[keycloak-dev] Native mobile OAuth2 keycloak flows
Corinne Krych
corinnekrych at gmail.com
Mon Oct 6 05:09:11 EDT 2014
Hello Keycloak team,
On native app, our aerogear-oauth2 sdk supports the following flows:
- oauth2 authz code (publicl client) bearer-only using external browser. See Shoot demo.
- oauth2 refresh grant
- oauth2 revoke (using logout endpoint to revoke all refresh/access tokens).
We have a iOS demo [1] and its associated backend [2] which shows how to use authz code grant on Google, Facebook and Keycloak using aerogear oauth2 sdk [3]. For Android we have same level features [4] (just missing the Shoot demo).
To come in next release:
- openID flow based on authz code (need an extra token decoding to get ID information) with a ui button “login with your keyclakbackend account”. Thanks to Stian I managed the base64url decoding...
- direct grant (resource owner grant).
- basic auth support for confidential mode
I’m thinking to do a Keyclaok (only) HelloWorld demo which show all different use cases.
Therefore the question: What other use cases do I miss? Feedback welcome.
++
Corinne
AeroGear iOS
———————————
[1] https://github.com/aerogear/aerogear-ios-cookbook/tree/swift/Shoot
[2] https://github.com/corinnekrych/aerogear-backend-cookbook/blob/master/Shoot/README.md
[3] https://github.com/aerogear/aerogear-ios-oauth2
[4] https://github.com/aerogear/aerogear-android-authz
More information about the keycloak-dev
mailing list