Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Configuring Auth, Callback and Token Uri at run time

See original GitHub issue

It seems that we cannot programmatically change those uris at runtime, since, the intent filter for RedirectUriReceiverActivity or manifestPlaceholders = [ 'appAuthRedirectScheme': '' ] has fixed values. So theoretically with this library we cannot have a app with a settings/preference panel where we can change, let’s say the redirect uri and have the app running(building it once). For all possible redirect uri’s we have to prefil the <data android:scheme=''> ? Is that so ? If so then why this design decision was taken ? (I can think of custom tab implemented within an activity and scenarios similar to overriding onRedirectUrl of Webview being used to similar end)

Further with this intent forwarding model, if the user is already logged in the browser, calling Authorization request with same credential (redirected to Callback url) doesn’t get intercepted by RedirectUriReceiverActivity

Issue Analytics

State:
Created 7 years ago
Comments:7 (3 by maintainers)

Top GitHub Comments

4reactions

iainmcgincommented, Mar 10, 2017

Is the redirect occuring after a user click? If the redirect is automatic (i.e. triggered by Javascript), then Chrome will not send an intent to a registered app - an explicit user action is required. There are two ways we know of to deal with this:

If the IDP supports the OpenID “prompt” parameter, pass this with value “consent” to force display of a consent screen.
Create a web page for your redirect URI that displays “Welcome back, $USER - Click here to return to the app”. Upon click, do the real redirect to the app’s custom scheme. My other demo does this to deal with GitHub, which does automatic redirect.

0reactions

pavangtoshniwalcommented, Jan 23, 2020

AppAuth redirection from chrome browser to application not working. However if we add firefox to browser whitelist by removing chrome it works perfectly fine. With firefox browser the redirection perfectly works fine. Chrome app version is 79.0.3945.136

Top Results From Across the Web

Call Your API Using the Authorization Code Flow - Auth0

This tutorial will help you call your own API using the Authorization Code Flow. If you want to learn how the flow works...

Using OAuth 2.0 for Web Server Applications | Authorization

If you set this parameter's value to true and the authorization request is granted, then the new access token will also cover any...

Callbacks | NextAuth.js

JWT callback · As with database persisted session expiry times, token expiry time is extended whenever a session is active. · The arguments...

OAuth Quickstart Guide - HubSpot Developers

Step 4: Exchange authorization code for tokens ; redirect_uri, The redirect URI from when the user authorized your app, https://www.example.com/auth-callback.

Configure Azure AD authentication - App Service

Select Expose an API, and click Set next to "Application ID URI". This value uniquely identifies the application when it is used as...