如何解决AppAuth:使用 iOS 和 Android 应用获取授权码以及服务器上的访问令牌
我正在为 IOS 和 Android 实现 OpenId AppAuth SDK。
https://github.com/openid/AppAuth-iOS
https://github.com/openid/AppAuth-android
我们的应用 oAuth 流程:
应用从后端服务器接收以下数据以执行 oAuth 流程:
- 授权端点
- client_id
- response_type
- 范围
问题
Android 应用程序就像一个魅力。 用户可以使用 AppAuth 登录,应用程序从 redirectURL 接收授权码。
然而,IOS 应用程序... AppAuth 确实会打开请求的登录屏幕,并且可以执行 oAuth 登录。
那么……
[OIDAuthState authStateByPresentingAuthorizationRequest:presentingViewController:callback:]
回调错误:
"Connection error making token request to '': incorrect URL."`Error Domain=NSURLErrorDomain Code=-1002 "unsupported URL" UserInfo={NSLocalizedDescription=unsupported URL`
错误是正确的,因为在ServiceConfiguration中使用了一个空的NSURL作为token_endpoint。 应用没有令牌端点,只有授权端点。
好像 AppAuth 是自动请求访问令牌,但我只需要请求授权码。 Android 应用也在 ServiceConfiguration 中使用了一个空 url,但不会启动令牌请求。
如何使用 AppAuth-iOS 禁用自动令牌检索?
Android 代码 (java):
private void startOAuthAuthentication(){
// Create the service coniguration
// Note: The app does not have a token endpoint. An empty Uri value is used for the tokenEndpoint param
AuthorizationServiceConfiguration serviceConfig =
new AuthorizationServiceConfiguration(
Uri.parse(MY_AUTHORISATION_ENDPOINT),// authorization_endpoint
Uri.parse("")); // token_endpoint
// Build the request
AuthorizationRequest.Builder authRequestBuilder = new AuthorizationRequest.Builder(
serviceConfig,MY_CLIENT_ID,MY_RESPONSE_TYPE,MY_REDIRECT_URL);
AuthorizationRequest authRequest = authRequestBuilder
.setScope(MY_ScopE)
.setCodeVerifier(null)
.setLoginHint(null)
.build();
// Start Authorization
AuthorizationService authService = new AuthorizationService(getActivity());
Intent authIntent = authService.getAuthorizationRequestIntent(authRequest);
oAuthActivityResultLauncher.launch(authIntent);
}
// ActivityResultLauncher
ActivityResultLauncher<Intent> oAuthActivityResultLauncher = registerForActivityResult(
new ActivityResultContracts.StartActivityForResult(),new ActivityResultCallback<ActivityResult>() {
@Override
public void onActivityResult(ActivityResult result) {
if (result.getResultCode() == Activity.RESULT_OK) {
Intent data = result.getData();
AuthorizationResponse resp = AuthorizationResponse.fromIntent(data);
AuthorizationException ex = AuthorizationException.fromIntent(data);
if(resp != null && resp.authorizationCode != null){
// app received the authorizationCode
// resp.authorizationCode
}
}
}
});
IOS 代码(obj-c):
-(void) startOAuthAuthentication
{
// Create the service coniguration
// Note: The app does not have a token endpoint. An empty NSURL value is used for the tokenEndpoint param.
OIDServiceConfiguration *config =
[[OIDServiceConfiguration alloc]
initWithAuthorizationEndpoint:[NSURL URLWithString:MY_AUTHORISATION_ENDPOINT]
tokenEndpoint:[NSURL URLWithString:@""]];
// Create the Authorization Request
OIDAuthorizationRequest *request =
[[OIDAuthorizationRequest alloc] initWithConfiguration:config
clientId:MY_CLIENT_ID
clientSecret:nil
scope:MY_ScopE
redirectURL:MY_REDIRECT_URL
responseType:MY_RESPONSE_TYPE
state:MY_STATE
nonce:nil
codeVerifier:nil
codeChallenge:nil
codeChallengeMethod:nil
additionalParameters:nil];
// Start Authorization
AppDelegate *appDelegate =
(AppDelegate *)[UIApplication sharedApplication].delegate;
appDelegate.currentAuthorizationFlow =
[OIDAuthState authStateByPresentingAuthorizationRequest:request
presentingViewController:self
callback:^(OIDAuthState *_Nullable authState,NSError *_Nullable error) {
if (authState) {
// App does not receive the authState
} else {
// App always receives the following the error:
// "Connection error making token request to '': incorrect URL."
// Error Domain=NSURLErrorDomain Code=-1002 "unsupported URL" UserInfo={NSLocalizedDescription=unsupported URL
}
}];
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
