cordova-plugin-inappbrowser
cordova-plugin-inappbrowser copied to clipboard
apache
Client digital certificate authentication doesn't work
Hi!
I am trying to log in with digital certificate on android and ios devices but doen't work with inappbrowser.
-
First I installed on my device the digital certificate and tried to log in with google chrome and with native browser (samsung browser) and the both browser ask for select an digital certificate (show popup with list of certificates). --> this step works okay.
-
With inappbrowser plugin and target option: _system --> that runs system's web browser and also ask for select an digital certificate. But this option its not valid for me because my ulr has a redirect url with token and with this option I can not capture the event when redirect is done for extract token from the redirected url.
-
With inappbrowser plugin and target option: _blank --> opens inappbrowser and I can capture event when redirect the url (with browser.on('loadstop')). The problem here is when I click on log in with digital certificate, don't ask me for choose a digital certificate (don't show the popup) and shows "Web page not available" net::ERR_BAD_SSL_CLIENT_AUTH_CERT on Android device.
On iOS devices happen the same issue.
Thanks.
@janpio I am talking about client-certificate authentication to a web application where user has to authenticate himself via a authentication certificate (digital signature).
If someone have this same problem: I achieved to solve this issue using this plugin with CordovaView (target option: "_system") for open browser with parameter uri redirect, And for back to the app I used deeplinks plugin.
Hi @yaro08 I have a similar scenario, how did you manage to go back to your app after the authentication in the external system? You've mentioned the usage of deeplinks, could you elaborate a bit on that? Thank you ;)
Hi @joaomartinsOS I will try to elaborate how I did it, maybe today or tomorrow.
hi @yaro08 I've managed to find a solution using as well deep links! ;)
@joaomartinsOS Great!! Sorry for late reply, I was too busy.
If for someone is useful: my url have like this structure: https://mydomain.com/....&redirect_uri=myapp://localhost/callback
when user login success, the server redirect to user to: myapp://localhost/callback and with deep links browser go back to te app
and the config for install it is something like this:
<plugin name="ionic-plugin-deeplinks" spec="^1.0.17">
<variable name="URL_SCHEME" value="myapp" />
<variable name="DEEPLINK_SCHEME" value="https" />
<variable name="DEEPLINK_HOST" value="localhost" />
</plugin>
It isn't the cleanest way to solve this issue but it's works.
Same problem here.
Could you explain how to capture the token of the redirected URL with the deeplinks?
Thanks a lot
Same problem here.
Could you explain how to capture the token of the redirected URL with the deeplinks?
Thanks a lot
Hi @Hanzofm you should capture the token with InAppBrowser lifecycle hooks (.on() )
In my case, firstly I open inappbrowser with target: _blank (with this option browser can't read digital certificates) if user do click on login with certificate, I get the new url and close the browser. Next I open a new instance of inappbrowser with target: system (now I can read certificates) and after user selects the certificate and backend do login I can get the token.
Hope it can help you
hi @Hanzofm, I've used this in the context of an OutSystems application, you can see the detailed implementation in the last post of that thread. Once we have external authentication configured on the platform level, all the applications will use the same configurations, so, the callback is still made to a web screen that will then navigate to the mobile app via a deep link. Maybe this is not the solution for you but might serve as an inspiration for your's.
Cheers!
I have exactly the same problem as @yaro08 but in my case, I can't use the indicated solution. The client demands that the navigation not leave the app (_self or _blank).
Is there any other solution known?
