AppAuth-Android icon indicating copy to clipboard operation
AppAuth-Android copied to clipboard
verified publisher icon openid

Abort authorization code with PKCE request with data

Open abdallah-odeh opened this issue 1 year ago • 0 comments

Configuration

  • Version: 0.11.1
  • Integration: Java
  • Identity provider: identityServer4

Description

Hello there, I am trying to implement the a device registration scenario,

  1. the user clicks Login
  2. a webview is opened to login using Authorization code with PKCE flow
  3. after a successful login and right before issuing a token
  • if used device is already registered for user
    • then we issue a token & authenticate the user
  • else
    • we abort the login process (close webview), redirect the user to device registration cycle
    • after completing the device registration, we redirect him back to login

currently, the device registration cycle is implemented in the webview the question is; is there a way to close the webview (without access token object) and return an error to the user along with some info (user id, device id, tenant id, etc ...) to be able to go through device registration cycle from mobile side

thanks in advance

abdallah-odeh avatar Jul 02 '24 07:07 abdallah-odeh