OAuth2 重定向 URI 无效
[英]OAuth2 Redirect URI not valid
问题描述
I'm trying to authenticate to OpenStreetMap via OAuth2 using AppAuth .
我正在尝试使用AppAuth通过 OAuth2 对 OpenStreetMap 进行身份验证。 Via Custom Tab I can retrieve the authorization code but the redirect URI does not open my app but gives an Address Not Found error in the Custom Tab.通过自定义选项卡,我可以检索授权代码,但重定向 URI 不会打开我的应用程序,但会在自定义选项卡中给出地址未找到错误。 As you can see as I was experimenting around to solve this issue I used app.example.com as host name, although the package name is com.example.app , but even if I do use the package name as host name in the redirect URI (and change this in the manifest, gradle, osm etc.), it still does not work but results in an Invalid Redirect URI error. As you can see as I was experimenting around to solve this issue I used app.example.com as host name, although the package name is com.example.app , but even if I do use the package name as host name in the redirect URI(并在清单中更改它,gradle,osm 等),它仍然不起作用,但会导致Invalid Redirect URI错误。 So I would assume something with the redirect URI isn't quite right, but I cannot figure out what it is.所以我会假设重定向 URI 的某些内容不太正确,但我无法弄清楚它是什么。
Also I cannot use a custom scheme, as OSM only accepts https redirect URIs .我也不能使用自定义方案,因为 OSM只接受 https 重定向 URIs 。
MainActivity.java: MainActivity.java:
private static final String CLIENT_ID = ...;
private static final String REDIRECT_URI = "https://app.example.com/oauth2redirect";
...
AuthorizationRequest.Builder builder = new AuthorizationRequest.Builder(
authorizationServiceConfiguration,
CLIENT_ID,
ResponseTypeValues.CODE,
Uri.parse(REDIRECT_URI));
builder.setScopes("write_api", "read_prefs");
AuthorizationRequest request = builder.build();
Intent authorizationIntent = authorizationService.getAuthorizationRequestIntent(request);
startActivityForResult(authorizationIntent, REQUEST_CODE);
Manifest.xml:清单.xml:
<activity
android:name=".MainActivity"
android:exported="true">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
<intent-filter>
<action android:name="com.example.app.HANDLE_AUTHORIZATION_RESPONSE" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</activity>
<activity android:name="net.openid.appauth.RedirectUriReceiverActivity"
android:exported="true">
<intent-filter>
<action android:name="android.intent.action.VIEW"/>
<category android:name="android.intent.category.DEFAULT"/>
<category android:name="android.intent.category.BROWSABLE"/>
<data android:scheme="https"
android:host="app.example.com"
android:pathPrefix="/oauth2redirect"/>
</intent-filter>
</activity>
build.gradle build.gradle
android {
...
defaultConfig {
applicationId "com.example.app"
...
manifestPlaceholders = [
appAuthRedirectScheme: 'app.example.com'
]
}
In OSM I have set the redirect URI to https://app.example.com/oauth2redirect在 OSM 中,我将重定向 URI 设置为https://app.example.com/oauth2redirect
Weirdly enough it worked once yesterday, but does not anymore since today.奇怪的是它昨天工作了一次,但从今天开始就不再工作了。 I reverted any changes, reset the app, deleted any data and restarted my phone, but couldn't make it work again.我恢复了所有更改,重置了应用程序,删除了所有数据并重新启动了我的手机,但无法让它再次工作。
I've tried to show as little code as needed, please let me know if you need further information for solving this problem.我已尝试根据需要显示尽可能少的代码,如果您需要更多信息来解决此问题,请告诉我。
Edit: I just noticed that it works on Pixel 5 API 30 virtual device, but not on my real device (Xiaomi Poco X3 Pro API 30) nor on Nexus 6 API 30 virtual device.编辑:我刚刚注意到它适用于 Pixel 5 API 30 虚拟设备,但不适用于我的真实设备(小米 Poco X3 Pro API 30)或 Nexus 6 ZDB974238714CA38DE634A3CE1D 虚拟设备。 I'm quite confused我很困惑
1 个解决方案
解决方案1
3 已采纳 2022-03-06 22:42:07
Using HTTP redirect URIs requires these settings in the build.gradle file, and also has a prerequisite of app link registration via a hosted assetlinks.json file :使用 HTTP 重定向 URI 需要 build.gradle 文件中的这些设置,并且还具有通过托管assetlinks.json file注册应用程序链接的先决条件:
manifestPlaceholders = [
'appAuthRedirectScheme': 'https'
]
There is a known issue where OAuth HTTPS responses don't automatically return to the app from a Chrome Custom Tab, unless there is a User Gesture first, such as a button click.存在一个已知问题,即 OAuth HTTPS 响应不会自动从 Chrome 自定义选项卡返回到应用程序,除非先有用户手势,例如单击按钮。
If possible, as an initial solution to this you may want to show an OAuth screen to allow the user to choose which of his accounts they want to use, by using prompt=select_account :如果可能,作为对此的初始解决方案,您可能希望显示 OAuth 屏幕,以允许用户通过使用prompt=select_account选择他们想要使用的帐户:
AuthorizationRequest.Builder authRequestBuilder = new AuthorizationRequest.Builder(
Objects.requireNonNull(authState.getAuthorizationServiceConfiguration()),
clientId,
ResponseTypeValues.CODE,
Uri.parse(redirectUri))
.setScope(authScope)
.setPrompt("select_account");
If you want something to compare against try running my demo app and see if this gives you some ideas.如果您想比较一些东西,请尝试运行我的演示应用程序,看看这是否会给您一些想法。 Note that recently I've seen problems on emulators that use APIs 31 and above, though no problems on my Google Pixel phone, which runs Android 12.请注意,最近我在使用 API 31 及更高版本的模拟器上看到了问题,但在运行 Android 12 的 Google Pixel 手机上没有问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.