Unclear documentation

[RoarGronmo]

Referencing to the expanding part of 'Readme' in https://pub.dev/packages/oauth2

Could you please referase this section so the code works...

 There is not a universal example for implementing redirect and listen, because different options exist for each platform.

For Flutter apps, there's two popular approaches:

Launch a browser using url_launcher and listen for a redirect using uni_links.

  if (await canLaunch(authorizationUrl.toString())) {
    await launch(authorizationUrl.toString()); }

  // ------- 8< -------

  final linksStream = getLinksStream().listen((Uri uri) async {
   if (uri.toString().startsWith(redirectUrl)) {
     responseUrl = uri;
   }
 });
Launch a WebView inside the app and listen for a redirect using webview_flutter.

  WebView(
    javascriptMode: JavascriptMode.unrestricted,
    initialUrl: authorizationUrl.toString(),
    navigationDelegate: (navReq) {
      if (navReq.url.startsWith(redirectUrl)) {
        responseUrl = Uri.parse(navReq.url);
        return NavigationDecision.prevent;
      }
      return NavigationDecision.navigate;
    },
    // ------- 8< -------
  );
For Dart apps, the best approach depends on the available options for accessing a browser. In general, you'll need to launch the authorization URL through the client's browser and listen for the redirect URL.

It is unclear where theese two section should go, and how is linksStream used ?

[Muhesh7]

It's basically two different ways of Sending Authorization Request to the Authentication Server and Receiving the code back.

• In WebView Section,

  • Your basically OPENING the authorizationUrl link in WebView.

       String authorizationUrl = '${authorizationEndPoint}?client_id=${clientId}&redirect_uri=${redirectUri}&response_type=${responseType}&grant_type=${grantType}&state=${state}'

  • using Navigation Delegate we LISTEN to the NavigationRequests and when the OAuth Server authenticates the user it redirects to the redirectUrl

       String redirectUrl = '${redirectUri}?code=${code}&state=${state}'

  • Then You Parse the code from the redirectUrl and use it to exchange with access_token by sending a post request to tokenEndPoint.

  • For More Details refer flutter_dauth's WebView implementation. DAuth is an OAuth2.0 based SSO (Single Sign On) for my university students, the flutter_dauth package is for Client-Side Integration of DAuth and this package was highly inspired from oauth2 package and currently supports Authorization Code Flow. Feel free to take a look into the repo for reference.

• In url_launcher & uni_links section,

  • you are basically opening the AuthorizationUrl in Browser and When the Resource Owner is Authenticated, it redirects to the redirectUrl specified.
  • Using uni_links package you listen to the Uri Streams and when that Uri navigated by browser starts with your RedirectUri then parse the 'code' parameter and retrive the code.