search

MaikuB / flutter_appauth

A Flutter wrapper for AppAuth iOS and Android SDKs
274 stars 246 forks source link

authorize_and_exchange_code_failed, Failed to authorize: [error: null, description: Invalid ID Token] #486

Open ricardoBritoSantos opened 8 months ago

ricardoBritoSantos commented 8 months ago

I need urgent help, I'm trying to make my app authenticate with Microsoft Login ID.

If I use it the way below, there is no error and it can get the authorization code, so I think the application configuration in Azure is correct.

   final AuthorizationResponse? result = await appAuth.authorize(
     AuthorizationRequest(_clientId, _redirectUrl,
         discoveryUrl: _discoveryUrl, scopes: _scopes, loginHint: null),
   );

But I need the email address that logged in, so I understand that I need to use the method below, but when I use it it returns this error: Exception has occurred. PlatformException (PlatformException(authorize_and_exchange_code_failed, Failed to authorize: [error: null, description: Invalid ID Token], Issuer mismatch, null))

   final AuthorizationTokenResponse? result1 =
       await appAuth.authorizeAndExchangeCode(
     AuthorizationTokenRequest(
       _clientId,
       _redirectUrl,
       discoveryUrl: _discoveryUrl,
       scopes: _scopes,
     ),
   );

@MaikuB Can you help me please?

additional information

final String _discoveryUrl =
    'https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration';
final List<String> _scopes = <String>['openid', 'profile', 'email'];
FullstackWEB-developer commented 5 months ago

@ricardoBritoSantos I also faced the same problem. Unfortunately, I was unable to find a solution with this package, so I manually configured the authentication logic using webview_flutter. Please refer this package

Wwwolfgang commented 3 months ago

I'm facing a similar problem. This is my code for the login flow: await _appAuth.authorizeAndExchangeCode(AuthorizationTokenRequest( const String.fromEnvironment("CLIENT_ID"), const String.fromEnvironment("CALLBACK_URL_SCHEME"), serviceConfiguration: AuthorizationServiceConfiguration( authorizationEndpoint: Uri.https( const String.fromEnvironment("ISSUER"), '/api/oidc/authorize') .toString(), tokenEndpoint: Uri.https(const String.fromEnvironment("ISSUER"), '/api/oidc/token') .toString(), endSessionEndpoint: Uri.https( const String.fromEnvironment("ISSUER"), '/api/oidc/endsession') .toString(), ), scopes: ['openid', 'all_scopes', 'offline_access', 'profile'], preferEphemeralSession: true, loginHint: userId, promptValues: ['login'], allowInsecureConnections: true, discoveryUrl: const String.fromEnvironment("DISCOVERY_URL"), ))

It works on almost any phone(Android), but when I tried it on an old Huawei phone with Android 9 I get this error:

PlatformException(authorize_and_exchange_code_failed, Failed to authorize: [error: null, description: Invalid ID Token], ID Token expired, null)

If anyone knows what I could do, please tell me. I don't want to write all the logic myself but apparently I have to.