search

xamarin / Xamarin.Auth

Xamarin.Auth
Apache License 2.0
541 stars 351 forks source link

Has anyone successfully used this component with Auth0? #329

Closed lorenh closed 6 years ago

lorenh commented 6 years ago

Has anyone successfully used this component with Auth0 for an OIDC conformant application? Any examples out there?

newky2k commented 6 years ago

@lorenh i'll get @moljac to respond with any samples and examples that he might have.

Regards

lorenh commented 6 years ago

I see the comic book example, but, well it's pretty heavily laden with lots of... um... noise. Was hoping for a much simpler, "stripped down" example of just making an authentication call and retrieving the tokens.

I just found this repository https://github.com/moljac/Xamarin.Auth.Samples.NugetReferences which might be a little more helpful since it is less cluttered than the samples embedded in the project.

I'd still like to know for sure if anyone has used it with Auth0 before I go down a rabbit hole.

lorenh commented 6 years ago

Critical to our needs is support for the OpenId PKCE flow (with response_type=code, and nonce, code_challenge, code_challenge_method, etc...) Is there support for this in Xamarin.Auth yet? Are there any samples out there that extend it to support this flow?

If not, then I guess we may have to shift our focus back to trying to add Custom Tab support to the Auth0 component that already supports it https://github.com/auth0/auth0-oidc-client-net

lorenh commented 6 years ago

We found what we hope will be a better solution to our original problem (using Chrome Custom Tabs instead of system browser on Android). We're abandoning the hope of using Xamarin.Auth for Auth0 with PKCE. There's just too many incompatibilities at present.

My initial reason for investigating Xamarin.Auth was that Custom Tabs are already implemented here, but they were not in the component from Auth0 we are currently using (https://github.com/auth0/auth0-oidc-client-net ). Fortunately, because the Auth0 component is just a thin shim over IdentityModel.OidcClient, a search eventually led me to this very simple sample which provides an alternate IBrowser implementation that displays the login page in a custom tab.

https://github.com/IdentityModel/IdentityModel.OidcClient.Samples/blob/master/AndroidClientChromeCustomTabs/AndroidClientChromeCustomTabs/ChromeCustomTabsWebView.cs

I am just leaving a comment here to possibly save someone else time going down the same path.