search

openid / AppAuth-iOS

iOS and macOS SDK for communicating with OAuth 2.0 and OpenID Connect providers.
https://openid.github.io/AppAuth-iOS
Apache License 2.0
1.75k stars 765 forks source link

Azure Active Directory example configuration #485

Open jfitz1 opened 4 years ago

jfitz1 commented 4 years ago

Example configuration for Azure Active Directory with this library would be beneficial.

WilliamDenniss commented 4 years ago

I'd love to see one! As this is a community library, we rely on people to submit pull requests with this kind of content.

ykphuah commented 4 years ago

I finally managed to get this up after 1 week. Microsoft recommended p2 OAuth, but I am already using this AppAuth for Gmail, so I would like to use it for Microsoft as well. The main issue that kept my thing from working is that in the Web Configuration, Microsoft will by default creates a callback URL such as this: com.domain://auth after we add an iOS/macOS app. This doesn't work. The issue is that this URL doesn't have the trailing / hence AppAuth's URL matching will not work, as the URL coming back doesn't match the URL we configured because of the missing /.

The workaround that worked is to add a "Mobile and Desktop applications", and then use a custom URL with a trailing slash, e.g. com.domain://auth/. Then AppAuth works beautifully as expected! I then realised that Microsoft themselves have recommended to use "Mobile and Desktop applications" here https://docs.microsoft.com/en-us/outlook/rest/ios-tutorial instead of "iOS / MacOS" application!! Such confusing process.

bobsmits commented 4 years ago

I finally managed to get this up after 1 week. Microsoft recommended p2 OAuth, but I am already using this AppAuth for Gmail, so I would like to use it for Microsoft as well. The main issue that kept my thing from working is that in the Web Configuration, Microsoft will by default creates a callback URL such as this: com.domain://auth after we add an iOS/macOS app. This doesn't work. The issue is that this URL doesn't have the trailing / hence AppAuth's URL matching will not work, as the URL coming back doesn't match the URL we configured because of the missing /.

The workaround that worked is to add a "Mobile and Desktop applications", and then use a custom URL with a trailing slash, e.g. com.domain://auth/. Then AppAuth works beautifully as expected! I then realised that Microsoft themselves have recommended to use "Mobile and Desktop applications" here https://docs.microsoft.com/en-us/outlook/rest/ios-tutorial instead of "iOS / MacOS" application!! Such confusing process.

That trailing slash. My hero!

npazkevich commented 3 years ago

@ykphuah Man, you've just saved me the weekend. Thank you a lot👍