[英]Azure AD authorization directly from mobile app
I'm working on Xamarin.Forms application where user should Authorize using Azure AD B2C
. 我正在使用Xamarin.Forms应用程序,其中用户应使用
Azure AD B2C
授权。 I've managed it just fine using this library . 我使用这个库管理得很好。
Now I'd like to know if it is possible to authorize without redirecting to webview
. 现在我想知道是否可以在不重定向到
webview
情况下进行授权。 When user enters email and password on app send a get request directly to an url and receive access token
, refresh token
and etc. Just like in OAuth 2.0
. 当用户在应用程序上输入电子邮件和密码时,直接向网址发送获取请求并接收
access token
, refresh token
等。就像在OAuth 2.0
。
I've researched and found out that skipping the webview authentication part is doable but extremely not recommended for security reasons but anyway, would be glad to hear any solutions. 我已经研究并发现跳过webview认证部分是可行的,但出于安全原因极不推荐,但无论如何,很高兴听到任何解决方案。
Webview runs on SSL (https) and hence transmission of user credentials for authentication is secured. Webview在SSL(https)上运行,因此用于身份验证的用户凭据的传输是安全的。
It's worth noting that you don't have to use a web view for authentication; 值得注意的是,您不必使用Web视图进行身份验证; you may create your own user interface for this flow and pass the information back to MSAL.
您可以为此流创建自己的用户界面,并将信息传递回MSAL。 - this is mentioned on the same blog-post which you referred to.
- 这是在你提到的同一个博客文章中提到的。
All you have to do is to design your own interface and pass back the login info. 您所要做的就是设计自己的界面并传回登录信息。 It seems like a little work to do.
这似乎是一项小工作要做。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.