openid / AppAuth-Android

Android client SDK for communicating with OAuth 2.0 and OpenID Connect providers.
https://openid.github.io/AppAuth-Android
Apache License 2.0
2.87k stars 887 forks source link

Incorrect documentation I think #1054

Open mjaggard opened 7 months ago

mjaggard commented 7 months ago

Checklist:

Configuration

Issue Description

The documentation says

We recommend using a custom scheme based redirect URI (i.e. those of form my.scheme:/path), as this is the most widely supported across all versions of Android. To avoid conflicts with other apps, it is recommended to configure a distinct scheme using "reverse domain name notation". This can either match your service web domain (in reverse) e.g. com.example.service or your package name com.example.app or be something completely new as long as it's distinct enough. Using the package name of your app is quite common but it's not always possible if it contains illegal characters for URI schemes (like underscores) or if you already have another handler for that scheme - so just use something else.

However if you enter something other than your package ID, you cannot specify the redirect URL correctly when creating Google's Android-specific credentials.