-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Future OpenIdConnect.authorizeInteractive directly returns null for response when param 'useWebPopup' is false #44
Comments
I experience the same, @ahmednfwela can you tell if this is a bug or by design? |
can you try referencing the latest version of the package on main branch? since it hasn't been published yet by @jhancock4d |
I reproduced it on the latest version of the package on the main branch. |
using these references: openidconnect:
git:
url: git@github.com:4D-Technologies/openidconnect_flutter.git
ref: main
path: openidconnect
openidconnect_web:
git:
url: git@github.com:4D-Technologies/openidconnect_flutter.git
ref: main
path: openidconnect_web
openidconnect_platform_interface:
git:
url: git@github.com:4D-Technologies/openidconnect_flutter.git
ref: main
path: openidconnect_platform_interface this client: client = await OpenIdConnectClient.create(
discoveryDocumentUrl:
'https://somewebsite.com/.well-known/openid-configuration',
redirectUrl: 'http://localhost:4200/callback.html',
clientId: 'SomeClientId',
audiences: ['SomeAudience'],
scopes: ['openid', 'SomeScopes'],
autoRefresh: true,
); this request: final identity = await client.loginInteractive(
context: context,
title: "Login",
useWebPopup: true,
); has been tested and currently is deployed on a production environment |
setting |
but I might know where the problem is, working on a fix now @WilkoThomassen @markbeij does this PR fix your issues ? #30 |
Thanks, I thought I tried that one and it didn't resolve the issue. Will try again and let you know. Update: I tried and with that PR and I can still reproduce the issue. Do I understand correctly that you can not reproduce the issue in the package's example with that PR or latest main branch? |
Please see the announcement for package:oidc. |
@ahmednfwela, I am facing this problem currently. |
I am only maintaining the oidc package at the moment, and I don't think the package author has the time to keep up with the current package issues |
@ahmednfwela, ok. |
yes, this method must be invoked on app start to handle the auth response |
One more question @ahmednfwela. OpenIdConnect.processStartup seems to work only one time immediately after executing the OpenIdConnect.authorizeInteractive. I mean if I execute OpenIdConnect.authorizeInteractive and OpenIdConnect.processStartup after, I successfully get AuthorizationResponse and tokens. But If I execute a second-time OpenIdConnect.processStartup just after, I get null this time. |
Process startup is not designed to do what you are attempting. It is there solely to pull any existing tokens from storage once and only once and it cleans up after itself when done which is why you get what you get. And this method also sets up refresh token updates etc. If you want tokens afterwards, they're already loads and ready to use. Just use them directly. |
Thank you @jhancock4d for your feedback. Something is still unclear in my mind. You said that afterward (so after redirection to callback URL), tokens are loaded and ready to use, but which method can be used to get it? |
Make your auth client, then access the identity property. It will be null if not logged in, filled in if not, and the access token is avialable there. |
@jhancock4d, maybe I missed something but I don't see the benefit of creating a OpenIdConnectClient.
The situation is also explained here : #30 |
The ONLY way to use this library is with the client. And that won't change. |
This behaviour can be reproduced in the Example project using 'Interactive Authorization Code PKCE' option.
Choose to have no popup for logging in.
The following code in the example directly returns null when the Login screen is displayed
Beneath the surface the token is properly set after loggin in with the form because when I reload the webapp and run the method a second time, then a valid authresponse is returned.
It all works perfectly fine when I use the popup window, the future is then properly awaited and returns a valid authresponse after logging in.
The text was updated successfully, but these errors were encountered: