feat(mobile): Implement Keycloak WebView authentication with HTTP callback
- Replace flutter_appauth with custom WebView implementation to resolve deep link issues - Add KeycloakWebViewAuthService with integrated WebView for seamless authentication - Configure Android manifest for HTTP cleartext traffic support - Add network security config for development environment (192.168.1.11) - Update Keycloak client to use HTTP callback endpoint (http://192.168.1.11:8080/auth/callback) - Remove obsolete keycloak_auth_service.dart and temporary scripts - Clean up dependencies and regenerate injection configuration - Tested successfully on multiple Android devices (Xiaomi 2201116TG, SM A725F) BREAKING CHANGE: Authentication flow now uses WebView instead of external browser - Users will see Keycloak login page within the app instead of browser redirect - Resolves ERR_CLEARTEXT_NOT_PERMITTED and deep link state management issues - Maintains full OIDC compliance with PKCE flow and secure token storage Technical improvements: - WebView with custom navigation delegate for callback handling - Automatic token extraction and user info parsing from JWT - Proper error handling and user feedback - Consistent authentication state management across app lifecycle
This commit is contained in:
DahoudG
33
create-mobile-client.ps1
Normal file
33
create-mobile-client.ps1
Normal file
@@ -0,0 +1,33 @@
|
||||
# Script simple pour créer le client mobile Keycloak
|
||||
|
||||
Write-Host "Creation du client mobile Keycloak..." -ForegroundColor Cyan
|
||||
|
||||
# Obtenir le token d'administration
|
||||
Write-Host "Obtention du token d'administration..." -ForegroundColor Yellow
|
||||
$tokenResponse = Invoke-RestMethod -Uri "http://localhost:8180/realms/master/protocol/openid-connect/token" -Method Post -Body "username=admin&password=admin&grant_type=password&client_id=admin-cli" -ContentType "application/x-www-form-urlencoded"
|
||||
$adminToken = $tokenResponse.access_token
|
||||
Write-Host "Token obtenu" -ForegroundColor Green
|
||||
|
||||
# Créer le client mobile
|
||||
Write-Host "Creation du client mobile..." -ForegroundColor Yellow
|
||||
$headers = @{
|
||||
Authorization = "Bearer $adminToken"
|
||||
"Content-Type" = "application/json"
|
||||
}
|
||||
|
||||
$clientJson = Get-Content "client-simple.json" -Raw
|
||||
|
||||
try {
|
||||
Invoke-RestMethod -Uri "http://localhost:8180/admin/realms/unionflow/clients" -Method Post -Headers $headers -Body $clientJson
|
||||
Write-Host "Client mobile cree avec succes !" -ForegroundColor Green
|
||||
}
|
||||
catch {
|
||||
if ($_.Exception.Response.StatusCode -eq 409) {
|
||||
Write-Host "Client existe deja" -ForegroundColor Yellow
|
||||
}
|
||||
else {
|
||||
Write-Host "Erreur: $($_.Exception.Message)" -ForegroundColor Red
|
||||
}
|
||||
}
|
||||
|
||||
Write-Host "Configuration terminee !" -ForegroundColor Green
|
||||
Reference in New Issue
Block a user