React native bridge for AppAuth - an SDK for communicating with OAuth2 providers
[![npm package version](https://badge.fury.io/js/react-native-app-auth.svg)](https://badge.fury.io/js/react-native-app-auth)
[![Maintenance Status][maintenance-image]](#maintenance-status)
![Workflow Status](https://github.com/FormidableLabs/react-native-app-auth/actions/workflows/main.yml/badge.svg?branch=main)
This versions supports react-native@0.63+
. The last pre-0.63 compatible version is v5.1.3
.
React Native bridge for AppAuth-iOS and AppAuth-Android SDKS for communicating with OAuth 2.0 and OpenID Connect providers.
This library should support any OAuth provider that implements the OAuth2 spec.
We only support the Authorization Code Flow.
Check out the full documentation here!
These providers are OpenID compliant, which means you can use autodiscovery.
These providers implement the OAuth2 spec, but are not OpenID providers, which means you must configure the authorization and token endpoints yourself.
AppAuth is a mature OAuth client implementation that follows the best practices set out in
RFC 8252 - OAuth 2.0 for Native Apps including using
ASWebAuthenticationSession
and SFSafariViewController
on iOS, and
Custom Tabs on
Android. WebView
s are explicitly not supported due to the security and usability reasons
explained in Section 8.12 of RFC 8252.
AppAuth also supports the PKCE ("Pixy") extension to OAuth which was created to secure authorization codes in public clients when custom URI scheme redirects are used.
To learn more, read this short introduction to OAuth and PKCE on the Formidable blog.
Please see our contributing guide.
After cloning the repository, run the following:
cd react-native-app-auth/Example
yarn
(cd ios && pod install)
npx react-native run-ios
After cloning the repository, run the following:
cd react-native-app-auth/Example
yarn
npx react-native run-android
appAuthRedirectScheme
value in build.gradle to use a custom scheme so that it differs from the scheme used in your deep linking intent-filter as seen here.Example:
// build.gradle
android {
defaultConfig {
manifestPlaceholders = [
appAuthRedirectScheme: 'io.identityserver.demo.auth'
]
}
}
Active: Nearform is actively working on this project, and we expect to continue for work for the foreseeable future. Bug reports, feature requests and pull requests are welcome.