yinho999 / loco-oauth2

9 stars 6 forks source link

Native app Token support #9

Open askasp opened 1 month ago

askasp commented 1 month ago

Hi! Great library!

I’m using loco for a backend for my native app and really want to use this lib . The only tweak is that the callback url will be called from my app and it must return an access token (which I will create in the controller) instead of setting a cookie. Is it possible to do this without changing the library?

The flow is

  1. Native app goes to my backend to get the auth url
  2. Native generates pkce challenge and verifier
  3. Native app redirects user to oidc provider
  4. User authenticates
  5. Native app is opened with a deep link with a code
  6. Native app calls loco backend with code and verifier
  7. Loco endpoint authenticates to oidc provider, generates an access token and returns to native app 8… all future request have access token in authorization bearer header
yinho999 commented 1 month ago

@askasp Hello there, I think I added support for JWT, please refer to link