2

几天来,我一直在努力尝试在 aspnet 核心 api 中使用 AppAuth Android 和 IdentityServer4 实现身份验证流程。

到目前为止,我设法达到的是

  1. 创建我认为必要的服务器端并使用 Postman 进行测试
  2. 设法让 AppAuth 打开我登录的选项卡(但是成功的登录不会发送回应用程序)

这是客户端属性服务器端:

                new Client
                {
                    ClientId = "postman",
                    ClientName = "Postman Client",
                    AllowedGrantTypes = IdentityServer4.Models.GrantTypes.Code,

                    ClientSecrets =
                    {
                        new Secret("secret".Sha256())
                    },
                    RequireConsent = false,
                    RedirectUris = { "com.example.poc.appauth://callback" },
                    AllowedCorsOrigins = { "http://localhost:4300" },

                    AllowAccessTokensViaBrowser = true,
                    Enabled = true,
                    ClientUri = null,

                    AllowedScopes =
                    {
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile,
                        "api1"
                    },
                    AllowOfflineAccess = true
                },

并且可以从邮递员和收到的令牌访问此客户端。

好吧,我打赌我做错了什么有趣的部分(即使我已经阅读了我能找到的所有三个示例......) - Android客户端的配置。

    build.gradle:

        android {
            compileSdkVersion 27

        lintOptions {
            disable 'InvalidPackage'
        }

        defaultConfig {
            // TODO: Specify your own unique Application ID (https://developer.android.com/studio/build/application-id.html).
        applicationId "com.example.poc"
        minSdkVersion 16
        targetSdkVersion 27
        versionCode 1
        versionName "1.0"
        testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner"
        manifestPlaceholders = ['appAuthRedirectScheme': 'com.example.poc.appauth']
    }

        dependencies {
            ...
            implementation 'net.openid:appauth:0.7.0'
        }

我添加的更改在哪里

implementation 'net.openid:appauth:0.7.0'

manifestPlaceholders = ['appAuthRedirectScheme': 'com.example.poc.appauth']

然后我在清单中添加了一些东西(这里添加了完整的清单):

<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.example.poc">

<uses-permission android:name="android.permission.INTERNET"/>

<application
    android:name="io.flutter.app.FlutterApplication"
    android:label="poc"
    android:icon="@mipmap/ic_launcher">
    <activity
        android:name=".MainActivity"
        android:launchMode="singleTop"
        android:theme="@style/LaunchTheme"
        android:configChanges="orientation|keyboardHidden|keyboard|screenSize|locale|layoutDirection|fontScale|screenLayout|density"
        android:hardwareAccelerated="true"
        android:windowSoftInputMode="adjustResize">
        <meta-data
            android:name="io.flutter.app.android.SplashScreenUntilFirstFrame"
            android:value="true" />
        <intent-filter>
            <action android:name="android.intent.action.MAIN"/>
            <category android:name="android.intent.category.LAUNCHER"/>
        </intent-filter>
        <intent-filter>
            <action android:name="com.example.poc.appauth.HANDLE_AUTHORIZATION_RESPONSE"/>
            <category android:name="android.intent.category.DEFAULT"/>
        </intent-filter>
    </activity>

    <activity android:name="net.openid.appauth.RedirectUriReceiverActivity">
        <intent-filter>
            <action android:name="android.intent.action.VIEW"/>
            <category android:name="android.intent.category.DEFAULT"/>
            <category android:name="android.intent.category.BROWSABLE"/>
            <data  android:scheme="com.example.poc.appauth"/>
        </intent-filter>
    </activity>

</application>

现在我已经直接在 MainActivity 中添加了所有的授权实现。

  private static final String AUTHORIZATION_ENDPOINT = "http://10.0.2.2:63692/account/login";
  private static final String TOKEN_ENDPOINT = "http://10.0.2.2:63692/connect/token";
  /* I have also tried
  private static final String REDIRECT_URI = "com.example.poc.appauth://callback";
  */
  private static final String REDIRECT_URI = "com.example.poc.appauth";
  private static final String CLIENT_ID = "postman";
  private static final String CLIENT_SECRET = "secret";
  private static final String SCOPE = "openid";
  private static final String RESPONSE_TYPE = "code";
  private static final String HANDLE_AUTH_RESPONSE = "com.example.poc.appauth.HANDLE_AUTHORIZATION_RESPONSE";

在应用程序启动时我打电话authorize()

private void authorize() {
    AuthorizationServiceConfiguration serviceConfiguration = new AuthorizationServiceConfiguration(
            Uri.parse(AUTHORIZATION_ENDPOINT),
            Uri.parse(TOKEN_ENDPOINT)
    );

    AuthorizationRequest.Builder builder = new AuthorizationRequest.Builder(
            serviceConfiguration,
            CLIENT_ID,
            RESPONSE_TYPE,
            Uri.parse(REDIRECT_URI)
    );
    builder.setScopes(SCOPE);

    AuthorizationRequest request = builder.build();

    Intent postAuthorizationIntent  = new Intent(HANDLE_AUTH_RESPONSE);
    PendingIntent pendingIntent = PendingIntent.getActivity(getApplicationContext(), request.hashCode(), postAuthorizationIntent , 0);

    _authService.performAuthorizationRequest(request, pendingIntent);
}

登录屏幕在选项卡中打开,我可以添加我的凭据并登录(现在我被重定向到浏览器选项卡中的主页)。

我希望在登录完成时调用此函数,但似乎并非如此。

@Override
  protected void onNewIntent(Intent intent) {
    /* I've never reached this point. */
    Log.d(LOG_TAG, "New intent received");
    if (intent != null) {
      String action = intent.getAction();
      switch (action) {
        case HANDLE_AUTH_RESPONSE:
          if (!intent.hasExtra(USED_INTENT)) {
            handleAuthorizationResponse(intent);
            intent.putExtra(USED_INTENT, true);
          }
          break;
        default:
          // do nothing
      }
    }
  }

如果这个问题太大了,我很抱歉,但我似乎可以在配置/实现中找到错误。

我期望发生的是:

1) 应用程序启动并使用登录屏幕打开一个选项卡 2) 我登录并关闭自定义选项卡,因为我被重定向到 MainActivity 应该处理的重定向 URI,我得到了postAuthorizationIntent.

4

0 回答 0