Use custom scheme for AuthorizationEndpoint

[mwilzin]

I'm trying to implement the DATEV OAuth2.0/OpenID Connect into my application but I'm occurring some errors... They don't use a website for mobile authentication on their side but their own app: https://apps.apple.com/app/id943870921 Its scheme to call a login session on both iOS and Android is as followed: datevsmartlogin://doLogin/ So when parsing in this URL for the authorizationEndpoint and all other required endpoint from the discoveryURL: https://login.datev.de/openid/.well-known/openid-configuration into my own configuration it looks like this

serviceConfiguration: const AuthorizationServiceConfiguration(
  authorizationEndpoint: 'datevsmartlogin://doLogin/',
  tokenEndpoint: 'https://api.datev.de/token',
  endSessionEndpoint: 'https://api.datev.de/endsession',
),

But when executing the login flow with the flutter_appauth packages there's an error on both Android and iOS denying the use of non https or http endpoints for the authorizationEndpoint. I have to use the app to make the Authorization so am I missing something here or is this just a problem of the package? Thanks

[hschaeufler]

authorizationEndpoint needs a Webpage which will first shown in a secure ASWebAuthenticationSession. When you look in the https://login.datev.de/openid/.well-known/openid-configuration you see https://login.datev.de/openid/authorize as authorization_endpoint. From this Page maybe Datev opens there App via Deeplink?

"authorization_endpoint": "https://login.datev.de/openid/authorize",

[mwilzin]

Hey thanks for your reply, I really appreciate it. Yes I saw this link but DATEV also has its own package which sadly only works natively. When initiating a login session with this package it automatically opens the app via a deeplink without a web session in between. I would like to rebuild this flow as this would ease up the use flow.