Can we get the ability to retrieve the id token? Like in this example

Hello. I have downloaded your example-code, and modified my build.gradle to add the manifestPlaceholder. But everytime i press the button to login, after the login on identityserver.io, it says that io.identityserver.demo:/oauthredirect is an undefined scheme.

Can you help me fixing this ? Thanks

Is there a way to sign out the currently authenticated user?

Can we have the option to pass fields in to automatically get a token? This is what I'm talking about. The Flutter package oauth2 has this functionality implemented. Check out the bottom of the oauth2 page.

Making a appauth.authorizeAndExchangeCode request using the AuthorizationTokenRequest below (syntax as per the the documentation) :

var request = AuthorizationTokenRequest( hubClientId, hubRedirectURL, serviceConfiguration: AuthorizationServiceConfiguration(hubAuthoriseEndpoint, hubTokenEndpoint, ), scopes: "user_impersonation", "openid", "offline_access"], additionalParameters: {'p': this._policy}, )

raises exception 'JSON deserialization error', after displaying my login screen and successfully logging me in to AD B2C.

Calling the appauth.authorize(request) successfully returns an auth code
Calling appauth.token(request) raises the same exception.

There's no JSON in the flutter plugin. So it appears there's something wrong with my token request. Is there any better exception handling that might tell me where any JSON deserialization is failing? And what it's actually attempting to deserialize?

Testing under Android- It seems that when calling authorize, the UI will freeze for about 1s before the webview pops open.

As a test, I tried calling the authorize function using compute to put it on another thread. This fixed the UI hang, but the authorization never worked (the AppAuth webview never came up). First it complained about the binarymessenger not being ready yet, so I assume it's because the plugin isn't initialized properly when calling via a compute.

Is there any way to reduce or fix this UI freeze?

I've had a very good experience with the plugin so far, thanks for the good work!

I noticed a minor doc issue in the Readme code. It shows this:

final AuthorizationTokenResponse result = await appAuth.token(TokenRequest('<client_id>', '<redirect_url>',
        discoveryUrl: '<discovery_url>',
        refreshToken: '<refresh_token>',
        scopes: ['openid','profile', 'email', 'offline_access', 'api']));

Where it says AuthorizationTokenResponse it should be TokenResponse I think.

I encountered an idToken checksum during development. After a simple test, I found this problem.
The algorithm used by my idToken is RS256.

Using github oauth fails on iOS because the opened page has the login button disabled. This button is enabled by a JS script, suggesting that javascript is disabled on webviews opened by the plugin.

Everything works fine on Android and I can get an access token

Calling the methods mentioned in the title opens the Authorization endpoint as expected. On successful sign-in, the redirect takes place. If the redirect URI is my-scheme-as-registered-in-plist://whatever, the browser closes, but the Future never completes. If the redirect is to my own backend server, the window stays open (duh).
The point is, it's unclear what makes a "correct" redirect that triggers the Future to complete.

On Android, the authorization page is not even opened (the future doesn't complete either)

Hey,

i just saw that AppAuth for iOS finally implemented a way to end the session.
see: openid/AppAuth-iOS#407

Unfortunately there is no implementation for Android, yet.
Do you plan to add this to your library? Even if it is just for iOS at the moment.

Greetings

I'm not sure if both the iOS and Android openid AppAuth libs support calling the user info endpoint in their implementations, but if they do, are there plans to surface the API in this package?

Somebody already asked about signout, which is also needed if it's necessary to support sign out of the single sign-on session. I can live with just deleting the local session data for signing out. however user info is a must for me.

Eu tenho um identity server 3 rodando (já tem um tempo) e fiz o app logar com nesse serviço.
Só que eu não tenho uma api que buscar usuário por token, como eu pego o Sub de quem logou para tratar na api que já tenho?
Obrigado.

Hello!

First things first: thanks for the library!

One issue there: when you log in with the library, a Chrome task remains opened after successfully logged in. It should happen in a Chrome Custom Tab.

Here's a screenshot to showcase the issue. You can see that the app I'm working on is focused, but there's a Chrome task beside it.

Hello, I installed the package (0.0.4), added build.gradle, like was said in the Android setup section :

        manifestPlaceholders = [
                'appAuthRedirectScheme': 'test.driver'
        ]

And also redirect activity to the AndroidManifest.xml:

<activity android:name="net.openid.appauth.RedirectUriReceiverActivity">
            <intent-filter>
                <action android:name="android.intent.action.VIEW" />

                <category android:name="android.intent.category.DEFAULT" />
                <category android:name="android.intent.category.BROWSABLE" />

                <data android:scheme="test.driver" />
            </intent-filter>
        </activity>

The error occurs right after plugin installation, even without lib imported:

Launching lib\main.dart on Android SDK built for x86 in debug mode...
Initializing gradle...
Resolving dependencies...
Gradle task 'assembleDebug'...

FAILURE: Build failed with an exception.

* What went wrong:
Execution failed for task ':app:processDebugResources'.
> Android resource linking failed
  Output:  D:\projects\Flutter\gp\driver\build\app\intermediates\incremental\mergeDebugResources\merged.dir\values\values.xml:190: error: resource android:attr/fontVariationSettings not found.
  D:\projects\Flutter\gp\driver\build\app\intermediates\incremental\mergeDebugResources\merged.dir\values\values.xml:191: error: resource android:attr/ttcIndex not found.
  error: failed linking references.

  Command: C:\Users\Zver\.gradle\caches\transforms-1\files-1.1\aapt2-3.2.1-4818971-windows.jar\6595a8e560e34ac981e3c20f4ba88937\aapt2-3.2.1-4818971-windows\aapt2.exe link -I\
          C:\Users\Zver\AppData\Local\Android\sdk\platforms\android-27\android.jar\
          --manifest\
          D:\projects\Flutter\gp\driver\build\app\intermediates\merged_manifests\debug\processDebugManifest\merged\AndroidManifest.xml\
          -o\
          D:\projects\Flutter\gp\driver\build\app\intermediates\processed_res\debug\processDebugResources\out\resources-debug.ap_\
          -R\
          @D:\projects\Flutter\gp\driver\build\app\intermediates\incremental\processDebugResources\resources-list-for-resources-debug.ap_.txt\
          --auto-add-overlay\
          --java\
          D:\projects\Flutter\gp\driver\build\app\generated\not_namespaced_r_class_sources\debug\processDebugResources\r\
          --custom-package\
          net.getpacked.driver\
          -0\
          apk\
          --output-text-symbols\
          D:\projects\Flutter\gp\driver\build\app\intermediates\symbols\debug\R.txt\
          --no-version-vectors
  Daemon:  AAPT2 aapt2-3.2.1-4818971-windows Daemon #0
  Output:  C:\Users\Zver\.gradle\caches\transforms-1\files-1.1\core-1.0.0-rc01.aar\725f987e2342d4e84333cf9b5173909c\res\values\values.xml:89:5-125:25: AAPT: error: resource android:attr/fontVariationSettings not found.

  C:\Users\Zver\.gradle\caches\transforms-1\files-1.1\core-1.0.0-rc01.aar\725f987e2342d4e84333cf9b5173909c\res\values\values.xml:89:5-125:25: AAPT: error: resource android:attr/ttcIndex not found.

  error: failed linking references.
  Command: C:\Users\Zver\.gradle\caches\transforms-1\files-1.1\aapt2-3.2.1-4818971-windows.jar\6595a8e560e34ac981e3c20f4ba88937\aapt2-3.2.1-4818971-windows\aapt2.exe link -I\
          C:\Users\Zver\AppData\Local\Android\sdk\platforms\android-27\android.jar\
          --manifest\
          D:\projects\Flutter\gp\driver\build\app\intermediates\merged_manifests\debug\processDebugManifest\merged\AndroidManifest.xml\
          -o\
          D:\projects\Flutter\gp\driver\build\app\intermediates\processed_res\debug\processDebugResources\out\resources-debug.ap_\
          -R\
          @D:\projects\Flutter\gp\driver\build\app\intermediates\incremental\processDebugResources\resources-list-for-resources-debug.ap_.txt\
          --auto-add-overlay\
          --java\
          D:\projects\Flutter\gp\driver\build\app\generated\not_namespaced_r_class_sources\debug\processDebugResources\r\
          --custom-package\
          net.getpacked.driver\
          -0\
          apk\
          --output-text-symbols\
          D:\projects\Flutter\gp\driver\build\app\intermediates\symbols\debug\R.txt\
          --no-version-vectors
  Daemon:  AAPT2 aapt2-3.2.1-4818971-windows Daemon #0

* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Run with --scan to get full insights.

* Get more help at https://help.gradle.org

BUILD FAILED in 0s
Finished with error: Gradle task assembleDebug failed with exit code 1

Could you suggest how I can solve this problem?
Thanks in advance.

Forgive me if I misspeak or mischaracterize as I am new to Flutter but not mobile dev.
I have tried to have the home section in MaterialApp be a page ie.
home: new LoginPage()

then, all that page has all the appauth code right out of your main.dart example. Every time I try that I get an error regarding tabs which I am sure is related to the Chrome integration. Error is below (left out the cascading errors). Any thoughts?

I/zygote64(12063): Rejecting re-init on previously-failed class java.lang.Class<net.openid.appauth.browser.CustomTabManager$1>: java.lang.NoClassDefFoundError: Failed resolution of: Landroid/support/customtabs/CustomTabsServiceConnection;
I/zygote64(12063): at void net.openid.appauth.AuthorizationService.(android.content.Context, net.openid.appauth.AppAuthConfiguration) (AuthorizationService.java:96)
I/zygote64(12063): at void net.openid.appauth.AuthorizationService.(android.content.Context) (AuthorizationService.java:83)
I/zygote64(12063): at void io.crossingthestreams.flutterappauth.FlutterAppauthPlugin.performAuthorization(net.openid.appauth.AuthorizationServiceConfiguration, java.lang.String, java.lang.String, java.util.ArrayList, java.lang.String, java.util.Map, boolean, java.util.ArrayList) (FlutterAppauthPlugin.java:225)
I/zygote64(12063): at void io.crossingthestreams.flutterappauth.FlutterAppauthPlugin.access$200(io.crossingthestreams.flutterappauth.FlutterAppauthPlugin, net.openid.appauth.AuthorizationServiceConfiguration, java.lang.String, java.lang.String, java.util.ArrayList, java.lang.String, java.util.Map, boolean, java.util.ArrayList) (FlutterAppauthPlugin.java:31)
I/zygote64(12063): at void io.crossingthestreams.flutterappauth.FlutterAppauthPlugin$1.onFetchConfigurationCompleted(net.openid.appauth.AuthorizationServiceConfiguration, net.openid.appauth.AuthorizationException) (FlutterAppauthPlugin.java:145)
I/zygote64(12063): at void net.openid.appauth.AuthorizationServiceConfiguration$ConfigurationRetrievalAsyncTask.onPostExecute(net.openid.appauth.AuthorizationServiceConfiguration) (AuthorizationServiceConfiguration.java:364)
I/zygote64(12063): at void net.openid.appauth.AuthorizationServiceConfiguration$ConfigurationRetrievalAsyncTask.onPostExecute(java.lang.Object) (AuthorizationServiceConfiguration.java:305)
I/zygote64(12063): at void android.os.AsyncTask.finish(java.lang.Object) (AsyncTask.java:695)
I/zygote64(12063): at void android.os.AsyncTask.-wrap1(android.os.AsyncTask, java.lang.Object) (AsyncTask.java:-1)
I/zygote64(12063): at void android.os.AsyncTask$InternalHandler.handleMessage(android.os.Message) (AsyncTask.java:712)
I/zygote64(12063): at void android.os.Handler.dispatchMessage(android.os.Message) (Handler.java:105)
I/zygote64(12063): at void android.os.Looper.loop() (Looper.java:164)
I/zygote64(12063): at void android.app.ActivityThread.main(java.lang.String[]) (ActivityThread.java:6944)
I/zygote64(12063): at java.lang.Object java.lang.reflect.Method.invoke(java.lang.Object, java.lang.Object[]) (Method.java:-2)
I/zygote64(12063): at void com.android.internal.os.Zygote$MethodAndArgsCaller.run() (Zygote.java:327)
I/zygote64(12063): at void com.android.internal.os.ZygoteInit.main(java.lang.String[]) (ZygoteInit.java:1374)

In may case I need state value after getting auth code. How I can get state value ?

Is there any way to not open the browser but instead opens inside the app as a web view?

I'm currently looking at flutter_inappbrowser's InAppBrowser class (https://pub.dev/packages/flutter_inappbrowser#inappbrowser-class) or flutter_web_browser (https://pub.dev/packages/flutter_web_browser#-readme-tab-) but I have no idea how to implement it alongside appauth.

calling

var result = await appAuth.authorizeAndExchangeCode( AuthorizationTokenRequest( '<client_id>', '<redirect_url>', serviceConfiguration: AuthorizationServiceConfiguration('<authorization_endpoint>', '<token_endpoint>'), scopes: ['openid','profile', 'email', 'offline_access', 'api'] additionalParameters : {"p" : "B2C_1A_signup_signin" , "prompt" : "login" , "response_type" : "id_token",} ), );

Throws Platform Exception

Parameters "p" and "response_type" are required for AD B2C authorization.

Bug either needs fixing or better explanation of how to add "p" (policies) and "response_type" parameters is required

How to add additional parameters?
such as : login_hint, deviceid...

Thanks

Thanks for the work you’ve put into this, it’s great. When using this, I find that the browser window is pushed to background rather than being closed. How can I close the browser window?

Hi,

we are trying to use flutter_appauth to authenticate to strava.com
We changed the example to login to strava. The request to strava works,
we see the strava website, can authorize, and get redirected to the app.
But the response we get in the app is empty.
Specifically, the error is:

 PlatformException(token_failed, Failed to get token, null)

on android and this on ios:

PlatformException(authorize_and_exchange_code failed, Failed to authorize, null)

Since we are new to this flutter thingy, we don't really know how to debug this.
Do you have any hints where to look?

I don't know if this matters, but strava does not support discovery urls,
so we use AuthorizationTokenRequest and explicitly specify the client_id and redirect_url.

Thanks a lot

In the android we can use ConnectionBuilder}that permits connecting to http links, and ignores certificates for https connections.
is there any way to use http instead of https.
I am getting this error if I am trying to use http

E/AndroidRuntime( 4341): java.lang.RuntimeException: An error occurred while executing doInBackground()
E/AndroidRuntime( 4341): at android.os.AsyncTask$3.done(AsyncTask.java:353)
E/AndroidRuntime( 4341): at java.util.concurrent.FutureTask.finishCompletion(FutureTask.java:383)
E/AndroidRuntime( 4341): at java.util.concurrent.FutureTask.setException(FutureTask.java:252)
E/AndroidRuntime( 4341): at java.util.concurrent.FutureTask.run(FutureTask.java:271)
E/AndroidRuntime( 4341): at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:245)
E/AndroidRuntime( 4341): at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1162)
E/AndroidRuntime( 4341): at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:636)
E/AndroidRuntime( 4341): at java.lang.Thread.run(Thread.java:764)
E/AndroidRuntime( 4341): Caused by: java.lang.IllegalArgumentException: only https connections are permitted
And can we use https with self signed certificate

I would implement the plugin with keycloak, is possibile?

Hello,

Is there any plan to provide access/an interface to AppAuth's AuthState (Android) and OIDAuthState (iOS)?

Add following code snippet according to example.

 final AuthorizationTokenResponse result =
                    await appAuth.authorizeAndExchangeCode(
                  AuthorizationTokenRequest
                    ("xxxxxx",
                      "xxxx",
                      serviceConfiguration: _serviceConfiguration,
                      scopes: _scopes,
                    ),
                );

it seems work according to the UI flow, UI already show the redirect url screen, however, result is still null.

I have implemented app_auth and when i am receiving response from Key cloak. Access_token misses few portion which gives response without Payload data. When I modified in flutter_appauth.dart file with performing casting to access_token. I get actual token with Payload data. But it throws some exception "Unhandled Exception: NoSuchMethodError: Class 'String' has no instance method 'cast'." Application got crashed. How should I fix this issue?

Size of token is very long so it does not receive exact portion after "colon(.)". But with casting, it receives and throws an exception.

I am using Azure AD B2C for the project and followed Nick Randolph's video by NDC Conferences
I've followed the documentation to write the following code:

FlutterAppAuth _appauth = FlutterAppAuth();
    AuthorizationTokenResponse result;
    try{
    result = await _appauth.authorizeAndExchangeCode(
      AuthorizationTokenRequest(clientId, redirectURL,
          discoveryUrl: discoveryURL, scopes: scopes),
    );
    }
    catch(e){
      print(e.toString());
    }

Problem

The app crashes just as authorizeAndExchangeCode is invoked. No exceptions were raised.

What I know
There should not be any problem with the client id, redirect url and discovery url. I had initial concerns about the discovery url but I have discovered that having a wrong url raised an exception. My discovery url : https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration

What am I missing?

Hi there, I'm sure this is not specific to flutter_appauth but I'm not sure where else to ask this question. So my apologies for doing this as an issue.

I have my custom scheme setup and I've got flutter_appauth sending a code to my server which has a valid token ready to respond with.

I've tried responding with my-app-scheme:/instagram-auth?token=foo and the browser window closes as expected but nothing returns from AppAuth.authorizeAndExchangeCode

So my question is what should I be returning to catch the attention of App Auth and complete the token exchange?

It seems like flutter_app_auth would need to know the scheme to listen on?

I found this documentation but it is not clear on what needs to be returned and I don't see any guidelines for AppAuth itself

https://tools.ietf.org/html/rfc8252#section-7

The app keeps crashing with Android X.
Failure delivering result ResultInfo, java.lang.NullPointerException: dataIntent must not be null.
It seems like this is an issue in the plugin code.

android.content.ActivityNotFoundException: Unable to find explicit activity class {net.openid.appauth.AuthorizationManagementActivity}; have you declared this activity in your AndroidManifest.xml?

I'm using the authorizeAndExchangeCode method to connect to the Spotify Web API

I'm unable to fetch the loginHint for iOS, but it works just fine on Android. I noticed in Android that the loginHint is processed in performAuthorization, but I don't see it in iOS. I'm not familiar with Objective-C so I may be missing something! Any idea if there's something missing for iOS?

I want to be able to log in like in the example and then save credentials and use those credentials to automatically sign-in next time the app is opened. Is that possible with this library? If so, can that be added to the readme? If not, can this capability be added?

When I create the request on an Android device everything works as expected, the login pages shows from Azure AD B2C, I can login etc.

When I do the same on iOS the web popup shows but shows a 404 error page as though the URL is not the same or something. I have compared the URLs when using Android and iOS and they are exactly the same. When I take that URL and paste it into the iOS Emulator's Safari, the correct page shows.

Anybody else seen this issue?

It's working on ios but I just run on android.
Got this error after switch back to app.
Do you know why?
PlatformException(authorize_and_exchange_code_failed, Failed to authorize: [error: null, description: User cancelled flow], null)

I have cloned the flutter_appauth code and have replaced lines 29-45 in example/main.dart with the same IdentityServer config we currently use in our Ionic app. When I run the example app (on my Pixel 3) it shells out to our IdentityServer login page and the terminal contains this one line:

W/ActivityThread( 7739): handleWindowVisibility: no activity for token android.os.BinderProxy@9075317

From what I have found via searching this implies that the Android app is losing its context when it shells out the the browser view? Is this correct? Is this expected behavior?

Can this be used with Azure App Service's EasyAuth that uses Azure AD B2C? I am looking for a solution that can be used with Azure AD B2C with Flutter and Flutter Web.

Thank you in advance.

Since there is an AppAuth JS SDK it should be possible to add web support for this plugin.

Hi,

using appAuth.authorizeAndExchangeCode() i'm successfully getting token but authorizationAdditionalParameters is empty in this case, later when i want to refresh token using appAuth.token() i need to provide authorizationCode which i didn't receive earlier.

Shouldn't you pass AuthorizationResponse instead of null in following

/.pub-cache/hosted/pub.dartlang.org/flutter_appauth-0.2.1+1/android/src/main/java/io/crossingthestreams/flutterappauth/FlutterAppauthPlugin.java

            public void onTokenRequestCompleted(
                    TokenResponse resp, AuthorizationException ex) {
                if (resp != null) {
                    Map<String, Object> responseMap = tokenResponseToMap(resp, null);
                    finishWithSuccess(responseMap);
                } else {
                    finishWithTokenError(ex);
                }
            }

Thanks!

Hi,

I'm doing some OIDC development on my local machine. Would it be possible to add an extensibility point for overriding SSL CRL / Chain validation checks?

Best regards
Anders

I've been looking into using https with a self signed certificate for a local development identity server. The documentation mentions using a custom redirect scheme which is not supported by my identity server.

I know the regular android appauth supports https redirect schemes using a redirect activity. Is this possible using this library?

Hi, I am new to Dart / Flutter thing :)

I am evaluating the lib. So far so good but I can't find way to logout from the IdentityServer. Any plans to implement this? Or if it is already there I would appreciate guidance. Thanks.

Currently there is no way to end an active session via this library.

Hi,
anychance to not return exception if user click "cancel"

flutter: #0      StandardMethodCodec.decodeEnvelope (package:flutter/src/services/message_codecs.dart:569:7)
#1      MethodChannel.invokeMethod (package:flutter/src/services/platform_channel.dart:321:33)
<asynchronous suspension>
#2      FlutterAppAuth.authorizeAndExchangeCode (package:flutter_appauth/src/flutter_appauth.dart:24:33)

Greetings,

How do I add more redirect schemes in the Gradle -> manifestPlaceholders? I have already tried adding elements in the array but it does not work:

manifestPlaceholders = [ 'appAuthRedirectScheme': '<redirect-scheme-here>', 'appAuthRedirectScheme': '<redirect-scheme-here>', ]

The code above does not work. What can I do? Thanks.

Hi
I am getting error like Missing Plugin Exception while implementing this flutter_appauth Plugin

Exception has occurred.
MissingPluginException (MissingPluginException(No implementation found for method authorizeAndExchangeCode on channel crossingthestreams.io/flutter_appauth))

Hello, in the example when you click the button to go to the login page, a screen without a URL appears, as if it were inside the app itself, but in my example it opens Chrome and then returns to the app. Does anyone know why?

Use case:
User is successfully loged in with appAuth to identityserver 4.
If user open app again it will automaticlly login the same user with no login prompt on identity provider.
So how can the user with two diffrent accounts login to second account and optionally switch between accounts.
Thanks in advance

Generally if I set wrong clientId mapping, i see this kind of issues. But configuration settings which i did whether it may be client_Id,discovery_url,redirect_url,authorization_endpoint,authorization_token,scopes are set according to the identity4 configs set in the solution. No issues at all. Still there is an issue.
Could you please let me know if i miss something as part of configuration.

Note: I took your solution as reference