I have a rails backend server using doorkeeper to handle authentication on the api, and a flutter app (android/ios) to show some data to the user. Just for getting started I've used flutter_appauth to get a token for making api-requests, but I have the following problem/requirement:
1) Email/password fields should be handled entirely within the app, I don't want to handle the actual authentication with a drop-in browser or similar.
2) I don't want to use a 3rd party oauth provider.
I used flutter_appauth because it was really easy to set up, but I can't figure out if it supports my requirement of not leaving the app for authentication.
Can someone advice on the best possible library for handling this scenario, and possibly point towards a working example? Best, Jan
With flutter_appauth I've used the following configuration
_serviceConfiguration = AuthorizationServiceConfiguration(
authorizationEndpoint: '$baseUrl/oauth/authorize',
tokenEndpoint: '$baseUrl/oauth/token',
);
and this
Future<void> _signInWithAutoCodeExchange() async {
bool preferEphemeralSession = false;
if (Platform.isIOS || Platform.isMacOS) {
preferEphemeralSession = true;
}
try {
final AuthorizationTokenResponse? result =
await _appAuth.authorizeAndExchangeCode(
AuthorizationTokenRequest(
clientId,
Constants.redirectUrl,
serviceConfiguration: _serviceConfiguration,
preferEphemeralSession: preferEphemeralSession,
),
);
if (result != null) {
_processAuthTokenResponse(result);
Navigator.pushReplacement(context,
MaterialPageRoute(builder: (context) => TeamsSelectorScreen()));
} else {
showDialog(
context: context,
builder: (context) => AlertDialog(
title: const Text('Login Failed'),
content: const Text('Something went wrong. Please try again.'),
actions: [
TextButton(
child: const Text('OK'),
onPressed: () => Navigator.pop(context),
),
],
),
);
}
} catch (error, stackTrace) {
//print('error in handling the response: $error');
}
}