-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Investigate how to use HTTPS URL for redirect #23
Comments
@fkooman I'm unsure what you are referring to? Is it related to the oAuth flow? |
Yes. Currently you are using the app URI I guess, i.e. I am not exactly sure how this works, hence the investigate :) |
https://www.oauth.com/oauth2-servers/redirect-uris/redirect-uris-native-apps/ |
AppAuth claims to support universal links, so this is something we can investigate and implement. https://github.com/openid/AppAuth-iOS |
@fkooman To implement this we need to do a couple things:
|
@fkooman This need to be published on a domain of EduVPN. It needs to be visible on the internet with a GET request to: No extension. MIME type should be: Also, it HAS to be visible on a secure (HTTP) connection with a valid certificate. It does not matter if it is visible on HTTP protocol. Also, the order of the file is significant.
|
@fkooman Also, "Associated Domains" needs to be enabled on the App ID in the developer portal: |
…Needs compeion and testing. Related to #23.
I guess we need to decide on a domain name first. The |
Which redirect URIs should then be supported for this OAuth client? I'm guessing |
|
"Associated Domains" has been enabled for org.eduvpn.client |
…Needs compeion and testing. Fixes #23.
…Needs compeion and testing. Fixes #23.
https://tools.ietf.org/html/rfc8252#section-7.2
It seems this is something we have to do, but how is this enforced? is this something that needs "domain validation" in the iTunes store? Or how does that work?
The text was updated successfully, but these errors were encountered: