英文:
How to build redirect uri for Mobile App for SSO
问题
我正在构建OpenId-Connect (OIDC) 提供程序以支持Web应用程序、iOS应用程序和Android应用程序的单点登录(SSO)。
在OIDC提供程序认证用户后,它将使用授权码将用户重定向回应用程序(Web、iOS、Android)。客户端将使用这个授权码来获取令牌。
对于Web应用程序,我知道重定向URI是Web应用程序的URL,例如:https://client-web-application-url/oauth-callback。OIDC提供程序将会将用户重定向回该URL,并在查询字符串中包含授权码。
然而,对于iOS和Android应用程序,我不知道要重定向到的重定向URI是什么。我只知道iOS Bundle标识和Android包名。
我应该如何构建iOS和Android应用程序的重定向URI?OIDC提供程序需要将用户重定向回应用程序,并附带授权码。
英文:
I am building the OpenId-Connect (OIDC) Provider to support SSO on Web Application, iOS Application, Android application.
After the OIDC Provider authenticated user, it will redirect user back to the Application (Web, iOS, android) with authorization-code. Client will use the authorization-code to obtain the token.
For the Web Application, I know the redirect-uri is the Web Application URL, eg: https://client-web-application-url/oauth-callback. The OIDC Provider will redirect user back to this URL including the authorization-code on the query string.
However, for the iOS and android application, I don't know what its redirect-uri to redirect to. I only know the iOS Bundle Id and the android Package Name.
How can I build the redirect-uri for the iOS and android application? The OIDC Provider need to redirect user back to the application with the authorization-code.
答案1
得分: 1
最主流的选择是使用来自RFC8252的AppAuth模式,以及在移动操作系统中注册的私有URI方案值,例如以下内容。该URL还在OIDC提供程序中注册到客户端:
com.mycompany.myapp:/callback
我的博客文章将帮助您快速入门基本示例:
英文:
The most mainstream option is to use the AppAuth pattern from RFC8252 and a private URI scheme value registered with the mobile operating system, such as this. The URL is also registered against the client in the OIDC provider:
com.mycompany.myapp:/callback
My blog posts will get you up and running with a basic sample:
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论