Bug 244364

Summary: [AppSSO] Adjust life cycle of SOAuthorization to avoid premature cancellation
Product: WebKit Reporter: Brent Fulgham <bfulgham>
Component: WebKit2Assignee: Brent Fulgham <bfulgham>
Status: RESOLVED FIXED    
Severity: Normal CC: kkinnunen
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

Description Brent Fulgham 2022-08-25 15:08:32 PDT 
Testing has shown that attempting to share a single SOAuthorization object amongst several active sessions can lead to deadlocks during AppSSO authentication.

Since the SOAuthorization object is meant to be stateless, there is no harm in constructing and destroying it for each type of authentication flow.

This simplifies the logic, and makes it clear which SOAuthorization object is associated with a given load event.
Comment 1 Brent Fulgham 2022-08-25 15:08:53 PDT 
<rdar://98413693>
Comment 2 Brent Fulgham 2022-08-25 16:49:24 PDT 
Pull request: https://github.com/Webkit/WebKit/pull/3684
Comment 3 EWS 2022-08-29 15:43:02 PDT 
Committed 253929@main (bc90c50c6ba8): <https://commits.webkit.org/253929@main>

Reviewed commits have been landed. Closing PR #3684 and removing active labels.