如何在Flutter中实现SAML或(SSO)类似的身份验证方法?

huangapple go评论88阅读模式
英文:

How to implement SAML or (SSO) similar authentication methods in flutter?

问题

我一直在寻找Flutter中的SAML实现,但没有得到期望的结果。我了解到SAML是基于浏览器的安全系统,但我不知道如何在Flutter中实现SAML。

如果不是SAML,那么有什么替代方案呢?

非常感谢任何帮助和建议。

英文:

I had been searching for the SAML implementation in Flutter, but I didn't get desired results. I learned that SAML is a browser-based security system, but I didn't get how I can implement SAML in a flutter.

If not SAML so what would be the alternative?

I will be very thankful for any help and suggestions.

答案1

得分: 1

以下是已翻译好的内容:

有两个主要的身份验证标准:Saml 和 OAuth。Saml 是一个老旧、稳定、完整并且在网络、公共服务和企业中得到广泛支持的标准(xml)。OAuth/OpenId 是一个最近的标准(rest/json),由一些大型广告公司控制,主要设计用于最终用户消费者。

Saml 的唯一问题是它是通用的,但设计用于网络而非设备。但如今,许多网站被封装在设备应用程序中,因此 Saml 不再流行。总的来说,大型广告公司不希望使用 Saml,只提供 OAuth。

因此,Flutter 是谷歌的工具包,而 OAuth 特别由谷歌控制。谷歌希望保持对您、所有企业和公共服务的控制,因此谷歌试图通过其他标准来复杂化身份验证,在 Flutter 中提供使用 Saml 进行身份验证/授权的简单方式。

在您的情况下,您需要使用第三方包在应用程序中实现 Saml。在 https://devcodef1.com/news/1014561/implementing-saml-in-flutter 上曾经有一个通过 Saml 在 Flutter 中进行身份验证的包,但似乎不再可用,https://pub.dev/packages?q=saml 上也没有简单的包。

无论如何,作为客户端应用程序,Saml 只需要将用户重定向到身份提供者的身份验证页面。实际上,您只需包含一个 Webview 来获取凭据,并在客户端应用程序、服务器服务和身份提供者之间共享它们。

英文:

There are two main standards to authenticate: Saml and OAuth. Saml is an old, stable, complete and largely supported standard everywhere on the web, in public services and enterprises (xml). OAuth/OpenId is a recent standard (rest/json) controlled by some big advertising companies and mainly designed for end user consumers.

The only issue of Saml is that it was universal but designed for the web, not for devices. But nowadays, many web sites are encapsulated inside device applications, so Saml is less trendy. And overall, the big advertising companies don't want Saml and provide only OAuth.

So Flutter is a Google toolkit and OAuth is controlled by Google in particular. And Google wants to keep control on you and all enterprises and public services, so Google tries to complicate authentication with other standards, so does not provide a simple way inside Flutter to authenticate/authorize with Saml.

In your case, you need to use third party packages to implement Saml inside the app. There was a package to authenticate via Saml on Flutter on https://devcodef1.com/news/1014561/implementing-saml-in-flutter but it seems no more usable and there are no simple package on https://pub.dev/packages?q=saml.

Anyway, as a client app, Saml just requires a redirection to the authentication page of the identity provider. In fact, you just need to include a webview to get the credentials and to share them between the client app, the server service, and the identity provider.

huangapple
  • 本文由 发表于 2023年6月8日 18:27:32
  • 转载请务必保留本文链接:https://go.coder-hub.com/76430921.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定