search

dfinity / internet-identity

Internet Identity, a blockchain authentication system for the Internet Computer
https://identity.ic0.app
Other
407 stars 138 forks source link

Will it support authing for other type of apps, eg, android/ios? #332

Open neeboo opened 3 years ago

neeboo commented 3 years ago

We are currently making the flutter agent for IC,soon there will be devs to build other types of client.

I'm thinking to build a auth-client package for flutter, which will works similar to the javascript package.

However there are some differences between web app authing and native app authing.

  1. To use current browser's Webauthn feature, the native side will open browser window or shared modal.
  2. To the auth-client of js, it use window.postMessage to pass the request payload to the Auth page. But native does not, so we are thinking to pass the URLParameters to it.
  3. So the Identity WebApp will find a way to extract the query info, then pass the login process.
  4. Then after login success or fail, the Identity WebApp will use window.location.href={scheme}://{callback_path}?success={true|false}&payload={payload} to pass the response with delegations back to the native which will use auth-client to receive.

That may require some changes and any good idea we can discuss about?

ehsan6sha commented 3 years ago

We are currently making the flutter agent for IC,soon there will be devs to build other types of client.

I'm thinking to build a auth-client package for flutter, which will works similar to the javascript package.

However there are some differences between web app authing and native app authing.

  1. To use current browser's Webauthn feature, the native side will open browser window or shared modal.
  2. To the auth-client of js, it use window.postMessage to pass the request payload to the Auth page. But native does not, so we are thinking to pass the URLParameters to it.
  3. So the Identity WebApp will find a way to extract the query info, then pass the login process.
  4. Then after login success or fail, the Identity WebApp will use window.location.href={scheme}://{callback_path}?success={true|false}&payload={payload} to pass the response with delegations back to the native which will use auth-client to receive.

That may require some changes and any good idea we can discuss about?

Did you completed this? I am building a react-native and would like your insights if possible. I tried using WebView which was unable to load Internet Identity. In other options we do nto have access to postMessage that II is currently using

krpeacock commented 3 years ago

We had URLParameters as an option in the initial design of II, and I think that supporting OAUTH flows is still a valid path that we should pursue. Security nixed it originally, but I think if Google and Facebook can support it, so can we.