I’ve a react native cell app (ios/android), which I am making an attempt to implement the PKCE Authorization Circulate per the RFC. My goal is to redirect the person to my very own login web page as an alternative of a 3rd occasion supplier like google or fb. This fashion I can keep away from having to retailer the applying secret on the consumer facet. The stream is working nice on the browser as a result of I’ve a completely certified area identify and the browser is ready to comply with the redirect despatched by the authorization server on to my login web page.
Nevertheless, on the cell app I haven’t got a website identify and so the redirect_uri I ship the authorization server is a schema url, e.g: my-app://someurl.com. I’ve created this schema url in xcode in addition to the AndroidManifest.xml and verified that domestically on the machine it accurately routes to the app from both chrome or safari whether or not the app is in background or inactive. The issue is that the react native fetch technique follows the 302 redirect despatched by the authorization server (e.g. my-app://someurl.com domestically) however it will probably’t resolve it domestically the way in which the browser does for instance and throws a networking exception:
I printed out the stack on the native facet and it is complaining about an ‘unsupported url’ given that it is the schema url and never a http/s formatted url:
Error Area=NSURLErrorDomain Code=-1002 "unsupported URL" UserInfo={NSLocalizedDescription=unsupported URL, NSErrorFailingURLStringKey=my-app://someurl.com?client_id=client-id-LLg5PEvPwvyfVQNrNuDUgyHXWbSmUHki&authorization_code=ajxmtNSGUysXoj8qyU1xu9al9dMo9PFRZoFpCzsepGzrh7p9RKQyeT3qvjmoTcK, NSErrorFailingURLKey=my-app://someurl.com?client_id=client-id-LLg5PEvPwvyfVQNrNuDUgyHXWbSmUHki&authorization_code=ajxmtNSGUysXoj8qyU1xu9al9dMo9PFRZoFpCzsepGzrh7p9RKQyeT3qvjmoTcK, _NSURLErrorRelatedURLSessionTaskErrorKey=( "LocalDataTask <5271A124-F625-4583-9926-056D95F943B9>.<2>" ), _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <5271A124-F625-4583-9926-056D95F943B9>.<2>, NSUnderlyingError=0x600000d308a0 {Error Area=kCFErrorDomainCFNetwork Code=-1002 "(null)"}}
The redirect: 'guide' fetch possibility would additionally remedy this drawback for me assuming it will additionally give me entry to the redirect url I must extract the token from however neither ‘guide’ nor ‘error’ work on react native (consumer facet).
Curious to know if anyone has gotten this engaged on react native fetch with schema url’s, maybe I am lacking one thing apparent. The issue is not a lot the Deep Linking as that seems to be working, however extra that I am undecided how you can deal with this redirect within the app. For the reason that native facet has acquired the redirect request externally however is choking on it when it makes an attempt to comply with it, is there a means for it to bypass the act of really following it and as an alternative simply return the url consequence again to the react facet?
Lastly, there are fairly a couple of posts on right here about comparable points however nothing that truly offers with this distinctive use case.
Thanks…
