I’ve a react native cell app (ios/android), which I am trying to implement the PKCE Authorization Movement per the RFC. My purpose is to redirect the consumer to my very own login web page as a substitute of a 3rd get together supplier like google or fb. This manner I can keep away from having to retailer the applying secret on the consumer aspect. The movement is working nice on the browser as a result of I’ve a completely certified area title and the browser is ready to observe the redirect despatched by the authorization server on to my login web page.
Nevertheless, on the cell app I haven’t got a site title and so the redirect_uri I ship the authorization server is a schema url, e.g: my-app://someurl.com. I’ve created this schema url in xcode in addition to the AndroidManifest.xml and verified that domestically on the gadget it appropriately routes to the app from both chrome or safari whether or not the app is in background or inactive. The issue is that the react native fetch technique follows the 302 redirect despatched by the authorization server (e.g. my-app://someurl.com domestically) however it might probably’t resolve it domestically the best way the browser does for instance and throws a networking exception:
I printed out the stack on the native aspect and it is complaining about an ‘unsupported url’ given that it is the schema url and never a http/s formatted url:
Error Area=NSURLErrorDomain Code=-1002 "unsupported URL" UserInfo={NSLocalizedDescription=unsupported URL, NSErrorFailingURLStringKey=my-app://someurl.com?client_id=client-id-LLg5PEvPwvyfVQNrNuDUgyHXWbSmUHki&authorization_code=ajxmtNSGUysXoj8qyU1xu9al9dMo9PFRZoFpCzsepGzrh7p9RKQyeT3qvjmoTcK, NSErrorFailingURLKey=my-app://someurl.com?client_id=client-id-LLg5PEvPwvyfVQNrNuDUgyHXWbSmUHki&authorization_code=ajxmtNSGUysXoj8qyU1xu9al9dMo9PFRZoFpCzsepGzrh7p9RKQyeT3qvjmoTcK, _NSURLErrorRelatedURLSessionTaskErrorKey=( "LocalDataTask <5271A124-F625-4583-9926-056D95F943B9>.<2>" ), _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <5271A124-F625-4583-9926-056D95F943B9>.<2>, NSUnderlyingError=0x600000d308a0 {Error Area=kCFErrorDomainCFNetwork Code=-1002 "(null)"}}
The redirect: 'handbook' fetch choice would additionally clear up this downside for me assuming it could additionally give me entry to the redirect url I must extract the token from however neither ‘handbook’ nor ‘error’ work on react native (consumer aspect).
Curious to know if anyone has gotten this engaged on react native fetch with schema url’s, maybe I am lacking one thing apparent. The issue is not a lot the Deep Linking as that seems to be working, however extra that I am unsure deal with this redirect within the app. For the reason that native aspect has acquired the redirect request externally however is choking on it when it makes an attempt to observe it, is there a manner for it to bypass the act of truly following it and as a substitute simply return the url end result again to the react aspect?
Lastly, there are fairly a number of posts on right here about comparable points however nothing that truly offers with this distinctive use case.
Thanks…
