[aerogear-dev] OAuth2 with native Broswer in Android
Bruno Oliveira
bruno at abstractj.org
Mon May 4 08:19:16 EDT 2015
On 2015-04-30, Summers Pittman wrote:
> In Android I have a solution for using the native browser to perform an
> OAuth2 sign in. There are some limititions however.
>
> In general to use this you need an activity which has an intent filter to
> consume the redirect URL. This works best if you use a custom URI scheme.
> Google, Yahoo, and Facebook (as well as other I'm sure) only allow
> redirects to http or https. This means that unless you are using a third
> party to redirect a custom schema the browser my preempt your application
> and consume the redirect. Other services such as KeyCloak and Spotify
> allow custom schemas and these work perfectly with my solution.
>
> If we document the limitations of the Intent and when using an Intent vs
> using a WebView is appropriate, is a solution with these limitations
> adequate? I think it is.
+1
>
> Thoughts?
>
> Summers
>
> PS: a link to my poc :
> https://github.com/secondsun/aerogear-android-authz/tree/AGDROID-319/
> PPS: You can use this on the KeyCloakHelper in Shoot and Share by adding
> `setWithIntent(true)` to the configuration in that class.
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
abstractj
PGP: 0x84DC9914
More information about the aerogear-dev
mailing list