I agree that a non-webview approach may have benefits. However, there's a lot of
functionality that would have to be reproduced for all platforms. Alternatively, we could
support a limited set of functionality without a webview, and if anything else is required
use a webview, or even pop up the browser.
On Android, Google uses a webview if you have Google Authenticator enabled.
For a complete experience the following is currently required:
* Login (username/password)
- Social logins (configurable through realm)
- Recover password link
- Registration link
- Remember me option
* Multi-factor authenticating (soon we'll support pluggable auth mechanisms)
* Registration page (fields will be configurable in the future)
* Required actions (update profile, reset password, verify email, configure totp)
Then there's also single-sign on/out to consider.
All of the above can be done in a native way already by just doing the same HTTP posts as
the login forms does. However, even a basic login would be tricky to do due to
multi-factor authentication.
----- Original Message -----
From: "Bruno Oliveira" <bruno(a)abstractj.org>
To: "Summers Pittman" <supittma(a)redhat.com>
Cc: keycloak-dev(a)lists.jboss.org
Sent: Wednesday, 1 October, 2014 1:06:13 AM
Subject: Re: [keycloak-dev] Ok to have no direct links to...
Back from vacations, I think would be nice if it doesn't exist already
endpoints like Corinne mentioned.
Webviews from the security side of the things are a bad idea for mobile apps.
I wouldn't like
to use that if possible.
On 2014-09-30, Summers Pittman wrote:
> On 9/30/2014 9:31 AM, Bill Burke wrote:
> >
> > On 9/30/2014 9:28 AM, Corinne Krych wrote:
> >> On 26 Sep 2014, at 17:27, Bill Burke <bburke(a)redhat.com> wrote:
> >>
> >>> I need some input.
> >>>
> >>> It is ok for, registration page and social link buttons to only be
> >>> linkable from within a Keycloak login page?
> >>>
> >> When you say keyclaok login page, does it have to ba web-based page?
> >>
> >> What about mobile native app?
> >> It would be nice to have the option for an iOS mobile app to add
> >> “MykeycloakServername login” customizable button from the native app
> >> sdk.
> >> Like google+plus btutton for example:
> >>
https://developers.google.com/+/mobile/ios/sign-in
> >>
> > Somebody on the Aerogear project implemented something like this for
> > Android. They may be doing the same for iOS too.
> I have no plans on doing things for iOS. The Android Authenticator just
> displays a webview of the login page and detects when then "code"
> parameter is in the response URI.
> >
> > Bill
> >
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
--
abstractj
PGP: 0x84DC9914
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev