/openid-client-android-appauth

An OpenID Connect Android demo app using AppAuth libraries

Primary LanguageKotlinApache License 2.0Apache-2.0

Curity Android AppAuth Code Example

Quality Availability

Demonstrates how to implement an OpenID Connect mobile client using AppAuth libraries.

Tutorial Documentation

The Tutorial Walkthrough explains the complete configuration and behavior.

Quick Start

The easiest way to run the code example is via an automated script as explained in the Mobile Setup Article:

  • Copy a license.json file into the code example root folder
  • Edit the ./start-idsvr.sh script to use either a local Docker URL on an ngrok internet URL
  • Run the script to deploy a preconfigured Curity Identity Server via Docker
  • Build and run the mobile app from Android Studio
  • Sign in with the preconfigured user account demouser / Password1
  • Run ./stop-idsvr.sh when you want to free Docker resources

User Experience

The example mobile app demonstrates OAuth lifecycle events, starting with an Unauthenticated View:

Unauthenticated View

Once authenticated the Authenticated View show how to work with tokens and sign out:

Authenticated View

The example app also demonstrates reliable handling of AppAuth errors.

Security

AppAuth classes are used to perform the following security related operations accordng to RFC8252:

  • Logins and Logouts via a secure ASWebAuthenticationSession window
  • Use of Authorization Code Flow (PKCE)

Secure Window

More Information

Please visit https://curity.io for more information about the Curity Identity Server.