This repository demonstrates and details the implementation using Chrome Custom Tabs or external web browsers to initiate a Singpass login using Oauth PKCE flow
2
stars
2
forks
source link
Error: Failed to authorize: [error: null, description: Response state param did not match request state] #6
In my flutter mobile app, I've been using the flutter_appauth package for SingPass SSO integration and I'm facing an issue during the authorization phase. Specifically, the following error is returned when the application is redirected back from the browser after the user has authenticated:
PlatformException(authorize_and_exchange_code_failed, Failed to authorize: [error: null, description: Response state param did not match request state], null, null)
Here is the code I'm using for the authorizeAndExchangeCode method:
import 'package:flutter_appauth/flutter_appauth.dart';
class SingPassLogin {
final FlutterAppAuth appAuth = FlutterAppAuth();
Future login() async {
// configuration of the SingPass authentication
final AuthorizationServiceConfiguration _serviceConfiguration =
AuthorizationServiceConfiguration(
authorizationEndpoint: 'https://test.api.myinfo.gov.sg/com/v4/authorize',
tokenEndpoint: 'https://test.api.myinfo.gov.sg/com/v4/token'
);
try {
final AuthorizationTokenResponse? result = await appAuth.authorizeAndExchangeCode(
AuthorizationTokenRequest(
'STG2-MYINFO-SELF-TEST',
'sg.gov.singpass.app://ndisample.gov.sg/rp/sample',
issuer: 'https://test.api.myinfo.gov.sg',
scopes: ['name',],
additionalParameters: <String, String>{
'purpose_id': 'demonstration'
},
serviceConfiguration: _serviceConfiguration,
responseMode: 'code',
),
);
print('Access token: $result');
} catch (e) {
print('Error occurred during login: $e');
}
}
}
My understanding is that flutter_appauth should be handling the state parameter automatically. I do not manually set the state parameter anywhere.
Any help or guidance on this issue would be greatly appreciated.
In my flutter mobile app, I've been using the flutter_appauth package for SingPass SSO integration and I'm facing an issue during the authorization phase. Specifically, the following error is returned when the application is redirected back from the browser after the user has authenticated:
PlatformException(authorize_and_exchange_code_failed, Failed to authorize: [error: null, description: Response state param did not match request state], null, null)
Here is the code I'm using for the authorizeAndExchangeCode method:
My understanding is that flutter_appauth should be handling the state parameter automatically. I do not manually set the state parameter anywhere.
Any help or guidance on this issue would be greatly appreciated.