capacitor-community / generic-oauth2 Goto Github PK
View Code? Open in Web Editor NEWGeneric Capacitor OAuth 2 client plugin. Stop the war in Ukraine!
License: MIT License
Generic Capacitor OAuth 2 client plugin. Stop the war in Ukraine!
License: MIT License
I am currenty working on a mobile app for both ios and android, which is going to need oauth for its authoriztion.
While registering client-ids in our backend and implementing this plugin I came across an issue, the plugin doesn't seem to support "id_token token" as valid responseType, though our service does expect this repsonseType.
According to the AppAuth documentation, the sdk's also support OpenID Connect, which specifies the usage of alternative responseTypes such as "id_token token" and "id_token code".
Would it be possible for this plugin to also support these specs / responseTypes? or atleast the "id_token token" as a first step to supporting more of the OpenID Connect extentions?
extras:
Linkto openId connect specs
AppAuth stating it supports OpenID Connect.
oauth 2.0 on Extensibility
I introduce a option to disable this but by default this should be handled by the plugin. Although I thougth in #3 that it is not required.
But if the plugin handles the access_token as well. Authentication and access should be faster. The alternative would be to hand the access_token to the plugin as the client user stores it.
Check if and how this plugin, which was intended to only support OAuth2 is extendable for OpenId.
Hi,
Have you considered integrating LINE messenger login flow?
LINE is the extremely popular messenger app in Japan and South East Asia (e.g. Thailand). Curious how difficult would be to make it work with Capacitor on iOS and Android...
Including a state is recommended and therefore the plugin automatically includes one.
If users set the option themself the plugin does not overwrite it.
I've got this error from Gradle when trying to sync the project after adding the plugin:
Could not get unknown property 'bundleRelease' for object of type org.gradle.api.publish.maven.internal.publication.DefaultMavenPublication.
Not sure how to fix it, @moberwasserlechner any suggestions?
I need to support cloud storage providers like OneDrive, Google Drive, DropBox and so on.
The actual access to resources is handled by the backend, so only the authentication is done by to user on the client this results in the authorizationCode
, which is sent to the backend. The backend performs the retrieval of accessToken
and most important the refreshToken
Unfortunately Code Flow with PKCE is no option because various OAuth providers support only native apps for this flow and web apps/PWAs are forced to use Implizit Flow. I need the refreshToken to access resources without the users interaction.
As stated in #31 Microsoft (Azure AD) supports implicit flow for iOS but the access token is returned as url parameter starting with # instead of ?
On Webservers # url params get removed because they are client side only but on the native app it should/could work.
See https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-implicit-grant-flow#get-access-tokens for details.
In the browser impl of this plugin # started url params are supported see https://github.com/moberwasserlechner/capacitor-oauth2/blob/33c041e248d0a18ef491f042336c9dcf36a3bd38/src/web-utils.ts#L66
I created a new task because the user closed the other one.
In our app a significant portion of the flow will involve the server taking action on behalf of the user, to accomplish this we need to get a refresh token when the user logs in, and be able to put it on the server. What's the recommended flow using this library to do something like that?
I've gotten the access token locally on the device, but I'm unsure of how to get the refresh token.
So far I've been thinking of changing the customScheme to be a URL on the remote server then having the user login using that, then redirecting back to the app by redirecting to the actual local customScheme URL once that's done. Not sure what to do to pass the cookie from the server / some other auth method to the actual app code at that point though.
Consitent codes across all platforms.
Only codes can be processed properly.
Hi
Ionic:
ionic: 4.12.0
@ionic-native/core: ^5.0.0
@ionic/angular: ^4.1.0
Capacitor:
@capacitor/android: ^1.0.0-beta.22
@capacitor/cli: 1.0.0-beta.22
@capacitor/core: 1.0.0-beta.22
System:
node : v10.15.3
npm : 6.9.0
OS : Deepin 15.9.3
I've got an error ERR_STATES_NOT_MATCH
on Android, but on Browser everything works as expected. In Browser I see an URL like
localhost:8100/#access_token=...&expires_in=...&token_type=Bearer&state=SAME_AS_IN_REQUEST
And everything is works
The web/pwa implementation retrieves the token by using response_type=token
on the authorization request.
Thats differs how its done in Android.
Within this task I will use response_type=code
with a code_challenge in the web implementation as well.
Some provider support options which are not defined in the OAuth2 standard.
Attention: cocoapods are one version number behind the rest ;)
Installing the plugin and running npx cap update
works well for all platforms except iOS:
✖ update ios: ENOENT: no such file or directory, open 'ios/App/public/cordova.js'
[error] Error running update: { [Error: ENOENT: no such file or directory, open 'ios/App/public/cordova.js']
errno: -2,
code: 'ENOENT',
syscall: 'open',
path: 'ios/App/public/cordova.js' }
And add option "responseType" if someone wants to use "code".
In google console I see a handful of crashes with the following stacktrace attached
Caused by: java.lang.NullPointerException:
at com.byteowls.capacitor.oauth2.OAuth2ClientPlugin.handleOnActivityResult (OAuth2ClientPlugin.java:224)
at com.getcapacitor.Bridge.onActivityResult (Bridge.java:748)
at com.getcapacitor.BridgeActivity.onActivityResult (BridgeActivity.java:209)
at android.app.Activity.dispatchActivityResult (Activity.java:7634)
at android.app.ActivityThread.deliverResults (ActivityThread.java:4622)
Any idea what might be causing this?
Using version 1.0.1 with the following invocation:
return from(Plugins.OAuth2Client.authenticate(
{
appId: this._appConfig.thirdPartyAPIs.googleOAuth.clientId.web,
authorizationBaseUrl: 'https://accounts.google.com/o/oauth2/auth',
accessTokenEndpoint: 'https://www.googleapis.com/oauth2/v4/token',
scope: 'email profile',
resourceUrl: 'https://www.googleapis.com/userinfo/v2/me',
web: {
redirectUrl: 'http://localhost:4200',
windowOptions: 'height=600,left=0,top=0'
},
android: {
appId: this._appConfig.thirdPartyAPIs.googleOAuth.clientId.android,
responseType: 'code',
customScheme: 'com.myapp.android:/'
},
ios: {
appId: this._appConfig.thirdPartyAPIs.googleOAuth.clientId.ios,
responseType: 'code',
customScheme: 'com.myapp.myapp:/'
}
}
)
Web: localStorage or cookie
Android: shared preferences
New method for handling Logout especially for customHandlerClass (Facebook).
Because the SDK caches the access token.
OAuth2ClientPlugin.java line 222 < response = AuthorizationResponse.fromIntent(data);>
Will crash the application when data is null.
When chrome custom tabs(used by AppAuth) redirect back to the application using the uri scheme, the data provided to handleOnActivityResult can be null.
Passing this to the AuthorizationReponse.fromIntent causes the application to crash.
Edit:
The same sort of issue can be found here
Before releasing the first beta I want to upgrade to Capacitor beta11.
It is possible for the user to close the popup window and not authenticate, this results in a failed login attempt without any means to catch it.
The workaround that I have found is to set an interval and watch the windowHandle.close
of OAuth2Client class, but this property is not public meaning that in TypeScript I have to extend the interface.
It's quite a bit of extra work and could easily be part of the source.
I am trying to use [email protected], but I could not find documentation about which version of capacitor it is compatible with. Could you clarify?
I keep getting the issue #36, and I have tried the following capacitor versions: beta.17
, beta.19
, 1.0.0
but the issue persists.
Hi
could really use some help , using capacitor with capacitor-oauth2 and VueJS
I am trying to get an accessToken from AzureAD
it works fine on web, but not on IOS
I get an info message in console with
To Native -> OAuth2Client authenticate 127389189
the Token its returned from native project I am not receiving it back
here is my config
const config = {
additionalParameters: {
'prompt':'login',
'login_hint':'[email protected]',
'nonce': 'jahsdjahsdk',
}
authorizationBaseUrl: "https://login.microsoftonline.com/{tenant id}/oauth2/v2.0/authorize",
pkceDisabled: true,
appId: '777777-777777-777777-77777',
scope: "user.readwrite",
accessTokenEndpoint: "https://login.microsoftonline.com/{tenant id}/oauth2/v2.0/token",
web: {
redirectUrl: "http://localhost:8080/start",
windowOptions: "height=600,left=0,top=0",
responseType: "token",
},
ios: {
appId: '777777-777777-7777-7777-77777777',
customScheme: "capacitor://localhost",
responseType: "token"
}
}; `
login(){
return await this.OAuth2Client.authenticate(
config
).then(resourceUrlResponse => {
let accessToken = resourceUrlResponse["access_token"];
return accessToken;
}).catch(reason => {
console.error("OAuth rejected", reason);
});
}
Thanks for the support !
/Ibrahim
So I've been able to prove out authenticating with Auth0 via the web plugin (although there's a CORS issue with the request headers, I'll create a seperate issue for that) however, when I go to authenticate with the iOS plugin it's throwing the following error...
To Native -> OAuth2Client authenticate 50216884
2019-06-21 09:59:34.058638+1200 App[870:157200] [MC] System group container for systemgroup.com.apple.configurationprofiles path is /private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles
2019-06-21 09:59:34.064168+1200 App[870:157200] [MC] Reading from public effective user settings.
2019-06-21 09:59:37.683308+1200 App[870:157302] [BoringSSL] nw_protocol_boringssl_get_output_frames(1301) [C1.1:2][0x100e3f060] get output frames failed, state 8196
2019-06-21 09:59:37.684177+1200 App[870:157302] [BoringSSL] nw_protocol_boringssl_get_output_frames(1301) [C1.1:2][0x100e3f060] get output frames failed, state 8196
2019-06-21 09:59:37.685975+1200 App[870:157302] TIC Read Status [1:0x0]: 1:57
2019-06-21 09:59:37.686141+1200 App[870:157302] TIC Read Status [1:0x0]: 1:57
The promise from the authenticate call doesn't ever seem to resolve/reject and I'm at a bit of a loss to figure out the issue. Any ideas what I might be dealing with here? I can provide authentication options if needed.
Thanks for a great plugin! In our situation we need to provide oAuth flow with code, but we can't store client_id and secrets on the client app. We are using Java spring oauth on the backend, all we need to use is Capacitor Browser
plugin. I was able to get everything working but couldn't close the Browser upon browserPageLoaded
event upon looking for specific client side redirect url. What I get from this event is empty.
I understand this is not the forum to ask this question, since we are on the oAuth topic, any direction would be highly appreciated. We need to get this accomplished both on ios, android and web
.
Thanks in advance
public interface OAuth2CustomHandler {
void getAccessToken(Activity activity, PluginCall pluginCall, final AccessTokenCallback callback);
boolean logout(Activity activity, PluginCall pluginCall);
}
MainActivity has leaked ServiceConnection net.openid.appauth.browser.CustomTabManager$1@2f048d4 that was originally bound here
android.app.ServiceConnectionLeaked: Activity com.byteowls.teamconductor.MainActivity has leaked ServiceConnection net.openid.appauth.browser.CustomTabManager$1@2f048d4 that was originally bound here
at android.app.LoadedApk$ServiceDispatcher.<init>(LoadedApk.java:1336)
at android.app.LoadedApk.getServiceDispatcher(LoadedApk.java:1231)
at android.app.ContextImpl.bindServiceCommon(ContextImpl.java:1450)
at android.app.ContextImpl.bindService(ContextImpl.java:1422)
at android.content.ContextWrapper.bindService(ContextWrapper.java:636)
at android.support.customtabs.CustomTabsClient.bindCustomTabsService(CustomTabsClient.java:71)
at net.openid.appauth.browser.CustomTabManager.bind(CustomTabManager.java:95)
at net.openid.appauth.AuthorizationService.<init>(AuthorizationService.java:116)
at net.openid.appauth.AuthorizationService.<init>(AuthorizationService.java:94)
at net.openid.appauth.AuthorizationService.<init>(AuthorizationService.java:83)
at com.byteowls.capacitor.oauth2.OAuth2ClientPlugin.authenticate(OAuth2ClientPlugin.java:145)
at java.lang.reflect.Method.invoke(Native Method)
at com.getcapacitor.PluginHandle.invoke(PluginHandle.java:99)
at com.getcapacitor.Bridge$2.run(Bridge.java:473)
at android.os.Handler.handleCallback(Handler.java:751)
at android.os.Handler.dispatchMessage(Handler.java:95)
at android.os.Looper.loop(Looper.java:154)
at android.os.HandlerThread.run(HandlerThread.java:61)
Causes the App to reload / restart Capacitor
Hello!
Just curious, would it be helpful to this plugin if Capacitor would support SFAuthenticationSession and Chrome Custom Tabs, as a part of their Browser API?
I'm thinking those two would be good additions to the Capacitor Browser API.
On Android I have a weird problem:
The login does not fail because the the authentification fails. The flow is successfully executed and the response from the resource url queried but the when the plugin calls call.resolve(response)
it is not passed to my application code.
I have no error or warning. The promise is simply not resolved. If I restart the app the first login works but the problem persists.
On the web and on IOS there is no problem.
System Information:
Initial Situation:
Therefore I use:
With that setup I achieved already:
Problem:
I followed the steps in the readme from https://github.com/moberwasserlechner/capacitor-oauth2/blob/master/README.md
app.component.ts
import { Component, OnInit } from '@angular/core';
import { registerWebPlugin } from "@capacitor/core";
import { OAuth2Client } from '@byteowls/capacitor-oauth2';
@Component({
selector: 'app-root',
templateUrl: 'app.component.html'
})
export class AppComponent implements OnInit {
constructor() {}
ngOnInit() {
console.log("Register custom capacitor plugins");
registerWebPlugin(OAuth2Client);
}
}
home.page.ts
import { Component } from '@angular/core';
import { Plugins } from '@capacitor/core';
@Component({
selector: 'app-home',
templateUrl: 'home.page.html',
styleUrls: ['home.page.scss'],
})
export class HomePage {
constructor() { }
async googleLogin() {
try {
const resourceUrlResponse = await Plugins.OAuth2Client.authenticate({
appId: "XXX.apps.googleusercontent.com",
authorizationBaseUrl: "https://accounts.google.com/o/oauth2/auth",
accessTokenEndpoint: "https://www.googleapis.com/oauth2/v4/token",
scope: "email profile",
resourceUrl: "https://www.googleapis.com/userinfo/v2/me",
web: {
redirectUrl: "http://localhost:8100",
windowOptions: "height=600,left=0,top=0"
},
android: {
appId: "XXX.apps.googleusercontent.com",
responseType: "code",
customScheme: "com.xxx.playground.googleLogin07"
}
})
}
catch (err) {
console.error(err);
}
}
}
On an device this code results in an error-message from Google:
This is plausible. It seems to be that the method Plugins.OAuth2Client.authenticate() tries to do a web-based login where an android login is needed. Am I right?
If I make a call without the "web"-parameter like this...
const resourceUrlResponse = await Plugins.OAuth2Client.authenticate({
appId: "XXX.apps.googleusercontent.com",
authorizationBaseUrl: "https://accounts.google.com/o/oauth2/auth",
accessTokenEndpoint: "https://www.googleapis.com/oauth2/v4/token",
scope: "email profile",
resourceUrl: "https://www.googleapis.com/userinfo/v2/me",
android: {
appId: "XXX.apps.googleusercontent.com", //--> I tried both, android- and web-client key from the google clout platform console.
responseType: "code",
customScheme: "com.xxx.playground.googleLogin07"
}
})
...the method Plugins.OAuth2Client.authenticate() returns a blank error object --> {}
What am I doing wrong?
Hi there!
Great job with this library, been using it and I love it. However, I've been having some issues with the docs on manifestPlaceholders
(Google implementation).
When implementing it in default it wouldn't parse or it would get replaced. I end up with an error and can't get over it. I found this comment openid/AppAuth-Android#323 (comment) that explained it.
Can you help me?
Can I put that string inside the AndroidManifest.xml somehow?
I'm trying to use this plugin to add OAuth 2.0 authentication to an Ionic 4 app. I'm using Okta as my provider and I'm able to get "web" login to work. When I try to make it work in iOS Simulator, I get an error. It does redirect back to my app successfully.
Here's the full log from Xcode:
Loading network plugin
2019-04-08 10:51:21.596427-0600 App[28645:712874] CAPKeyboard: resize mode - native
⚡️ Loading app at capacitor://localhost...
Reachable via WiFi
APP ACTIVE
⚡️ [log] - Angular is running in the development mode. Call enableProdMode() to enable the production mode.
⚡️ [log] - Ionic Native: deviceready event fired after 286 ms
⚡️ [warn] - Native: tried calling StatusBar.styleDefault, but the StatusBar plugin is not installed.
⚡️ [warn] - Install the StatusBar plugin: 'ionic cordova plugin add cordova-plugin-statusbar'
⚡️ [warn] - Native: tried calling SplashScreen.hide, but the SplashScreen plugin is not installed.
⚡️ [warn] - Install the SplashScreen plugin: 'ionic cordova plugin add cordova-plugin-splashscreen'
⚡️ [log] - Register custom capacitor plugins
⚡️ To Native -> App addListener 100427320
⚡️ WebView loaded
SplashScreen.hideSplash: SplashScreen was automatically hidden after default timeout. You should call `SplashScreen.hide()` as soon as your web app is loaded (or increase the timeout). Read more at https://capacitor.ionicframework.com/docs/apis/splash-screen/#hiding-the-splash-screen
⚡️ To Native -> OAuth2Client authenticate 100427321
2019-04-08 10:51:27.030836-0600 App[28645:712874] [MC] System group container for systemgroup.com.apple.configurationprofiles path is /Users/mraible/Library/Developer/CoreSimulator/Devices/5E87F505-456A-44B3-A682-9E1943F56211/data/Containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles
2019-04-08 10:51:27.031220-0600 App[28645:712874] [MC] Reading from private effective user settings.
2019-04-08 10:51:34.804082-0600 App[28645:712956] [BoringSSL] nw_protocol_boringssl_get_output_frames(1301) [C1.1:2][0x7fc75e501000] get output frames failed, state 8196
2019-04-08 10:51:34.804220-0600 App[28645:712956] [BoringSSL] nw_protocol_boringssl_get_output_frames(1301) [C1.1:2][0x7fc75e501000] get output frames failed, state 8196
2019-04-08 10:51:34.804645-0600 App[28645:712956] TIC Read Status [1:0x0]: 1:57
2019-04-08 10:51:34.804785-0600 App[28645:712956] TIC Read Status [1:0x0]: 1:57
@byteowls/capacitor-oauth2: Access resource request failed with The operation couldn’t be completed. (OAuthSwiftError error -11.).
ERROR MESSAGE: {"errorMessage":"","message":"ERR_GENERAL"}
2019-04-08 10:51:35.123647-0600 App[28645:713548] [BoringSSL] nw_protocol_boringssl_get_output_frames(1301) [C2.1:2][0x7fc7ce409c60] get output frames failed, state 8196
2019-04-08 10:51:35.123779-0600 App[28645:713548] [BoringSSL] nw_protocol_boringssl_get_output_frames(1301) [C2.1:2][0x7fc7ce409c60] get output frames failed, state 8196
⚡️ [error] - OAuth rejected {"errorMessage":"","message":"ERR_GENERAL"}
2019-04-08 10:51:35.124128-0600 App[28645:713548] TIC Read Status [2:0x0]: 1:57
2019-04-08 10:51:35.124256-0600 App[28645:713548] TIC Read Status [2:0x0]: 1:57
I've published my app to https://github.com/mraible/ionic-4-oauth2. You should be able to login with demo/Password1
as credentials.
I have some questions after making this attempt:
issuer
instead of authorizationBaseUrl
, accessTokenEndpoint
, and resourceUrl
? With OIDC discovery, these values can be looked up. For example, you can find the values for my Okta tenant at https://dev-737523.oktapreview.com/oauth2/default/.well-known/openid-configurationIn Ionic 3, I used https://github.com/manfredsteyer/angular-oauth2-oidc, and wrote a blog post to explain how I did it. I'm hoping to do the same for Ionic 4.
I set up Facebook and Google for Android. Facebook works as expected. However, with Google, after I've selected which account to connect, it then asks me to choose which app to go back to. It lists the correct app, but it lists it twice for some reason. Selecting one completely reopens the app, and so the connection doesn't work. Selecting the other takes you back to the open app and it DOES work.
The screenshot shows it split based on which I had previously selected but the first time it asked me it showed both in a list, both with app.temployee.app
as the package name
Do you have any idea what I could be doing wrong?
Please, close this issue.
Hello at the time of writing
registerWebPlugin(OAuth2Client);
Get the following message:
Argument of type 'OAuth2ClientPluginWeb' is not assignable to parameter of type 'WebPlugin'.
Types have separate declarations of a private property 'addWindowListener'.
Ionic:
ionic (Ionic CLI) : 4.9.0 (...AppData\Roaming\nvm\v11.8.0\node_modules\ionic)
Ionic Framework : @ionic/angular 4.0.0-rc.1
@angular-devkit/build-angular : 0.12.1
@angular-devkit/schematics : 7.1.4
@angular/cli : 7.1.4
@ionic/angular-toolkit : 1.2.2
Capacitor:
capacitor (Capacitor CLI) : 1.0.0-beta.17
@capacitor/core : 1.0.0-beta.17
Cordova:
cordova (Cordova CLI) : not installed
Cordova Platforms : not available
Cordova Plugins : not available
System:
NodeJS : v11.8.0 (C:\Program Files\nodejs\node.exe)
npm : 6.5.0
OS : Windows 10
Setup:
Scenario:
On iOS and web:
On iOS, the link opens in an external browser window, but the redirect correctly points to the app itself (as the custom scheme is register) so I am able to get the token from the URLs callback.
On Android I encounter the following problem::
I observed that the native code of the plugin is not executed on Android (breakpoints not reached) and I am concerned this could be the cause, but the MainActivity seems properly configured so I do not know where else to look:
public class MainActivity extends BridgeActivity {
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
// Initializes the Bridge
this.init(savedInstanceState, new ArrayList<Class<? extends Plugin>>() {{
// Additional plugins you've installed go here
// Ex: add(TotallyAwesomePlugin.class);
add(OAuth2ClientPlugin.class);
}});
}
}
Note: this issue looks similar to #47 but opening a new issue for clarity and also because using different Id provider.
Any idea on what I could be doing wrong/missing?
Hi,
Is it possible to make this plugin work with Sign in with Apple
, that is expected to come this fall with iOS13?
Hey Michael, first of all thank you for creating and maintaining this great plugin!
I was following the docs to create the iOS Facebook login and had problems with the YourIOsFacebookOAuth2Handler
class. I got following two issues and did some changes to make them work again:
Value of type 'AccessToken' has no member 'authenticationToken':
...
if let accessToken = AccessToken.current {
success(accessToken.authenticationToken)
} else {
...
changed to
if let accessToken = AccessToken.current {
success(accessToken.tokenString)
} else {
...
Use of unresolved identifier 'ReadPermission'
...
self.loginManager!.logIn(readPermissions: [ ReadPermission.publicProfile ],
...
changed to
self.loginManager!.logIn(permissions: [ Permission.publicProfile ],
I'm new to Capacitor, I'm new to swift. If I'd be more confident in it would have turned into a PR right away. 🙈
What do you think?
Hey Michael, I hope all is well, I have a pretty urgent request that will need to be addressed to continue to allow Capacitor to work out of the box for browsers.
Import * as base64 from 'base64-js' uses UMD exports and causes the browser to throw an error when ran natively. This is found in your web-utils.js file.
I would recommend using This Base64 package from NPM which will allow you to use native es6 imports and then leave it up to the end user to transpile/build. It will also support code splitting/tree shaking to ensure that you only include what you use from the package.
It also is one of the most widely used Base64 packages on NPM at around 5 million per week downloads.
I can gladly make a PR using the more up to date base64 package. Please let me know how we can move forward on this as quickly as possible or how I can help in any way.
All the best,
-Tsavo
On iOS, I'm getting
Main Thread Checker: UI API called on a background thread: -[UIApplication canOpenURL:]
in XCode when "Sign In with Facebook" dialog pops up. Shouldn't we wrap LoginManager
calls in DispatchQueue.main.async { }
?
For me this solved the issue...
Hi,
With the provided documentation for Facebook, I always get "Login cancelled by user". Don't we have to add this code:
if let scheme = url.scheme, let host = url.host {
if scheme == "fb\(SDKSettings.appId)" && host == "authorize" {
return SDKApplicationDelegate.shared.application(app, open: url, options: options)
}
}
to the
func application(_ app: UIApplication, open url: URL, options: [UIApplicationOpenURLOptionsKey : Any] = [:]) -> Bool { }
in AppDelegate.swift
?
For me, this fixed the issue...
I am trying to migrate from cordova-plugin-googleplus. In the previous plugin the response I was getting from logging in with google included an idToken which I sent to my server and obtained a refresh_token and the issuer additionally to all the other info I am getting now if I sent just the access_token that is returned from using this plugin.
Plugins.OAuth2Client.authenticate(
{
appId: this._appConfig.thirdPartyAPIs.googleOAuth.clientId,
authorizationBaseUrl: 'https://accounts.google.com/o/oauth2/auth',
accessTokenEndpoint: 'https://www.googleapis.com/oauth2/v4/token',
scope: 'email profile',
resourceUrl: 'https://www.googleapis.com/userinfo/v2/me',
web: {
redirectUrl: 'http://localhost:4200',
windowOptions: 'height=600,left=0,top=0'
},
android: {
appId: 'xxxx.apps.googleusercontent.com',
responseType: 'code', // if you configured a android app in google dev console the value must be "code"
customScheme: 'com.example.android:/'
},
ios: {
appId: 'xxxx.apps.googleusercontent.com',
responseType: 'code',
customScheme: 'com.example.app:/'
}
}
)
The response I get contains these fields:
email: string;
name: string;
family_name: string;
given_name: string;
verified_email: boolean;
picture: string;
locale: string;
id: string;
access_token: string;
Full-Screen MacOS Redirect "Not Found" Error.
Hello Michael! Tsavo Here,
I released a beta out yesterday to a few test groups and they seem to be running into an issue in fullscreen mode on OSX, which also seems to be an issue in the browser on Mobile for iOS and Android.
Error: Error: Not found at intervalId.setInterval
File: http://localhost:8081/node_modules/@byteowls/capacitor-oauth2/dist/esm/web.js
I am trying to do further debugging but it seems to be a vague error. I believe it is due to that fact that in fullscreen mode the redirect launches a new tab whereas in a non-fullscreen window the redirect creates a new window allowing for proper resolution back to the previous window.
Do you have any initial thoughts on this/have you encountered this situation?
Additionally, is there any way that we can further and formally collaborate on this. Am more than willing to help fund development/help develop myself.
Please let me know what I can do to help with this process, much appreciated - Tsavo Knott
Attached is a screenshot of the two types of views I am describing.
Full Window: "Blue dot thrown on Origin Tab"
This is the redirected Tab.
Final Console Log:
Hello I have the following problem:
error: cannot access AppCompatActivity
class file for android.support.v7.app.AppCompatActivity not found
File: OAuth2ClientPlugin.java
Ionic:
ionic (Ionic CLI) : 4.12.0
Ionic Framework : @ionic/angular 4.3.0
@angular-devkit/build-angular : 0.13.8
@angular-devkit/schematics : 7.1.4
@angular/cli : 7.1.4
@ionic/angular-toolkit : 1.2.3
Capacitor:
capacitor (Capacitor CLI) : 1.0.0-beta.19
@capacitor/core : 1.0.0-beta.19
Cordova:
cordova (Cordova CLI) : not installed
Cordova Platforms : not available
Cordova Plugins : not available
System:
NodeJS : v10.15.3 (C:\Program Files\nodejs\node.exe)
npm : 6.4.1
OS : Windows 10
More info:
Wrong 1st argument type. Found: 'android.support.v7.app.AppCompatActivity', required: 'android.app.Activity'
In this line: handler.getAccessToken(getActivity(), call, new AccessTokenCallback()
Thanks
We'd like to let our users log in with the code flow + PKCE, then store the refresh token as well client-side (only for the Android/iOS version), in our case from Azure AD B2C. In short, we are looking for the following behavior:
Would be great if we could add a function to this library called refresh()
or similar which gets a fresh access token from the server (no iFrames/etc. needed). See this Microsoft Azure B2C example for refreshing the access token.
I think it would be enough if this library provided a function refresh(refresh_token: string) {}
to get a new access token based on the given refresh token. Combined with Capacitor's background fetch operations (coming soon), the token can be refreshed at regular intervals, so that the user doesn't have to log in over and over again.
One major point to emphasize here, is that this should only be done with the Android/iOS version in combination with the Secure Storage Plugin because we can't safely store refresh tokens securely in the browser (yet).
I'm happy to provide a PR for this, but would like to ask what you think of this approach and if you think it's feasible and secure enough.
I wrote this plugin that does the oauth stuff for Twitter and linked your lib as a related project.
can I send a PR linking my plugin as well?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.