Menu
I have read a tutorial regarding OAuth 2.0 and implicit grant type. I still don't understand how implicit grant type will work for mobile (iOS or Android). For example if we create an SSO App (like Facebook) and make an SDK to give this service. Does the SSO app contacts the Authorization server pragmatically or via a web view?
Also another point is that - implicit grant type requires you to send a Redirect URI. I understand that you can make a custom uri schema for iOS and do this. What I don't understand is how the authorization server calls a custom URI on the device.
962
For Oauth2 in mobile apps you can set your redirect_uri to some dumy URL like http://localhost/redirect/ and then use the webview's "onload" event to check the URL for access_token
For example in iOS, you can load the authorization url in webview, and use delegate method to check the redirect_uri for access_token like this:
- (BOOL)webView:(UIWebView *)webView shouldStartLoadWithRequest:(NSURLRequest *)request navigationType:(UIWebViewNavigationType)navigationType {
NSURL *Url = [request URL];
...
}
You can also do this in Phonegap app with HTML5/JavaScript using InAppBrowser:
var loginWindow = window.open(login_url, '_blank', 'location=yes');
$(loginWindow).on('loadstart', function(e) {
var url = e.originalEvent.url;
var access_token = url.split("access_token=")[1];
...
}
full code here: https://github.com/krisrak/jquery-cordova-oauth2
145
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
