OAuth2
OAuth2 copied to clipboard
p2
Custom parameters are not getting added to authorize_uri
I've followed the instructions to add all the parameters in the authorize URI, but I require a further parameter than what's currently offered. Right now I'm adding this parameter in two ways:
in OAuth2CodeGrant settings:
"parameters": ["p": "B2C_1_BlueBankSUSI"],
in oauth2.authParameters
oauth2.authParameters = ["p": "B2C_1_BlueBankSUSI"]
Indeed, the accessTokenRequest from the code grant flow doesn't use the provided additional parameters while it should.
Yes, these parameters are added to the token request, not to the authorize URL. If you want to add custom parameters to authorize URI, you can add them when you call authorize(params: ["p": "..."]) { inParams, error in ... }.
This is not accessible when using DataLoader, I'm guessing we'll either need to add another configuration parameter or use the same config for both requests.
BTW, what you add to "parameters" ends up in oauth2.authParameters, so you can do it either way.
Thanks for your response. I'm still having some issues with my authorize flow. Here's the code from my ViewController.swift. Please forgive me if there's something glaringly wrong with my code - I'm very new to iOS and Swift:
class ViewController: UIViewController {
var loader: OAuth2DataLoader?
let oauth2 = OAuth2CodeGrant(settings: [
"client_id": "****",
"client_secret": "",
"authorize_uri": "https://login.microsoftonline.com/bluebankb2c.onmicrosoft.com/oauth2/v2.0/authorize",
"token_uri": "https://login.microsoftonline.com/bluebankb2c.onmicrosoft.com/oauth2/v2.0/token",
"redirect_uris": ["urn:ietf:wg:oauth:2.0:oob"],
"parameters": ["p": "B2C_1_BlueBankSUSI"],
"scope": "****",
"keychain": true,
] as OAuth2JSON)
override func viewDidLoad() {
super.viewDidLoad()
// Do any additional setup after loading the view, typically from a nib.
signInEmbedded()
}
override func didReceiveMemoryWarning() {
super.didReceiveMemoryWarning()
// Dispose of any resources that can be recreated.
}
func signInEmbedded() {
if oauth2.isAuthorizing {
oauth2.abortAuthorization()
return
}
oauth2.authConfig.authorizeEmbedded = true
oauth2.authConfig.authorizeContext = self
oauth2.authorize(params: ["p":"B2C_1_BlueBankSUSI"]){
inParams, error in
self.didCancelOrFail(error)
}
}
}
Now I only get a blank screen, and I'm getting this feed from my console log:
objc[24393]: Class PLBuildVersion is implemented in both /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator.sdk/System/Library/PrivateFrameworks/AssetsLibraryServices.framework/AssetsLibraryServices (0x11fb144c) and /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator.sdk/System/Library/PrivateFrameworks/PhotoLibraryServices.framework/PhotoLibraryServices (0x11df2b78). One of the two will be used. Which one is undefined. 2017-02-12 14:26:32.270 OAuth2iOS[24393:21253403] Warning: Attempt to present <SFSafariViewController: 0x7b6540e0> on <OAuth2iOS.ViewController: 0x7b6507c0> whose view is not in the window hierarchy! 2017-02-12 14:26:32.289800 OAuth2iOS[24393:21253403] [MC] System group container for systemgroup.com.apple.configurationprofiles path is /Users/lloydtucker/Library/Developer/CoreSimulator/Devices/A28AEEF0-C056-4C63-A3F5-15C1DF47C9C8/data/Containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles 2017-02-12 14:26:32.290938 OAuth2iOS[24393:21253403] [MC] Reading from private effective user settings.
You're calling signInEmbedded() too early, viewDidLoad() is not a good place for that, use viewDidAppear().
Thanks for the shout - didn't realise that I was making a Swift goof.
I have another followup issue with this too. Azure AD B2C for native apps uses urn:ietf:wg:oauth:2.0:oob as the redirect URI, and I'm unable to get the AppDelegate to handle this URI after authorization. Do you know how to handle this redirect URI with Swift? I've put in
func application(_ app: UIApplication, open url: URL, options: [UIApplicationOpenURLOptionsKey : Any]) -> Bool {
let redirect_uri = URL(string:"urn:ietf:wg:oauth:2.0:oob")
print(redirect_uri?.absoluteString as Any)
print(url.absoluteString as Any)
print("app: \(app)")
if redirect_uri == url {
if let vc = window?.rootViewController as? ViewController {
vc.oauth2.handleRedirectURL(url)
return true
}
} else {
print("No valid URL to handle")
}
print("Error with redirect")
return false
}
into the AppDelegate, and it doesn't seem to do anything at all!
Yes, that won't work as the App never gets called with this redirect URL. You'll need to use the custom, embedded web view (set embedded to true and safari to false).
oauth2.authConfig.authorizeEmbedded = true
oauth2.authConfig.ui.useSafariView = false
Perfect! That worked. Got the library working nicely now, thanks for all your help.
I decided to use this library for a sample OAuth2.0 app at a hackathon my team are hosting, so this has gone a long way to simplifying the process for the developers who will be joining us.
Will be in touch. Cheers!
Alright great! I'll keep this issue open as the parameter issue when using DataLoader is not resolved yet.
Sounds good. The last nagging issue is that the Web View for the login zooms to the Text View on the screen. Is there a way to keep the Web View from zooming in on the field?
If anyone has trouble with the original problem, this is what I came up with:
class OAuth2CodeGrantParams: OAuth2CodeGrant {
var tokenRefreshParameters: OAuth2StringDict?
override func authorizeURL(withRedirect redirect: String?, scope: String?, params: OAuth2StringDict?) throws -> URL {
return try super.authorizeURL(withRedirect: redirect, scope: scope, params: params ?? tokenRefreshParameters)
}
}
Use it instead of OAuth2CodeGrant like this:
let oauth2 = OAuth2CodeGrantParams(...)
oauth2.tokenRefreshParameters = ...
It seems that passing custom parameter to token_uri does not work: https://github.com/p2/OAuth2/issues/354
