Windows Callback URI Scheme other than http://localhost

[Mabenan]

Hi like i mentioned here https://github.com/appwrite/sdk-for-flutter/issues/96#issuecomment-1309344071 I found a potential solution for the callback-uri-scheme. With this package https://pub.dev/packages/desktop_webview_window we could open a WebView window and call the Auth Url after the login process a URL change to our callback-uri-scheme will happen this can be catched with a registration here void addOnUrlRequestCallback(OnUrlRequestCallback callback);.

For the transition time i would say that we implement it as an additional feature.

So if a callback-uri-scheme is provided which is not fitting this Constraints https://github.com/ThexXTURBOXx/flutter_web_auth_2/blob/a844877485169c7becca7bd5a62df762646386f0/flutter_web_auth_2/lib/src/flutter_web_auth_2_windows.dart#L66-L72

Use the in App WebView

If wanted I will provide an PR for this.

[ThexXTURBOXx]

I have seen that comment already, but don't think that it will make a lot of sense to implement another temporary solution on top of a current temporary one. The biggest drawback of that package is that it will require the user to install additional software, i.e., WebView2 Runtime or webkit2gtk-4.0, respectively. Right now, the user has the best experience whilst the developer has to make sure his application fits the constraints. However, as already stated, if there are better (permanent) solutions available to tackle this problem, I will of course apply the solutions asap! :)

[Mabenan]

Ok what i also found out on my Researches are that you can register a scheme in the windows registry. Need to check the native windows api if the programm can do this itself without admin consent.

Then the solutuon would be to register the scheme with a native call and assign it to the exe than implement on the start a reaction on the callback and send the data to the server we already create, or change it to a socket solution.

[Mabenan]

Ok it is possible to add a registry key without user interaction and without admin rights. So now we only need a concept how we init the callback scheme and how we react on it.

This include like already mention a reaction on the callback at the start of the implimentation.

I think of a static method call where you give in the callback scheme you want to register and the arguments passed to the application.

[ThexXTURBOXx]

As far as I can remember from my old regedit times, it suffices to add the scheme as a key in HKCR and specifying the application to launch inside that key, right? If this is the case, there could be a couple of problems:

1. I do not know if that is true at all, but maybe the PC must be restarted after changing the registry. There are at least many keys that need a computer restart for their change to take effect. If that is really the case, it is not a good way to add it in runtime and removing it afterwards. It should stay there permanently, which would mean in turn that after uninstalling the application, it should also get removed in order to avoid future hicups.
2. The application will not be able to retrieve correctly if it is already open. This could be circumvented by the application indicating that it only can be opened once at a time and if it is opened again, it just sends the start arguments via socket to the already open application (like Luyten, for example, although it is non-Flutter)

There might be more problems, but these are the two largest one I can think of right now. Maybe I will test a few things in the near future to see if I can get them to work. However, I cannot promise anything since I am in the middle of writing my Master's Thesis at the moment and have to use my spare time to keep all my projects at least somewhat alive. So, bugs can be fixed; enhancements might take longer :)

[Mabenan]

I also do some researches in the meantime from what I see it is not necessary to restart the computer or the app to activate the registry. At least for the HKEY_CURRENT_USER hive, which is the one I would use because a normal user can add keys here.

[Mabenan]

For instancing we could utilize this one https://pub.dev/packages/multi_instance_handler

[ThexXTURBOXx]

I am not sure if I would like to add too many more dependencies to this library. Especially multi_instance_handler adds shared_preferences for instance which is very unnecessary for these use-cases :)

[ThexXTURBOXx]

Oh, and also there are bug reports like this one: https://github.com/lsegal/flutter_multi_instance_handler/issues/3 which make the entire library very unusable

[Mabenan]

Good point, the lib isn't big the sharedpref is not needed for windows so i would say we just take what we need.

[Mabenan]

Oh didn't seen that, ok than i will take the code an make own researches maybe it is a simple bug but it should be possible to implement.

[ThexXTURBOXx]

The library in itself would be very nice, but it should not have too many (or even better no) dependencies. Then, it might be worth a try

[sumersm7]

i was looking around and found this https://pub.dev/packages/protocol_handler (android, ios , windows , macos)

this use win32 package to edit registry for custom url. but after this i was not able to compile for web as web try to compile win32 and its not for web and idk how i can prevent win32 from compiling for web

[ThexXTURBOXx]

@sumersm7 It looks promising, however, yes, we need to see that it won't break other platforms. Maybe someone wants to make a PR if he knows how to circumvent this. Otherwise, I will see at some point if I can edit the registry in flutter_web_auth_2 in a similiar way without incorporating the package.

[sumersm7]

flutter plugin and platform interface is new for me. make my brain hurt trying to understand. protocol_handler hasn't used plugin_platform_interface like this plugin i think that's why "win32_registry" is not ignored while compiling for web i would have liked to help if i am not a noob

[Mabenan]

We could use win32_registry package the important thing is to only call it in windows cosing so in the correct dart file. The package only uses ffi and win32 like we already does to bring the window to the front. I also tried a little bit around and got the registration working.

The thing that is much more complicated is that we get the app to handle the callback correctly because windows will start a new instance of the programm that is customized in the registration

[sumersm7]

Using app_links and that specific code from protocol_handler to register scheme , and a conditional import and a empty class with same name so it doesn't get imported in other than window. And nodejs and passport js. I was able to use Oauth login. Let me know if u want more detail about it . It's a jank method but it solves the problem 😅

[ThexXTURBOXx]

@sumersm7 I am a bit reluctant to replace a jank method (the current one) with another and, thus, add breaking changes. If I want to replace the current method with breaking changes, at least they should be done properly :)

@Mabenan Sounds good for now. If we are able to circumvent opening another instance at some point, I will probably add this or a similar approach. Many applications open a server socket when launching and if the port is already bound, they just send the current startup parameters to that port such that the already opened application can react to them. Not the best approach, maybe there is a better one that we could implement...

[sumersm7]

1. Iam not suggesting any changes until ur satisfied.
2. My jank method won't be replacing urs it will be adding on top of it (it's a joke)
3. Is there another place to discuss. (Other than this issue thread just asking)

[mattsrobot]

Hey guys, thanks for maintaining this library.

I'm currently implementing a large complex Flutter app with an OAuth2 login flow.

I plan to support:

• iOS
• Android
• Windows
• macOS

will I be able to support all of these platforms with flutter_web_auth_2 ? I'm a bit confused about Windows support specifically due to this callback URL limitation.

[ThexXTURBOXx]

@mattsrobot Look at the example implementation, it works on all these platforms simultaneously :)

[aawssm]

Do u have any backend server like nodejs, or dart? @mattsrobot

If u have a node server u can checkout my flutter code that i tested on Android windows and web.

[mattsrobot]

@aawssm thank-you kindly! I'm familiar with Node.js I'de love to check it out, much appreciated.

[ThexXTURBOXx]

This is no longer a limitation in 4.0.0-alpha.0, thanks to #92!