Comments (14)
Is there any progress on this? Me and a colleague tried to implement a workaround extending OAuthSwift inside this library, but couldn't get a working solution. @moberwasserlechner Do you have any suggestions we could try?
from generic-oauth2.
I experimented a little bit and only authorizationTokens and code flow make sense for this scenario.
As the backend should access resources independently from the user a refresh token is needed in addition to the authorization token and this is only supported in code flow.
from generic-oauth2.
Code flow with PKCE #4 should return refreshTokens.
from generic-oauth2.
As I see no way to retrieve the authorizationCode from oauthSwift I will stop working on this task for now and concentrate on PKCE.
from generic-oauth2.
I need that task because OneDrive Api does not allow code flow on web apps. So the last call to the get accessToken and more important the refreshToken needs to be done on the server.
from generic-oauth2.
@moberwasserlechner Thanks for sharing this great plugin! I'm working on a similar server code flow scenario where a Capacitor app lets the user authenticate with Dropbox or Google Drive to get an authorization code, and our server uses that code to get an accessToken and/or refreshToken. This way our server could transfer files directly from Dropbox/Google.
For native apps, are you still planning to support getting the authorization code for iOS and Android? I noticed that oAuthSwift recently added support for this.
Alternatively, would it make sense to set a redirect URL to the server and have the server capture the authorization code directly? I'm not sure if this approach would work for a native app and your plugin. I've got some learning/experimenting to do here and would like to avoid taking a web view approach. In any case thanks for sharing your plans about authorization codes.
from generic-oauth2.
Yes I still plan to support it for all platforms.
I guess you ask because I removed the labels. I only did that because its needed for all platforms, so I need less labeling ;).
To your alternative: This is a common alternative it should work. Although I never tried it myself. But if this tasks does not work for my scenario this is the way I will go as well.
from generic-oauth2.
Thanks for clarifying. I got it to work with the standard Capacitor Browser plugin by adding some special logic on the redirect URL page (on our server) to trigger a custom URI that loaded the app and included an authentication code as a parameter to the custom URI (so the app could read it on startup).
This worked well overall, though with Android I found it was necessary to set it to a "singleTask" launch mode to avoid multiple instances of the app. Some more background on this approach at https://forum.getcapacitor.com/t/oauth2-auth-code-flow-w-capacitor-browser/266/9
Planning to add Google sign in and some other oAuth providers so expect to be using your plugin again soon. Thanks for sharing!
from generic-oauth2.
Starting with v2.0.0 you can get the code
from the authorization request, if you do not provide the parameters accessTokenEndpoint
and resourceUrl
.
This - however - only works on the Web and Android. On iOS the used lib OAuthSwift does not give me the needed control over the flow to achieve this.
from generic-oauth2.
Hello! Any updates on this?
I have the same issue with Salesforce. As you describe on your first post I want to retrieve only the code in client and then handle the rest on the server side. Is there a workaround for this? Can I do something else to get the code on iOS?
Thanks!
from generic-oauth2.
Hello, I also need to only retrieve the access code using IOS.
It seems there is a workaround, but you have to extend the OAuthSwift plugin
from generic-oauth2.
Add authorization_response
to the response when implementing this. See #154
from generic-oauth2.
Hello, I'm passing the authorization code to my backend server to obtain access token, but it is returning the error "unauthorized_client".
Here are the android options (Vuejs) code
android: {
appId: capacitorConfig.plugins.GoogleAuth.androidClientId,
responseType: 'code',
redirectUrl: capacitorConfig.appId+':/',
//resourceUrl: null,
accessTokenEndpoint: '',
additionalParameters:{
access_type: 'offline',
include_granted_scopes: true,
},
},
And here is the PHP code
$client = new Google_Client();
$client->setClientId('WEB_CLIENT_ID.apps.googleusercontent.com');
$client->setClientSecret('WEB_CLIENT_ID_SECRET');
// $client->setRedirectUri('');
$client->setAccessType('offline');
//$client->setScopes($scope);
$client->setState($state);
$r = $client->fetchAccessTokenWithAuthCode($authCode);
if(isset( $r['error']) && !empty( $r['error']) ){
$response['message'] = $r['error'].' '.$r['error_description'];
return $response;
}
The appId: capacitorConfig.plugins.GoogleAuth.androidClientId,
& $client->setClientId('WEB_CLIENT_ID.apps.googleusercontent.com');
belongs to the same google project, the difference is that one is for android and the other is for web client.
I would appreciate if someone can shed any light on the situation.
from generic-oauth2.
Hi, I've implemented a solution to solve this problem. You can find my code in my fork =>
main...bertrand-sifre:capacitor-oauth2:main
from generic-oauth2.
Related Issues (20)
- Feat: Integration with trapeze to improve configuration
- Auth0 HOT 1
- Bug: Intent filter not working for redirection after login HOT 2
- Feat: Support Android 13 HOT 2
- Support for Capacitor 5 HOT 10
- Is there a way to get a login prompt? HOT 1
- Azure B2C ui_locales is directly supported via the auth request builder exception HOT 2
- I am not able to hide URL bar HOT 2
- accessTokenEndpoint quirk with django backend HOT 1
- Google with android says "Custom scheme URIs are not allowed for 'WEB' client type" HOT 3
- App Store Connect Issue
- Hide navigation bar and footer on iOS HOT 5
- Evidence of the use of safari
- Question: What kind of browser is used for login? HOT 1
- Feat: support universal links on iOS HOT 3
- Azure SSO; Response comes from azure, but does not come to authenticate
- capacitor-oauth2 - Azure SSO is not working in android and ios.Bug:
- Feat: Electron
- IOS 17 keyclock login not working
- Bug: Jest not working when using the plugin
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from generic-oauth2.