// Native iOS leaf recipe for test-only auth bypass deep links using Revyl launch arguments.
Create robust Revyl E2E tests using CLI commands from app source analysis or exploratory sessions.
Create and maintain Revyl tests through MCP tools using create/update operations and execution feedback loops.
MCP dev-first mobile loop for reliable screenshot-observe-action execution, grounded interactions, and conversion of successful exploratory paths into tests.
Analyze failed Revyl test, workflow, and device-session reports via CLI to classify real bugs, flaky tests, infra issues, setup failures, or test-design improvements.
Native Android leaf recipe for test-only auth bypass deep links using Revyl launch intent extras.
Expo and Expo Router leaf recipe for test-only auth bypass deep links using Revyl launch variables.
| name | revyl-cli-auth-bypass-ios |
| description | Native iOS leaf recipe for test-only auth bypass deep links using Revyl launch arguments. |
Use this leaf skill when revyl-cli-auth-bypass has selected a native iOS app. This is app code guidance, not a Revyl authentication shortcut.
For the first-pass setup, start from revyl-cli-auth-bypass; it detects the stack, applies the shared safety contract, and delegates here for Swift/iOS implementation details.
revyl dev list, screenshots, or reports can answer the question..claude/skills slash-command discovery plus WebFetch/WebSearch or configured MCP/browser tools; Cursor .cursor/skills plus .cursor/rules/revyl-skills.mdc and available MCP/browser tools.revyl device screenshot or revyl device report instead of claiming browser access.Use one app-specific deep link shape:
myapp://revyl-auth?token=<token>&role=<role>&redirect=<allowlisted-route>
Revyl launch variables arrive in iOS simulator apps as launch arguments, for example:
-REVYL_AUTH_BYPASS_ENABLED true -REVYL_AUTH_BYPASS_TOKEN <token>
Info.plist: register the app URL scheme.myapp://revyl-auth.Register an app-specific scheme such as myapp in Info.plist:
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleURLSchemes</key>
<array>
<string>myapp</string>
</array>
</dict>
</array>
Keep session creation app-specific and explicit:
import Foundation
private let allowedRedirects: [String: AppRoute] = [
"/account": .account,
"/checkout": .checkout,
"/cart": .cart
]
private let allowedRoles: Set<String> = ["buyer", "support"]
func launchValue(_ key: String) -> String? {
let args = ProcessInfo.processInfo.arguments
guard let index = args.firstIndex(of: "-\(key)") else { return nil }
let valueIndex = args.index(after: index)
return args.indices.contains(valueIndex) ? args[valueIndex] : nil
}
func queryValue(_ name: String, in url: URL) -> String? {
let items = URLComponents(url: url, resolvingAgainstBaseURL: false)?.queryItems ?? []
return items.first(where: { $0.name == name })?.value
}
func handleRevylAuthBypass(_ url: URL) throws -> Bool {
guard url.scheme == "myapp", url.host == "revyl-auth" else { return false }
guard launchValue("REVYL_AUTH_BYPASS_ENABLED") == "true" else {
throw AuthBypassError.disabled
}
guard queryValue("token", in: url) == launchValue("REVYL_AUTH_BYPASS_TOKEN") else {
throw AuthBypassError.badToken
}
let role = queryValue("role", in: url) ?? "buyer"
let redirect = queryValue("redirect", in: url) ?? "/account"
guard allowedRoles.contains(role) else { throw AuthBypassError.badRole }
guard let route = allowedRedirects[redirect] else { throw AuthBypassError.badRedirect }
TestSession.signIn(role: role)
AppRouter.shared.navigate(to: route)
return true
}
Call the handler from SwiftUI or app delegate URL handling:
.onOpenURL { url in
do {
if try handleRevylAuthBypass(url) {
AuthBypassStatus.shared.accepted()
}
} catch {
AuthBypassStatus.shared.rejected(String(describing: error))
}
}
Replace TestSession, AppRouter, AppRoute, and AuthBypassStatus with the app's real session and UI surfaces.
Start a fresh Revyl session with launch vars attached:
export REVYL_AUTH_BYPASS_TOKEN="<test-only-token>"
revyl global launch-var update REVYL_AUTH_BYPASS_TOKEN --value "$REVYL_AUTH_BYPASS_TOKEN"
revyl dev --platform ios --no-build \
--launch-var REVYL_AUTH_BYPASS_ENABLED \
--launch-var REVYL_AUTH_BYPASS_TOKEN
Then verify valid and rejected links:
revyl device navigate --url "myapp://revyl-auth?token=$REVYL_AUTH_BYPASS_TOKEN&role=buyer&redirect=%2Fcheckout"
revyl device screenshot --out /tmp/revyl-auth-bypass-ios-valid.png
revyl device navigate --url "myapp://revyl-auth?token=wrong-token&role=buyer&redirect=%2Fcheckout"
revyl device navigate --url "myapp://revyl-auth?token=$REVYL_AUTH_BYPASS_TOKEN&role=admin&redirect=%2Fcheckout"
revyl device navigate --url "myapp://revyl-auth?token=$REVYL_AUTH_BYPASS_TOKEN&role=buyer&redirect=%2Fadmin"
revyl device screenshot --out /tmp/revyl-auth-bypass-ios-rejected.png
REVYL_AUTH_BYPASS_ENABLED=true.