
Those two fields must be in that order.

Working example:

[ZumeroSync 
        Sync:dbfilename 
   cipherKey:nil
   serverUrl:@"http://myserver.example.com"
      remote:remoteName
authSchemeJS:@"{\"scheme_type\":\"table\",\"table\":\"users\"}"
        user:@"barney"
    password:@"bambam"
       error:&err];

Non-working examples:

// ... contains a space before the table key
authSchemeJS:@"{\"scheme_type\":\"table\", \"table\":\"users\"}"

// ... contains newlines
authSchemeJS:@"{\n\"scheme_type\":\"table\",\n\"table\":\"users\"\n}"

// ... keys out of order
authSchemeJS:@"{\"table\":\"users\",\"scheme_type\":\"table\"}"