MaikuB/flutter_appauth

NOT RETURN TO MY APP AFTER LOGIN

TuonggVi opened this issue · 2 comments

TuonggVi commented

After logging in on the identity server's website, instead of returning to the application screen, it continues to redirect back to the login page of the website.
After logging in, it redirects to a website with the link https://authenticationserver2023.azurewebsites.net/account/login?
code=0082C1DB8C1D654300126E06FE8B12DE3E625247FBCC5A9F0B0DCCB5CAFC2CAF-1&
scope=openid%20profile%20native-client-scope&
state=rxW4GMRfKT3JOFIcl2QoDQ&
session_state=y91GfyDzsltXamkIduxlz80fCxKaSEOmiEnBtMjQnjY.47F8B25BBDD3FAFB6947E308AE016D81&
iss=https%3A%2F%2Fauthenticationserver2023.azurewebsites.net

Below is the server code
new Client {
ClientId = "native-client",

            AllowedGrantTypes = GrantTypes.Code,
            RequirePkce = true,
            RequireClientSecret = false,

            //RedirectUris = { "https://localhost:7124/account/login" },
            RedirectUris = { "https://authenticationserver2023.azurewebsites.net/account/login" },
            PostLogoutRedirectUris = { },
            AllowedCorsOrigins = { "http://localhost", "https://authenticationserver2023.azurewebsites.net" },

            AllowedScopes = {
                IdentityServerConstants.StandardScopes.OpenId,
                "native-client-scope",
                IdentityServerConstants.LocalApi.ScopeName,
                IdentityServerConstants.StandardScopes.Profile
            },

            AllowAccessTokensViaBrowser = true,
            RequireConsent = false,
            AccessTokenLifetime = 8*3600
        },

My app's configuration.
AndroidManifest.xml
android:scheme="https"
android:host="authenticationserver2023.azurewebsites.net"
android:path="/account/login"
build.grade
manifestPlaceholders += [
'appAuthRedirectScheme': 'https'
]

gabrielmulyawan commented

any update?

MaikuB commented

@TuonggVi Given what you've written here and in #462, it looks like you need to learn more about OAuth. You cannot just put in a URL that is for the web and expect it to work. This is also outside the scope of the plugin a if you're going to use a URL on the web as the redirect URI then you need to look up your target platform's documentation as they have documentation on this should be dealt with. Part of this is that you need to own the domain that is used and you don't own azurewebsites.net as that belongs to Microsoft. This means that the app failing to redirect is expected