Logins use a Chrome Custom Tab, meaning that the app itself never has access to the user's password The login process follows these important best practices from RFC8252: Best Practice When the login button is clicked, a standard OpenID Connect authorization redirect is triggered, which then presents a login screen from the Identity Server: Patternīuilder classes are used to create OAuth request messagesĬallback functions are used to receive OAuth response messagesĮrror codes can be used to determine particular failure causes This is done via a script included with the example that is explained in the Mobile Setup how-to :ĪppAuth coding is based around a few key patterns that will be seen in the following sections and which are explained in further detail in the Android AppAuth Documentation. The easiest way to run the code example is to point it to a deployed and preconfigured instance of the Curity Identity Server, running in Docker.
Kotlin Coroutines are used to implement non blocking code when sending HTTP requests and receiving HTTP responses
View models are used to exclude processing code from views and to manage data values
The example also uses the following Android coding techniques in order to implement AppAuth with clean code: AspectĪndroid navigation is used to swap out the main fragment based on the current values of data The code example is a Single Activity App developed in Kotlin, though the main OAuth integration is done in the AppAuthHandler class, which should be easy to adapt into other types of Android app. Get the Codeįirst ensure that you are running an up-to-date version of Android Studio, then clone the GitHub repository and open the app subfolder: This view presents details about tokens and also allows token refresh and logout operations to be tested. Once signed in the app switches to an Authenticated View, to simulate screens in real apps that work with access tokens and call APIs. The code example is a simple Android App with two views, the first of which is an Unauthenticated View to handle processing related to signing the user in: Curity Identity Server is used in this example, but other OAuth servers can also be used.
0 kommentar(er)
