Open Unreal22 opened 1 week ago
We are using https://datatracker.ietf.org/doc/html/rfc8252 to handle desktop auth
and there are 3 ways to receive the auth response
The redirect url you used suggests you are using the first method "Private-Use URI Scheme Redirection", which is actually less secure.
This is why we only support the third method (Loopback Interface Redirection) as it does not require any custom configuration regarding DNS or messing with domain claims.
our example app contains a sample code on how to configure a cross-platform redirect uri:
After doing some research around okta provider, it seems that it's a limitation with okta: https://devforum.okta.com/t/loopback-interface-redirection-ephemeral-ports-wildcard-ports-in-localhost-redirect-uri/22197/2
Hi, I'm not sure if this is a issue, or if I'm missing a config, but whenever I try to use this on windows, the Uri gets changed, and in Chrome as web works fine.
final manager = OidcUserManager.lazy( store: OidcMemoryStore(), settings: OidcUserManagerSettings(redirectUri: Uri.parse("com.okta.dev-41706738:/callback")), clientCredentials:const OidcClientAuthentication.clientSecretBasic(clientId: "0oahre9v3cQmMQ3BR5d7", clientSecret: "cT4PozCQcBYtE1MG_36qjDQGYjdLQeu5tohr0aStjuZo2J96bymtxYJ-kaI8Ce0w",), discoveryDocumentUri: OidcUtils.getOpenIdConfigWellKnownUri(Uri.parse("https://dev-41706738-admin.okta.com"),),);
Chrome: redirect_uri=com.okta.dev-41706738%3A%2Fcallback (Good one) Windows: redirect_uri=com.okta.dev-41706738%3A%2F%2F%3A53856%2Fcallback (Changed one)
I'm using the example Git repo, didn't really changed any setting, and I'm using the same example that comes with the package.
Thanks a lot!