darcyYe
commented
9 months ago Thanks for letting us know your use case, will keep you posted once we have any update
Open kelter-antunes opened 9 months ago
darcyYe
commented
9 months ago Thanks for letting us know your use case, will keep you posted once we have any update
charIeszhao
commented
9 months ago Yes, currently the regex requires the URI schema to contain a .. Is that something different for windows desktop apps? Can you still follow this pattern?
kelter-antunes
commented
9 months ago I'm not totally sure if there are any specific requirements when registering a custom URI schema protocol on Windows. Looking at the windows default apps, for example, none of them uses the ..
For my specific use case, I want to enable SSO using logto for a web app and also for a Windows app. When SSO is enabled in the desktop app, it will start the SSO process in the browser that then will call back to the desktop app, as you can see:
Note: I'm not the owner of the desktop app, neither I have control on the protocol registered on Windows. And I assume that most desktop apps will follow the same steps as this one.
charIeszhao
commented
9 months ago OK, thanks for the information. I think this is doable. Let me give the feedback to the team and we'll see what we can do.
charIeszhao
commented
9 months ago Unfortunately, according to OAuth and OIDC protocol, non-domain based custom schemes should not be supported. https://datatracker.ietf.org/doc/html/draft-ietf-oauth-native-apps-06#section-7.1.1
charIeszhao
commented
9 months ago Well, after a quick discussion, we decided to remove the strict check from our side. This will most likely be fixed in the next release. Please stay tuned.
charIeszhao
commented
8 months ago @kelter-antunes Sorry for the late update. And I'm afraid we cannot bypass the schema check for these windows native apps, as our underlying library node-oidc-provider strictly checks the scheme pattern for native apps and it requires the scheme to have a reverse domain name and at least have a dot.
Source: https://github.com/panva/node-oidc-provider/blob/main/lib/helpers/client_schema.js#L553-L569
So we're sorry but there is nothing we can do for the moment.
leeleito
commented
2 months ago @kelter-antunes Did you get anywhere with your desktop working with the native app template? I need to do the same for a WPF app. Any pointers in the right direction would be very handy :)
kelter-antunes
commented
2 months ago @kelter-antunes Did you get anywhere with your desktop working with the native app template? I need to do the same for a WPF app. Any pointers in the right direction would be very handy :)
Unfortunately, I haven't made much progress on this. I was doing some POC experiments with very limited time and need to revisit this topic.
As of now, I think the only way forward is to self-deploy a custom version of Logto, with an adjusted regex to allow URI schema protocols without dots.
leeleito
commented
2 months ago @kelter-antunes
This repositry might help you, stumbled across it whilst trying to get the native app to work. Although it's not working yet with Logto I have it working with another provider.
What problem did you meet?
I was setting up a native windows application. For that, I used the Native App template to see if I could get it to work. In theory, everything should work, and the flow will be very similar with the one on mobile native. The problem is that the regex that checks the uri schema protocol is locking it to only work on mobile environments:
Describe what you'd like Logto to have
It would be nice to either have a Desktop Native App template, or having the regex changed to allow uri schema protocols like the one in the image (servicestudiox11://auth)