[aerogear-dev] OAuth2 with native Broswer in Android
Summers Pittman
supittma at redhat.com
Thu Apr 30 11:04:49 EDT 2015
In Android I have a solution for using the native browser to perform an
OAuth2 sign in. There are some limititions however.
In general to use this you need an activity which has an intent filter to
consume the redirect URL. This works best if you use a custom URI scheme.
Google, Yahoo, and Facebook (as well as other I'm sure) only allow
redirects to http or https. This means that unless you are using a third
party to redirect a custom schema the browser my preempt your application
and consume the redirect. Other services such as KeyCloak and Spotify
allow custom schemas and these work perfectly with my solution.
If we document the limitations of the Intent and when using an Intent vs
using a WebView is appropriate, is a solution with these limitations
adequate? I think it is.
Thoughts?
Summers
PS: a link to my poc :
https://github.com/secondsun/aerogear-android-authz/tree/AGDROID-319/
PPS: You can use this on the KeyCloakHelper in Shoot and Share by adding
`setWithIntent(true)` to the configuration in that class.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20150430/0ba7d32d/attachment.html
More information about the aerogear-dev
mailing list