flutter_appauth
flutter_appauth copied to clipboard
MaikuB
AuthorizeAndExchangeCode working on Android but hangs on IOS
I'm trying to use flutter_appauth to connect to an IdentityServer. I use a client secret. On Android it works. But on IOS AuthorizeAndExchangeCode never gets a result and hangs.
I've set Url callbacks on IOS like this:
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleTypeRole</key>
<string>Editor</string>
<key>CFBundleURLName</key>
<string>com.app.my</string>
<key>CFBundleURLSchemes</key>
<array>
<string>com.app.my://login-callback</string>
</array>
</dict>
</array>
Is there something else that might be wrong? Is there a way to test that the CFBundleURLTypes are used and can be called by the app? I have no errors, the app only hangs. I tried both the example from this repository and the example from Auth0.
@postpasspost If you download/clone the entire repo then you should've found example works as it had been configured to connect to a demo IdentityServer. I've just checked this again as well. If you had issues, I'm guessing you had only copied and then made modifications. You're suppose to specify the scheme as part of the setup for Android and iOS, not the entire redirect URI. You seem to have done the latter for iOS. If you look at the example app, you can see how the values are configured. The only place where the redirect URI is used is in the Dart code.
I have also tried like this and the app still hangs on iOS.
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleTypeRole</key>
<string>Editor</string>
<key>CFBundleURLName</key>
<string>com.app.my</string>
<key>CFBundleURLSchemes</key>
<array>
<string>com.app.my</string>
</array>
</dict>
</array>
If you're still having issues then you're going to need to look further into it and debug. What was documented in the readme is all that's need when it comes to iOS setup and the example working with the demo server. Some things I have heard that can potentially cause issues is when things like the scheme and redirect URI aren't all in lowercase or that there's a trailing slash in the redirect URI that shouldn't be there
I guess I found the source of the issue: https://github.com/openid/AppAuth-iOS/issues/232 .It seems that app URIs as a callback are not supported on the iOS implementation of AppAuth. I'm trying a workaround with the mentioned fork and let you know if it works.
Thank you I really don't know how to update the AppAuth iOS inside flutter_appauth. If you can share a way to edit it or even a solution it would be great! Edit: I know now how to fork a repository and how to set it in the pubspec.yaml for use. I still don't know how flutter_appauth links AppAuth iOS.
@hitshydev The issue you found is specific to a scenario where they redirected from a https page as the identity provider doesn't support custom schemes so the page then redirects via a custom scheme i.e. it works fine when the identity provider supports custom schemes. Also, the example app does redirect after signing in whilst pointing to the demo IdentityServer on iOS 11 too.
If you still want to try changing the AppAuth dependency, this is controlled on the iOS side at https://github.com/MaikuB/flutter_appauth/blob/8d266d819ec1fe15fdc7a8bf17d03cbb4655a975/flutter_appauth/ios/flutter_appauth.podspec#L18
However, currently I've yet to see anything to prove an issue exists. This could be done by providing a link to a repo that reproduces the issue
@MaikuB thanks for clarifying the issue. It seems a bit strange that it does not work in my case, since I am working with Azure Active Directory and I registered the specific custom callback URI for that Login and it works on Android. Maybe Microsoft mixed up the Standard. But the behavoir should be the same on both systems, so I hope the issue is going to be patched in the future. Anyways I fixed the Login on iOS together with @wolff9999 as follows:
In the pubspec.yaml I changed the dependency:
flutter_appauth:
git:
url: https://github.com/hitshydev/flutter_appauth
path: flutter_appauth/
And in the ios/Podfile of the project I added to the target 'Runner' do the following:
pod 'AppAuth', :git => 'https://github.com/hitshydev/AppAuth-iOS'
With that the login works as expected on iOS again. I just commented out the callback URI check that is unnecessary in our case.
@hitshydev if by Azure AD you're referring to Azure AD B2C then myself and I others in the community have used the plugin to connect a Flutter application without issues like the one described here. Microsoft's own docs also references using AppAuth e.g. https://docs.microsoft.com/en-us/samples/azure-samples/active-directory-b2c-ios-native-appauth/integrate-azure-ad-b2c-ios-objc/
Edit: I should clarify what I was trying to point out was if it's Azure B2C that you're referring then I doubt there's an issue on Microsoft's end with regards to standards Given both Azure B2C and AppAuth have been around for a while, I would expected this to have been something raised sooner and the article is from 2019
Yes you are right. Currently we are migrating to the new MSAL library instead of using ADAL. Maybe there are some issues in our specific configuration of the system. As we are experiencing multiple issues with the Microsoft Graph API and the MSAL library, which are fairly new, I thought there might be a problem on Microsofts end.
We are having the same problem as previously described, the solution from @hitshydev works just flawlessly, thanks a lot! Had anyone try to create an issue on the underlying iOS lib or try to report it to Microsoft? (we're using MSAL as well)
I am having the same issue with iOS on azure b2c, with Version 0.9.2 of the library.
@hitshydev fork fixes the issue, but it seems like the jist of the changes boil down to commenting out the redirect uri check in the fork of the iOS app auth lib
https://github.com/hitshydev/AppAuth-iOS/commit/68d861fb5a668067b5d88b7c14d26cf47465220f#diff-439e9ef258a108e3c61eeaa5759923905bd205e719351b04a26ef80f0869c51b
Obviously this is not a fix that everyone can go forward with. Has anyone debugged the issue and seen what reply uri is exactly being returned for the cases when it hangs on iOS? Furthermore, is it possible to update flutter_appauth to not hang and instead throw an exception when it encounters this problem?
+1 for encountering this issue linked with Azure B2C and solved using the hitshydev fork.
also facing this issue.. @hitshydev are you able to do a fork with flutter_appauth 1.0.0? To get null_saftey support.
also facing this issue.. @hitshydev are you able to do a fork with flutter_appauth 1.0.0? To get null_saftey support.
I merged the master branch of this repo onto my fork
also facing this issue.. @hitshydev are you able to do a fork with flutter_appauth 1.0.0? To get null_saftey support.
I merged the master branch of this repo onto my fork
@hitshydev thank you very much, works perfectly with the new version!
I was also facing the same issue. I managed to solve it by adding a trailing slash to the redirect url parameter in AuthorizationTokenRequest. Now it works correctly for me. (It looks like maybe the issue was Azure AD appends a trailing slash to the redirect url which causes the validation in AppAuth to fail).
for iOS I had to configure info.plist as it's explained here https://docs.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-ios
