flutter_web_auth_2 icon indicating copy to clipboard operation
flutter_web_auth_2 copied to clipboard

Published 20 hours ago verified publisher icon ThexXTURBOXx

Redirect url after login in Flutter web does not work

Open volkanustekidag opened this issue 1 year ago • 1 comments

Description

I'm trying to provide login using package in a web application. I open the link I created and log in, but the tab is closed and I cannot receive the code I expect. I couldn't understand what I was missing.

Minimal Reproduction

Steps to reproduce the behaviour:

  1. Use the following code: 
    final authorizationUrl = Uri.https(
    ServicesConstants.authorizationUrlProd, '/connect/authorize', {
  'response_type': 'code',
  'client_id': newClientId,
  'redirect_uri': "worksy://auth",
  'grant_type': 'authorization_code',
  'code_challenge': codeChallenge,
  'code_challenge_method': 'S256',
  'scope': 'openid profile offline_access email',
  'state': _generateRandomString(16),
  'nonce': _generateRandomString(16),
  'prompt': 'login'
});

  final result = await FlutterWebAuth2.authenticate(
    url: authorizationUrl.toString(),
    callbackUrlScheme: "worksy",
  );

  final code = Uri.parse(result).queryParameters['code'];



<!DOCTYPE html>
<title>Authentication complete</title>
<p>Authentication is complete. If this does not happen automatically, please close the window.</p>
<script>
    function postAuthenticationMessage() {
        const message = {
            'flutter-web-auth-2': window.location.href
        };

        if (window.opener) {
            window.opener.postMessage(message, window.location.origin);
            window.close();
        } else if (window.parent && window.parent !== window) {
            window.parent.postMessage(message, window.location.origin);
        } else {
            localStorage.setItem('flutter-web-auth-2', window.location.href);
            window.close();
        }
    }

    postAuthenticationMessage();
</script>

Exception or Error

It does not redirect after login and the expected code is not returned

Expected Behaviour

Redirect after login and continue from the first tab

Screenshots

a

Additional context

No response

Device

Mac

OS

MacOS

Browser

Chrome

Flutter version

Channel stable, 3.13.5,

flutter_web_auth_2 version

flutter_web_auth_2 3.1.1

Checklist

  • [X] I have read and followed the entire troubleshooting guide and it has not provided the solution I need.
  • [X] I have provided all the information I can.

volkanustekidag avatar Feb 27 '24 14:02 volkanustekidag

You need to follow exactly the steps in https://github.com/ThexXTURBOXx/flutter_web_auth_2?tab=readme-ov-file#web If you are building a Flutter Web application, you should not redirect to some URL scheme, but your redirect URL needs to point to the auth.html file that is provided in the setup guide.

ThexXTURBOXx avatar Feb 27 '24 14:02 ThexXTURBOXx

You need to follow exactly the steps in https://github.com/ThexXTURBOXx/flutter_web_auth_2?tab=readme-ov-file#web If you are building a Flutter Web application, you should not redirect to some URL scheme, but your redirect URL needs to point to the auth.html file that is provided in the setup guide. @ThexXTURBOXx

Why is http://localhost:5200/auth.html not a valid callbackUrlScheme ?

It get's blocked by the _assertCallbackScheme function.

The regex: RegExp(r'^[a-z][a-z\d+.-]*$') does not allow this: http://localhost:5200/auth.html.

Can you give an example of a valid callbackUrlScheme on WEB ?

If u use Microsoft you can't add a callbackUrlScheme in the settings without providing the prefix: http://...

stan-at-work avatar May 13 '24 09:05 stan-at-work

@stan-at-work Because you are supposed to provide a callback URL scheme, not a full URL. Furthermore, as seen in this line, on Web the callback URL scheme gets ignored anyway, so just provide anything (in your case, just supply http). In general, this is a case of RTFM.

Your comment does also seem to be not related to this issue - so for the future, open an own issue for that. I will also close this issue here as stale.

ThexXTURBOXx avatar May 13 '24 09:05 ThexXTURBOXx

@stan-at-work Because you are supposed to provide a callback URL scheme, not a full URL. Furthermore, as seen in this line, on Web the callback URL scheme gets ignored anyway, so just provide anything (in your case, just supply http). In general, this is a case of RTFM.

Your comment does also seem to be not related to this issue - so for the future, open an own issue for that. I will also close this issue here as stale.

Thanks, that works. You should really consider adding this to the documentation:

Web: callbackscheme = 'http'

This would help ALLOT.

Thanks for the quick response :-)

stan-at-work avatar May 13 '24 09:05 stan-at-work