I am responsible for the development of a cross-platform application that must log in with OpenID. This application is developed in Xamarin.Forms, but I have to migrate it to MAUI. To log into the application I use the IdentityModel.OidcClient library. The authentication server is fully functional. I am not the one who develops and maintains the server.
The Xamarin.Forms application is able to log in without problems and obtain the full credentials: access token, refresh token, expiration, claims... The version I use of the library is IdentityModel.OidcClient 5.2.1. The authentication process follows the steps described in this link: Authentication in Xamarin Forms using Open Identity Connect and OAuth.
I am now trying to migrate this process to MAUI using the latest version of the library (6.0.0). For this, the first thing I have done is to download the sample code for MAUI and change only the following this:
MauiProgram.cs: OIDC options (Authority, ClientId, Scope, RedirectUri)
// setup OidcClient
builder.Services.AddSingleton(new OidcClient(new()
{
Authority = "https://www.realdomain.es/openid/more/path/",
ClientId = "myclientid",
Scope = "openid",
RedirectUri = "myscheme://localhost",
Browser = new MauiAuthenticationBrowser()
}));
MauiAuthenticationBrowser.cs: RequestUrl (same as RedirectUri)
var url = new RequestUrl("myscheme://localhost")
.Create(new Parameters(result.Properties));
WebAuthenticationCallbackActivity.cs: CALLBACK_SCHEME.
const string CALLBACK_SCHEME = "myscheme";
When running the app on an Android device and logging in, the browser doesn't open and I get this error:
Unathorized: Failed to push authorization parameters
I am not able to find anything related to this error. Does anyone know what could be happening?
I looked for the error message in the source code of the library and found the following log:
_logger.LogDebug("The IdentityProvider contains a pushed authorization request endpoint. Automatically pushing authorization parameters. Use DisablePushedAuthorization to opt out.");
So the solution is to add the DisablePushedAuthorization = true in the OidcClient options:
// setup OidcClient
builder.Services.AddSingleton(new OidcClient(new()
{
Authority = "https://www.realdomain.es/openid/more/path/",
ClientId = "myclientid",
Scope = "openid",
RedirectUri = "myscheme://localhost",
Browser = new MauiAuthenticationBrowser(),
DisablePushedAuthorization = true // To avoid error > Failed to push authorization parameters
}));