Ionic using IdentityServer4 as IDP

Question

I got a simple task project i built in spare time. Consists of:

• API server
• IdentityServer4 Provider
• Angular Frontend (not angularjs)

I am now trying to expand this by incorporating a mobile app. In this case i built a simple app in Ionic that displays tasks. I want to now implement authentication so it can obtain tasks relevant to that user from the API.

I been looking around but cannot find any explanation on how to do this or any examples that demonstrate this.

End state it will be a Android app.

Any assistance is appreciated.

Update 1:

I've looked into leveraging oidc-client but it doesn't seem to activate the browser function properly when ported to Android. Still though haven't found sufficient informatino on this as to proper approach and how to do this.

Update 2: Feature Request to Ionic Since there seems to be number of people affected by this i have raised feature request with Ionic team in Github. https://github.com/ionic-team/ionic/issues/14499

Please vote and comment on it.

Answer 1

If you're creating a mobile app, you're going to want to use the Authorization Code or Hybrid flows, along with PKCE. If you haven't already, check out RFC 8252, which details best current practices for OAuth (and in turn OpenID Connect) and native apps.

Unfortunately, oidc-client only supports the implicit flow. For an Ionic app, I would recommend using openid-client since this allows the usage of both more appropriate flows, but also PKCE.

As far as I know, there are no public examples of Ionic using OpenID Connect, however, I do have a customer successfully using Ionic & the library I've listed above.

Update: oidc-client-js now supports Authorization Code + PKCE and is therefore suitable for ionic apps.