search

capacitor-community / generic-oauth2

Generic Capacitor OAuth 2 client plugin. Stop the war in Ukraine!
MIT License
223 stars 106 forks source link

Feat: support universal links on iOS #247

Open raphael-yapla opened 4 months ago

raphael-yapla commented 4 months ago

Describe the Feature

As recommended by the OAuth 2.0 for Native Apps RFC claimed "https" scheme redirect URIs (or app links on Android/iOS) should be favoured for security reasons as they guarantee the domain ownership.

App-claimed "https" scheme redirect URIs have some advantages compared to other native app redirect options in that the identity of the destination app is guaranteed to the authorization server by the operating system. For this reason, native apps SHOULD use them over the other options where possible.

I got it working on Android using the following AndroidManifest.xml configuration:

<activity android:name="net.openid.appauth.RedirectUriReceiverActivity" android:exported="true">
    <intent-filter android:autoVerify="true">
        <action android:name="android.intent.action.VIEW" />
        <category android:name="android.intent.category.DEFAULT" />
        <category android:name="android.intent.category.BROWSABLE" />
        <data android:scheme="https" android:host="your.domain.com" android:path="/login"/>
    </intent-filter>
</activity>

But on iOS I'm facing an issue when using an associated domain, the redirection is not caught because I think that the handler is not listening on the right event:

public override func load() {
    NotificationCenter.default.addObserver(self, selector: #selector(self.handleRedirect(notification:)), name: .capacitorOpenURL, object: nil)
    registerHandlers()
}

capacitorOpenURL is called for custom scheme links but for universal links a different application signature is called in the AppDelegate.swift which in turn calls the capacitorOpenUniversalLink notification instead.

Platform(s) Support Requested

Describe Preferred Solution

I've opened a PR with a simple fix, by registering the capacitorOpenUniversalLink notification observer the same way it's done with capacitorOpenURL the redirection is handled properly. So something like this:

public override func load() {
    NotificationCenter.default.addObserver(self, selector: #selector(self.handleRedirect(notification:)), name: .capacitorOpenURL, object: nil)
    NotificationCenter.default.addObserver(self, selector: #selector(self.handleRedirect(notification:)), name: .capacitorOpenUniversalLink, object: nil)
    registerHandlers()
}

Describe Alternatives

Not sure if there are any unfortunately 🤷

Thank you for all the work on this package!