feat(mobile): Implement Keycloak WebView authentication with HTTP callback
- Replace flutter_appauth with custom WebView implementation to resolve deep link issues - Add KeycloakWebViewAuthService with integrated WebView for seamless authentication - Configure Android manifest for HTTP cleartext traffic support - Add network security config for development environment (192.168.1.11) - Update Keycloak client to use HTTP callback endpoint (http://192.168.1.11:8080/auth/callback) - Remove obsolete keycloak_auth_service.dart and temporary scripts - Clean up dependencies and regenerate injection configuration - Tested successfully on multiple Android devices (Xiaomi 2201116TG, SM A725F) BREAKING CHANGE: Authentication flow now uses WebView instead of external browser - Users will see Keycloak login page within the app instead of browser redirect - Resolves ERR_CLEARTEXT_NOT_PERMITTED and deep link state management issues - Maintains full OIDC compliance with PKCE flow and secure token storage Technical improvements: - WebView with custom navigation delegate for callback handling - Automatic token extraction and user info parsing from JWT - Proper error handling and user feedback - Consistent authentication state management across app lifecycle
This commit is contained in:
DahoudG
40
create-server-client-simple.ps1
Normal file
40
create-server-client-simple.ps1
Normal file
@@ -0,0 +1,40 @@
|
||||
# Script simple pour créer le client unionflow-server
|
||||
$KeycloakUrl = "http://192.168.1.11:8180"
|
||||
$Realm = "unionflow"
|
||||
|
||||
Write-Host "Creation du client serveur..." -ForegroundColor Cyan
|
||||
|
||||
# Obtenir le token
|
||||
$tokenBody = "username=admin&password=admin&grant_type=password&client_id=admin-cli"
|
||||
$tokenResponse = Invoke-RestMethod -Uri "$KeycloakUrl/realms/master/protocol/openid-connect/token" -Method Post -ContentType "application/x-www-form-urlencoded" -Body $tokenBody
|
||||
|
||||
$accessToken = $tokenResponse.access_token
|
||||
Write-Host "Token obtenu" -ForegroundColor Green
|
||||
|
||||
# Configuration du client
|
||||
$clientConfig = @{
|
||||
clientId = "unionflow-server"
|
||||
name = "UnionFlow Server API"
|
||||
enabled = $true
|
||||
clientAuthenticatorType = "client-secret"
|
||||
secret = "unionflow-secret-2025"
|
||||
publicClient = $false
|
||||
standardFlowEnabled = $true
|
||||
directAccessGrantsEnabled = $true
|
||||
serviceAccountsEnabled = $true
|
||||
redirectUris = @("http://192.168.1.11:8080/*")
|
||||
webOrigins = @("http://192.168.1.11:8080")
|
||||
} | ConvertTo-Json
|
||||
|
||||
$headers = @{
|
||||
"Authorization" = "Bearer $accessToken"
|
||||
"Content-Type" = "application/json"
|
||||
}
|
||||
|
||||
try {
|
||||
Invoke-RestMethod -Uri "$KeycloakUrl/admin/realms/$Realm/clients" -Method Post -Headers $headers -Body $clientConfig
|
||||
Write-Host "Client serveur cree avec succes !" -ForegroundColor Green
|
||||
}
|
||||
catch {
|
||||
Write-Host "Erreur: $($_.Exception.Message)" -ForegroundColor Red
|
||||
}
|
||||
Reference in New Issue
Block a user