search

fa-fifi / keycloak_wrapper

Keycloak Single Sign-On (SSO) authentication package for Flutter framework.
https://pub.dev/packages/keycloak_wrapper
BSD 3-Clause "New" or "Revised" License
9 stars 9 forks source link

Support for `responseMode: 'query'` #35

Closed lyio closed 4 months ago

lyio commented 4 months ago

Is it possible to add configuration for the responseMode: query?

fa-fifi commented 4 months ago

Yes, it is possible but can you explain your use case?

lyio commented 4 months ago

I am porting an old Cordova App to Flutter and stumbled across the responseMode. And then I misinterpreted this line from the Keycloak documentation "Universal Links on iOS seem to work more reliably with response-mode set to query". But that refers to Cordova Apps.

My actual problem was the redirectUri. The server does not seem to accept the bundle.id://login-callback URI. But I assume that needs to be configured in Keycloak. The server accepts localhost as is the default in keycloak.js. That is not a supported value for actual Apps, is it?

fa-fifi commented 4 months ago

I didn't configure the responseMode inside this package, but the default value should be query.

But if you really need it, I can add the configuration for that particular value. Maybe I can create a new branch for that; is that okay?

fa-fifi commented 4 months ago

Hey @lyio

I've made a branch for you to configure the responseMode by yourself. Just import the package inside your pubspec.yaml like this

  keycloak_wrapper:
    git:
      url: https://github.com/fa-fifi/keycloak_wrapper.git
      ref: response-mode

Then you can set your own responseMode inside KeycloakConfig. Please let me know if this resolves your problem. If not, then I'll try to find another way.

lyio commented 4 months ago

@fa-fifi thank you for your work. My problem has been resolved by me reading the documentation and getting the backend team to reconfigure Keycloak :) Thank you again.

But a different question, when I am using the accessToken to authenticate API calls, and the token expires, how do I make keycloak_wrapper refresh the token? Calling login again is probably not the correct way to go about that.

I guess, the confusion stems from the fact that I don't see how the keycloak_wrapper would know that the token expired and that it needs to refresh the token.

fa-fifi commented 4 months ago

It's great to hear your issue has been resolved. 👍

Regarding your question, unfortunately, you're right. I built this package for my app, where the token expiration is checked on the server side not the client side, that's why this package didn't have that particular functions.

But I think it's a good idea to add these features for those who need them.

I will try to add these features asap, but in the meantime, do you encounter any other issues?

lyio commented 4 months ago

Thank you for the quick responses. No, I have not encountered any other issues so far.