Repository files navigation

A Flutter OAuth package for performing user authentication against Azure Active Directory OAuth2 v2.0 endpoint. Forked fromhitherejoe.FlutterOAuth.

Supported Flows:

• Authorization code flow (including refresh token flow)
• Authorization code flow B2C
• Authorization code flow ADFS

For using this library you have to create an azure app at theAzure App registration portal. Use native app as platform type (with callback URL:https://login.live.com/oauth20_desktop.srf).

Your minSdkVersion must be >= 20 inandroid/app/build.gradle sectionandroid / defaultConfig to support webview_flutter. Version 19 may build but will likely fail at runtime.

If your app does not have theandroid.permission.INTERNET permission you must add it to the AndroidManifest<uses-permission android:name="android.permission.INTERNET"/>

Afterwards you must create a navigatorKey and initialize the library as follow:

final navigatorKey=GlobalKey<NavigatorState>();// ...staticfinalConfig config=newConfig(    tenant:"YOUR_TENANT_ID",    clientId:"YOUR_CLIENT_ID",    scope:"openid profile offline_access",// redirectUri is Optional as a default is calculated based on app type/web location    redirectUri:"your redirect url available in azure portal",    navigatorKey: navigatorKey,    webUseRedirect:true,// default is false - on web only, forces a redirect flow instead of popup auth//Optional parameter: Centered CircularProgressIndicator while rendering web page in WebView    loader:Center(child:CircularProgressIndicator()),    postLogoutRedirectUri:'http://your_base_url/logout',//optional  );finalAadOAuth oauth=newAadOAuth(config);

This allows you to pass in an tenant ID, client ID, scope and redirect url.

The samenavigatorKey must be provided to the top-levelMaterialApp.

// ...// Material App must be built with the same navigatorKey// to support navigation to the login route for interactive// authentication.// ...Widgetbuild(BuildContext context) {returnMaterialApp(// ...      navigatorKey: navigatorKey,// ...    );  }

Then once you have an OAuth instance, you can calllogin() and afterwardsgetAccessToken() to retrieve an access token:

final result=await oauth.login();result.fold(  (failure)=>showError(failure.toString()),  (token)=>showMessage('Logged in successfully, your access token: $token'),);String accessToken=await oauth.getAccessToken();

Tokens are stored in Keychain for iOS or Keystore for Android. To destroy the tokens you can calllogout():

await oauth.logout();

For web you also have to add some lines to yourindex.html (see theindex.html in the example applications):

<head><scripttype="text/javascript"src="https://alcdn.msauth.net/browser/2.13.1/js/msal-browser.min.js"integrity="sha384-2Vr9MyareT7qv+wLp1zBt78ZWB4aljfCTMUrml3/cxm0W81ahmDOC6uyNmmn0Vrc"crossorigin="anonymous"></script><scriptsrc="assets/packages/aad_oauth/assets/msalv2.js"></script></head>

Note that when using redirect flow on web, thelogin() call will not return if the user has not logged in yet becausethe page is redirected and the app is destroyed until login is complete. Your application must take care of callinglogin() again once reloaded to complete the login process within the flutter application - if login was successful,this second call will be fast, and will not cause another redirection.

When using redirecting logins with the example application, you will need to click on the login button again followinga successful login to see the token details.

Setup your B2C directory -Azure AD B2C Setup.

Register an App on the previously created B2C directory -Azure AD B2C App Register.

Use native app as plattform type (with callback URL:https://login.live.com/oauth20_desktop.srf).

Create your user flows -Azure AD B2C User Flows

Add your Azure tenant ID, tenantName, client ID (ID of App), client Secret (Secret of App) and redirectUrl in the main.dart source-code:

staticfinalConfig configB2Ca=newConfig(    tenant:"YOUR_TENANT_NAME",    clientId:"YOUR_CLIENT_ID",    scope:"YOUR_CLIENT_ID offline_access",// redirectUri: "https://login.live.com/oauth20_desktop.srf", // Note: this is the default for Mobile// clientSecret: "YOUR_CLIENT_SECRET", // Note: do not include secret in publicly available applications    isB2C:true,    policy:"YOUR_USER_FLOW___USER_FLOW_A",    tokenIdentifier:"UNIQUE IDENTIFIER A",    navigatorKey: navigatorKey,  );

Afterwards you can login and get an access token for accessing other resources. You can also use multiple configs at the same time.

This library only suports ADFS authentication for Flutter mobile applications, not web builds.

Register an ADFS app =Windows Server ADFS Application Setup.

Use redirect URI:https://login.live.com/oauth20_desktop.srf.

Use a configuration like:

staticfinalConfig adfsAuthConfig=Config(  customAuthorizationUrl:'https://adfs.your-domain.com/adfs/oauth2/authorize',  customTokenUrl:'https://adfs.your-domain.com/adfs/oauth2/token',  clientId:'YOUR_CLIENT_ID',  scope:'openid OTHER_SCOPES_YOU_NEED',  navigatorKey: navigatorKey,  loader:constSizedBox(),);

Add the following to your pubspec.yaml dependencies:

dependencies:aad_oauth:"^1.0.1"

Contributions can be submitted as pull requests and are highly welcomed. Changes will be bundled together into a release. You can find the next release date and past releases in theCHANGELOG file.