How do I redirect back to my application afterwards? Do I need to use some deeplinking method.
Is it possible to open oauth inside another application on the users devices instead of visiting safari?
Hmm it looks like I need to write a cordova plugin with swift to achieve native deep link oauth 
I figured out the uri scheme for the app now I can use these two cordova plugins to check if the app is available and for redirects. If app isnât installed I will use https://
I think I need to use cordova in app browser plugin to prevent opening safari at all. to disable the prompt for âopen in âappnameâ?â
And iâm not sure how to send the variable of app installed back to my server connect.
I think I need to use this plugin to avoid safari.
Is it possible to run some javascript (cordova->objectivec) to open the auth endpoint (Wappler field)?
Or is the only option for me to do the oauth dance + security myself?
I have the links working now without safari by creating the auth url myself and using the plugin js script with the auth field empty from wappler. I get this message after being redirected back from the app:
{âstatusâ:â500â,âmessageâ:âoauth.provider: auth_endpoint is required.â,âstackâ:âError: oauth.provider: auth_endpoint is required.\n at App.parseRequired (/app/lib/core/app.js:281:19)\n at App.provider (/app/lib/modules/oauth.js:14:57)\n at App._exec (/app/lib/core/app.js:255:57)\n at App._exec (/app/lib/core/app.js:234:28)\n at App.exec (/app/lib/core/app.js:205:20)\n at App.define (/app/lib/core/app.js:188:20)\n at processTicksAndRejections (internal/process/task_queues.js:93:5)â}
I added a parameter for auth_endpoint but it didnât work. What am I missing @patrick
Ps. This is nodejs
I guess its not a parameter but the oauth flow will not configure if the auth url is left empty?
What did you set for the auth_endpoint? Make sure is is a string and that it has actual content, so no empty or invalid string.
The auth url is indeed a required paramater, even if you donât use the authorize step.
1 Like
I left the field empty, ideally this is how I would like the authentication flow to be handled.
Ios app1 link -> checks if app2 is installed on device if yes-> opens app2 via deeplink/universal link from javascript (objectivec) -> user is already logged into the target oauth app2 clicks accept and is redirected to my server page oauth.json with a code -> Wappler /nodejs create the user in my database and create a login session -> then redirected back to my app1 with url scheme.
Is there some kind of hack to keep the auth url field empty in wappler oauth config but still manage the code exchange, db creation and user session/ login/ security?
The reason why I would like this is because itâs slow for my users to go via safari and accept the prompt âopen this appâ when I can generate the auth url myself and go straight to open the app.
You canât leave the field empty, but you could just enter a single space character in it, that should validate as the option being set.
For mobile it is indeed better to go to open the app directly and not having the safari part in the flow. I donât have experience with the flow on the mobile, will do some research. If you open the app directly, does it return afterwards with the access token?
1 Like
Thanks I did try the space character method but it didnât work either returning the same errors.
After I am redirected back from the app it just returns a code to be exchanged it doesnât return an access token. It works just like typical rest oauth2.
Hi have you had time to look at this yet?
Hello??
Wasnât sure if you still had problems. I havenât had time to look at the option to open the oauth directly in an app.
What is it returning if it doesnât include an access token? You normally would need an access token to access the api of the other service, so maybe the code returned is the access token.
Hi thanks for the reply, I think maybe I didnt explain this so well.
I would like some option on the authorisation step to check a box for âself manage auth urlâ. This would allow construction of the deeplink into snapchat
<a dmx-bind:href="canOpenSnapchat.value == true ? 'snapchat://oauth2/auth?response_type=code&client_id=284b027a-4196-4e6d-9dfb-40a0f33e7349&scope=https%3A%2F%2Fauth.snapchat.com%2Foauth2%2Fapi%2Fuser.bitmoji.avatar&redirect_uri=gemstone%3A%2F%2Fsnapkit' : '#'"
The reason I canât use the deeplink within the wappler ui auth url is because if the app is not installed it does nothing and wonât open the https version. Even If it did open the https url thats an extra step of opening safari (the ux is bad if a user cancels.). I need to use ls application query schemes option within ios app to look if the app is installed.
The benefit of using this deeplink into snapchat app, means our users do not have to sign in manually with a password to their snapchat account when the app is installed. It makes onboarding/ authentication very fast and smooth.
I do get an access token when using token url https://accounts.snapchat.com/accounts/oauth2/token but just from using the authorisation url alone it returns to me a code to be exchanged.
In cordova app after I accept the auth from snapchat, I am returned back to my app:
gemstone://snapkit?state=xxx&code=leTeYDV-jLx9HfT0-6FGc32HFtFIOksNr89UOBl5AD0
with the code. I can use open url handler to look for this with a state.
Ideally I would like to then send this to the wappler json auth file to exchange the code for token, managed in the bakcground without opening safari.
Or I can redirect back to the json file via safari and exchange that way.
We tried to manually manage the user creation/sign in flow but had some trips. If itâs not possible to accomplish this from wappler oauth flow then I will make another post asking for help about manual oauth.
Have you tried to set snapchat://oauth2/auth as the Auth Endpoint?
Yes it would work but the issue is the construction of the auth url. If a user does not have the app installed the page will hang and do nothing.
I use a cordova plugin on my front end to determine if the app is available for deeplink scheme. If not available I use https.
And letâs say hypothetically, if I did send to https for every user then safari magically opens the app via deep link if installed. It adds extra steps:
Cordova app sign in button->
Open json oauth file back end project
Do you want to open snapchat ->
Opens snapchat accept return to json ->
Do you want to open in gemstone?
I really would like
Cordova app sign in button->
Open in snapchat ->
Redirect back to cordoba app->
Tell user account is being created
Post the code from cordova app to wappler oauth to exchange for access token in background without opening safari.
Or if i ignored deeplinking into snapchat entirely, we still have the issue of do you want to open in gemstone? After the code is exchanged, user js created/ signed in and redirected. If they cancel again it hangs on the json file.
Then check on the client if it has the app installed and send that information to the server connect action, there you have a condition to choose the oauth provider with the https auth endpoint or the app auth endpoint.
Ok I understand but that still means safari twice asking do you want to open this apps?
Is there any way I can post the code to server to handle the oauth flow in the background without opening safari? I think its possible but not sure how to process.
The oauth flow always requires the client interaction/login if you want to use the clients profile. So there is no way to do the whole process on the server.
Right but I mean to handle the process manually without wappler built in oauth steps.
That should be possible? There will be an interaction to initiate sending the code to the server.
Having this seemless authentication is very important for our app, if not possible at all, could you consider some addition to allow for this kind of oauth?