flutterappauth

flutter_appauth: What's the correct redirect_uri?


Please correct me if I did anything wrong here. I have a IdentityServer4 (that's .NET's OIDC implementation), and the client is defined such as:

new Client
{
    ClientId = "flutterclient",
    AllowedGrantTypes = GrantTypes.Code,
    ClientSecrets = new List<Secret> { new Secret("fluttersecret".Sha256()) },
    AllowedScopes = new List<string>
    {
        IdentityServerConstants.StandardScopes.OpenId,
        IdentityServerConstants.StandardScopes.Profile,
    },
    RedirectUris = { "com.example.flutter_client://oidccallback" },  // Is this correct?
    AllowOfflineAccess = true,
}

I'm currently just trying on the emulator, I am able to access the discovery document at https://10.0.2.2:5001/.well-known/openid-configuration on the phone, so I'm sure the emulator is able to talk to my IDP.

Now, I'm not too sure of what parameter I need to put into the flutter_appauth:

// The flutter's code, trying to sign in
final AuthorizationTokenResponse result = await _appAuth.authorizeAndExchangeCode(
  AuthorizationTokenRequest(
    'flutterclient',
    '????',    // What should I put here as redirect URI?
    clientSecret: 'fluttersecret',
    serviceConfiguration: AuthorizationServiceConfiguration('https://10.0.2.2:5001/connect/authorize', 'https://10.0.2.2:5001/connect/token'),
    scopes: <String>['openid', 'profile'],
    preferEphemeralSession: false,
  ),
);

// The gradle's definition
defaultConfig {
    applicationId "com.example.flutter_client"
    minSdkVersion 18
    targetSdkVersion 28
    versionCode flutterVersionCode.toInteger()
    versionName flutterVersionName
    manifestPlaceholders = [
        'appAuthRedirectScheme': '10.0.2.2:5001'  // Is this correct?
    ]
}

Especially struggling with the 'redirect_uri' parameter for AuthorizationTokenRequest, I've tried 'https://10.0.2.2:5001:/oauthredirect', '10.0.2.2:5001:/oauthredirect' and every time the IDP would tell me that I have a malformed redirect_uri. What's the correct one? Is my other parameter correct?


Solution

  • The 'appAuthRedirectScheme' are defined by developer themselves. Once that is defined, just use the same value on IS4's Client.RedirectUris.