aerogear-cordova-oauth2
Advanced tools
The plugin handles OAuth2 *authorization code grant* in a secure manner. The OAuth2 dance uses external browser approach, OAuth2 access and refresh tokens are stored securely encrypted in your native device. Supports iOS, android and windows phone platfor
The plugin handles OAuth2 authorization code grant in a secure manner. The OAuth2 dance uses external browser approach, OAuth2 access and refresh tokens are stored securely encrypted in your native device. Supports iOS, android and windows phone platforms.
The plugin wraps the following libs:
If you want to see the plugin in action please refer to aerogear-cordova-cookbook Shoot'nShare demo app or/ad just follow the Getting started guide to create your own.
| Project Info | |
|---|---|
| License: | Apache License, Version 2.0 |
| Build: | Cordova Plugin |
| Documentation: | https://aerogear.org/docs/specs/aerogear-cordova/ |
| Issue tracker: | https://issues.jboss.org/browse/AGCORDOVA |
| Mailing lists: | aerogear-users (subscribe) |
| aerogear-dev (subscribe) |
The Cordova command line tooling is based on node.js so first you’ll need to install node then you can install Cordova by executing:
$ npm install -g cordova
To deploy on iOS you need to install the ios-deploy package as well
$ npm install -g ios-deploy
Create a new app by executing:
$ cordova create <project-name> [app-id] [app-name]
Specify a set of target platforms by executing:
$ cordova platform add <platform>
The available platform values are ios and android.
Install the aerogear-oauth2-cordova plugin by executing:
$ cordova plugin add aerogear-cordova-oauth2
In wwww/js/index.js file, to start the OAuth2 dance as soon as onDeviceReady event is fired, add the following snippet:
onDeviceReady: function () {
app.receivedEvent('deviceready');
oauth2.addGoogle({
name: 'gplus',
settings: {
clientId: "617285928032-nnkcrot1827fmd738pug6clbqlgosffs.apps.googleusercontent.com",
scopes: 'https://www.googleapis.com/auth/drive'
}
});
oauth2.addKeycloak({
name: 'keycloak',
settings: {
base: 'http://192.168.1.15:8080/auth',
clientId: 'shoot-third-party',
realm: "shoot-realm"
}
});
oauth2.addFacebook({
name: 'facebook',
settings: {
clientId: '1511044619160050',
clientSecret: '3b08052d3d96e2120f2c53a36eebd02f',
scopes: 'photo_upload, publish_actions'
}
});
oauth2.gplus.requestAccess()
.then(function (token) {
console.log(token);
// add token to the http header on futher http requests:
// 'Authorization': 'Bearer ' + token
}, function (err) {
alert(err.error);
});
},
On Android you can use Google Play Services to retrieve an Oauth2 token using on of the device's authorized accounts.
To make the Google Play Services available to your application, be sure to add the com.google.playservices cordova plugin to your project.
Then request an Oauth2 token using Google Play Services as in this example:
oauth2.requestAccessUsingPlayServices({
scopes: 'openid',
accountTypes: 'com.google'
})
.then( function( accessToken ){
...
})
.catch( function( error ) {
// an error happened
});
});
For our OAuth2 on iOS plugin we use external browser approach, in order to re-enter the app you need to provide a URI schema. This is called the redirect_uri. By convention Google uses your iOS bundle. Facebook uses as redirect_uri 2 letters fb followed by the client_id. As the client_id is not in your config.xml, once the project is deployed you will have to go to [project_name]-info.plist and modify it to change fbYYY where YYY is your facebook client_id.
When you need / want to build the project with Xcode you'll need to make some changes to the project
This is a very early version:
For more details about the current release, please consult our documentation.
If you would like to help develop AeroGear you can join our developer's mailing list, join #aerogear on Freenode, or shout at us on Twitter @aerogears.
Also takes some time and skim the contributor guide
Join our user mailing list for any questions or help! We really hope you enjoy app development with AeroGear!
If you found a bug please create a ticket for us on Jira with some steps to reproduce it.
FAQs
The plugin handles OAuth2 *authorization code grant* in a secure manner. The OAuth2 dance uses external browser approach, OAuth2 access and refresh tokens are stored securely encrypted in your native device. Supports iOS, android and windows phone platfor
We found that aerogear-cordova-oauth2 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
Security News
Research
A malicious npm campaign is targeting Ethereum developers by impersonating Hardhat plugins and the Nomic Foundation, stealing sensitive data like private keys.