Ionic 4 mobile app with angular-auth2-oidc #803
Comments
|
Hmm, that's a bit broad question, we're but a small community, typically focused on helping out on bugs and feature requests. I suggest trying your luck to find someone who created a tutorial on your scenario, or be the first to write it. Otherwise, we'd have to hope for a community member here to pop up to answer your question... |
jeroenheijmans
added
the
question
|
Hi, sorry if I missed anything. |
|
Hello, @CodeDangler I would also like to use this library in mobile applications, as it is one of the best I have found. I tried to implement a solution suggested by @nhance without success:
But I found another library, not as good as angled-oauth2-oidc from @manfredsteyer but that somehow works: |
|
@jeroenheijmans is it possible to turn this from a question into a feature request? The Ionic community is huge and we would profit a lot from such a well-maintained lib as this one, if it offered the option to use an own redirect instead of a static one. Another useful feature request for Ionic would be being able to provide your own httpClient in order to use a cordova-http-client (with HTTPS pinning) for logout calls etc. Or is Ionic support out of question in general? |
|
OP kicked off this thread with:
In that I read a question for guidance around using this library within a specific ecosystem. I'm happy to change the labels (they're just labels anyways) to a 'feature request', but then what is the specific feature being requested? If it's about getting a specific tutorial for using the library within Ionic, I'm not sure if the community around this library is big enough to support that. It would possibly be written by someone, but then quickly go out of date. I much prefer then someone takes up the gauntlet of writing one, and we add it to the list of Tutorials. In fact.... if you look at that list, there is already an external "Ionic" sample linked. What do you think, does this make sense? |
|
@jeroenheijmans Thanks for the quick reply. I am aware of that tutorial, but the solution used there (additionally using an okta plugin) works around many of the features that this lib (angular-oauth2-oidc) already provides, thus reducing the benefits of this lib. If you take a look at this chunk of code from the tutorial: all this response parameters parsing is something that you already have in the lib. It would be better if one could pass that And as mentioned above, one should be able to provide a custom httpClient for HTTPS-pinning (I would see that in a separate feature). So basically, I am asking for "real" Ionic support, not documentation or a tutorial. Is this something that this lib could provide in the future or do you not want to open that can of worms? |
|
I'm starting to understand a little better.
I think it's good to have interception points in the library, as long as they're not tightly coupled to another framework such as Ionic: we don't want to give all users of the library Ionic-specific features, I think? I have not read through the tutorial, nor do I know much about Ionic. The code you posted does look off to me indeed, you shouldn't need that when using the library. But it could also be that you could do better than that specific tutorial? I just don't know. What we really need to know what the actual, concrete feature request is. Because "real Ionic support" is still too vague for me. And with that, a bit too hard to know if it'd be a good fit. Would you have a concrete prototype or proposed change for the library, that would make it more useful in e.g. Ionic environments? |
|
@jeroenheijmans This is what I had in mind, sounds good 👍 I will make two new feature-requests with detailed requirements. EDIT:
If you have any idea how to change it to code-flow, that would be greatly appreciated. The code flow seems not to receive a URL based response at all? This part is never executed for me when I change to code-flow: |
|
Thx @philly-vanilly! Fair warning: the community at the library is small, and PRs sometimes move a bit slow. I moderate the issues a lot, but it's largely the core maintainer looking at a bunch of PRs all at once every few months. So you might not get fast or huge interaction (but the effort is still appreciated! <3). |
|
I assume, with code flow, I would need to use |
|
Hi @philly-vanilly , |
|
I've been looking for a similair solution. After lots of debugging and looking at the source code of this library I figured out what to do when using capacitor. Implicit flow was working fine at first, but the code flow+PKCE gave some issues which where caused by an outdated version of angular-oauth2-oidc, but was resolved in this PR The little bit of code that was needed to get things working: import {NgZone} from '@angular/core';
import {Plugins} from '@capacitor/core';
import {OAuthService} from 'angular-oauth2-oidc';
import {Router} from '@angular/router';
const {App, Browser, Device} = Plugins;
export class AppComponent {
constructor(
private zone: NgZone,
private oauthService: OAuthService,
private router: Router,
) {
this.listenForOAuthRedirect();
}
private async listenForOAuthRedirect() {
// example of the important stuff
const oauthParameters = {
responseType: 'code',
// the IDP must redirect to the App URI (it should be whitelisted)
redirectUri: 'custom-app-uri://localhost',
// open a new browser window when starting implicit flow
openUri: url => Browser.open({url})
};
this.oauthService.configure(oauthParameters);
App.addListener('appUrlOpen', async data => {
const platform = (await Device.getInfo()).platform as Platform;
// because reasons
if (platform === 'ios') {
await Browser.close();
}
await this.zone.run(async () => {
await this.oauthService.tryLogin({customHashFragment: data.url.substr(data.url.indexOf('?'))});
const hasValidAccessToken = await this.oauthService.hasValidAccessToken();
if(hasValidAccessToken){
await this.router.navigate(['/your-protected-route-after-login']);
}
});
});
}
} |
|
@mrmkrs thank you for that snippet, you saved me from hours (if not days) of hassle ! |
|
Hi, I'm already using the auth lib for a regular Angular project, and I tried to adapt my code for an Ionic version of the app.
I tried the above sample from @mrmkrs for Ionic but I don't get the I don't get neither this part: How should I setup the app URI in Ionic? I didn't find the concept in the doc except for "DeepLink plugin". For comparison, here is my (working) code for the web app: I would really appreciate some help here. Thanks a lot. |
Hi
I could successfully launch the ionic app in mobile. But the identity server login page is getting launched in external browser. But I want to launch the page in inappbrowser for both android and iOS.
How can I achieve the same with angular-auth2-oidc and ionic cordova.
The text was updated successfully, but these errors were encountered: