On iOS, two applications can register as handling the same callback URI scheme. Which one gets the callback is non-deterministic. Thus, it is possible for some other app to get the token. I don’t see how an allowlist would mitigate this.
With PKCE, the other app can still intercept the token, but the token is incomplete and useless.
With PKCE, the other app can still intercept the token, but the token is incomplete and useless.