I have Identity Server 4 working with an Ionic 5 APP which works fine when I run the app in the browser. When I run it in Android studio with the emulator, I then have to make some changes to the configuration such as 10.0.2.2 to target the local IS.
When I connect to IS4 from the emulator I can see in the logs that the origin received in IS is http://localhost which makes sense since I have the APP configured in Capacitor (https://ionicframework.com/docs/troubleshooting/cors#capacitor). My problem is that when I try to redirect back, the in app browser is trying to open the URL is http://localhost/<something> which does not exist.
My question is, how can I correctly perform the redirect back to the android emulator? I can debug and I correctly sign in, but somehow when IS performs the redirect to /connect/authorize... I then get the app stuck.
capacitor.config.json:
{
"appId": "com.example.app",
"appName": "com.example.app",
"bundledWebRuntime": false,
"npmClient": "npm",
"webDir": "www",
"plugins": {
"SplashScreen": {
"launchShowDuration": 0
}
},
"cordova": {},
"allowMixedContent": true
}
My Auth configuration:
auth_config: {
identity_client: 'mobile_app',
identity_server: 'http://10.0.2.2:13810',
redirect_url: 'com.example.app://auth-callback',
end_session_redirect_url: 'com.example.app://end-session',
scopes: 'openid profile exampleapi',
usePkce: true
},
browserAuthorityUrl: 'http://localhost:13810',
Identity server client configuration:
new Client
{
ClientId = "mobile_app",
ClientName = "Mobile APP Ionic Angular 9 Client",
AllowedGrantTypes = GrantTypes.Code,
RequirePkce = true,
RequireClientSecret = false,
AllowedScopes = new List<string> { "openid", "profile", "exampleapi" },
RedirectUris = new List<string> {
$"{mobileBaseUrl}/auth-callback",
$"{mobileAppBaseUrl}auth-callback",
$"{mobileAppOrigin}/auth-callback",
},
PostLogoutRedirectUris = new List<string> {
$"{mobileBaseUrl}/end-session",
$"{mobileAppBaseUrl}end-session",
$"{mobileAppOrigin}/end-session",
},
AllowedCorsOrigins = new List<string> {
mobileBaseUrl,
mobileAppOrigin
},
AllowAccessTokensViaBrowser = true,
RequireConsent = false,
AlwaysSendClientClaims = true,
AlwaysIncludeUserClaimsInIdToken = true,
}
where
"mobileBaseUrl": "http://localhost:8100",
"mobileAppBaseUrl": "com.example.app://",
"mobileAppOrigin": "http://localhost",
Note that works perfectly fine using the app via ionic serve but it fails when I run the Android app within the emulator. I'm following the example and using the ionic-appauth package from here: https://github.com/wi3land/ionic-appauth-capacitor-demo
UPDATE: The URL it is stuck on is when the user is authenticated and Identity server is redirecting to: /connect/authorize/callback?redirect_uri=com.example.app%3A%2F%2Fauth-callback&client_id=mobile_app&response_type=code&state=rLv7spCgZ2&scope=openid%20profile%20exampleapi&code_challenge=9yGKbchJ7YII2tx3jHAmcnV90kYZxsYVWz-60Ge5TQQ&code_challenge_method=S256
Related
So I have already configured 2 sub domains in Firebase hosting and I have a Flutter web version app it's running on these domains but I also want to use dynamic links and I linked one of these sub domains to it and to my Flutter app but whenever I generate a dynamic link it navigates me to the web version
This is my firebase.json file
{
"hosting": {
"public": "build/web",
"ignore": ["firebase.json", "**/.*", "**/node_modules/**"],
"rewrites": [
{
"source": "**",
"destination": "/index.html"
},
{ "source": "/**", "dynamicLinks": true },
{
"source": "/links/**",
"dynamicLinks": true
}
]
}
}
EDIT:
I tried to move the last part /links/ before the destination part but when generating the long url in the app I get the same error page wasn't found
this is my code :
FirebaseDynamicLinks dynamicLinks = FirebaseDynamicLinks.instance;
Future<String> builDynamicLinks(String? id, {bool isFamily = false}) async {
final DynamicLinkParameters parameters = DynamicLinkParameters(
// The Dynamic Link URI domain. You can view created URIs on your Firebase console
uriPrefix: 'https://links.nanny-finder.app/links',
// The deep Link passed to your application which you can use to affect change
link: Uri.parse(
'https://links.nanny-finder.app/links/${isFamily ? "families" : "nannies"}?id=$id'),
// Android application details needed for opening correct app on device/Play Store
androidParameters: AndroidParameters(
packageName: 'com.mickaelrobin.nannyfinderuae',
fallbackUrl: playStore),
// iOS application details needed for opening correct app on device/App Store
iosParameters: IOSParameters(
bundleId: 'com.mickaelrobin.nannyfinderuae', fallbackUrl: appStore),
);
final Uri uri = await dynamicLinks.buildLink(parameters);
print(uri);
return uri.toString();
}
and this is firebase console
As mentioned in the google documents i have tested the following process
URL to quick start: https://colab.research.google.com/github/google/android-management-api-samples/blob/master/notebooks/quickstart.ipynb#scrollTo=pjHfDSb8BoBP
Create Enterprise
Create Policy
Enroll the device
Then I have used the NODEJS API of Android Enterprises to develop the server based solution, which is working fine as per the documentation for all the functions such as get, create, delete the policy, devices, enterprises.
The issue i am facing is with the QR code generated from NODE application, when i scan the QR code generated from NODEJS application, the device got stuck at system update.
Following is my Policy update function
router.post('/update/:id', async function(req, res) {
const {title,policy_body,update_mask,enroll_url} = req.body;
// here we are callng the android managment API to and then the response we will update to database
const amApiBody = {
name: policy_body.name,
updateMask:update_mask,
requestBody:policy_body
}
const policy_update_response = await amApi.updatePolicy(amApiBody);
const p = await policyModel.update(req.params.id,title,policy_update_response,enroll_url);
res.json(p)
});
AmAPI file
this.updatePolicy = async function (body)
{
const auth = new google.auth.GoogleAuth({
scopes: ['https://www.googleapis.com/auth/androidmanagement'],
});
const authClient = await auth.getClient();
google.options({auth: authClient});
// Get the list of available policies
const res = await androidmanagement.enterprises.policies.patch(body);
console.log('requestFinalBody=',body);
return res.data;
}
Following is my policy data obtained by running above function
policy_create_response= {
name: 'enterprises/LC019rjnor/policies/policy1',
version: '14',
applications: [
{
packageName: 'com.google.samples.apps.iosched',
installType: 'FORCE_INSTALLED',
autoUpdateMode: 'AUTO_UPDATE_HIGH_PRIORITY'
},
{
packageName: 'com.dekaisheng.courier',
installType: 'FORCE_INSTALLED',
autoUpdateMode: 'AUTO_UPDATE_HIGH_PRIORITY'
}
],
keyguardDisabledFeatures: [ 'KEYGUARD_DISABLED_FEATURE_UNSPECIFIED' ],
defaultPermissionPolicy: 'GRANT',
uninstallAppsDisabled: true,
keyguardDisabled: true,
tetheringConfigDisabled: true,
dataRoamingDisabled: true,
networkEscapeHatchEnabled: true,
bluetoothDisabled: true,
debuggingFeaturesAllowed: true,
funDisabled: true,
kioskCustomLauncherEnabled: true
}
Note i have exported the variable to the terminal as follows before running the app, the auth.json is the service account credential file.
export GOOGLE_APPLICATION_CREDENTIALS="/Users/Mac/Projects/wajid/mdm/server/env/auth.json"
Thanks for the help in advance
I figured out that in nodeJS API I was passing wrong property name of Policy value in the request body.
Code before fix
parent: this.getParent(policyName),
requestBody:{
“name”: “my_policy"
}
Code after fix
parent: this.getParent(policyName),
requestBody:{
"policyName”: “my_policy"
}
I'm trying to connect my Flutter APP to my SocketIO server (v2), if I enable cors
const io = require("socket.io")(httpServer, {
origins: ["http://localhost:5500", "*", "*:*"]
})
It shows this error (on Android Studio)
I/flutter (20998): reconnect_error: WebSocketException: Connection to 'http://192.168.1.8:3000/socket.io/?EIO=3&transport=websocket#' was not upgraded to websocket
If I disable cors it works perfectly, but I need cors because I need to be able to connect my test file (chat.html) that runs on localhost:5500, and in the future, connect my Flutter Web App
const io = require("socket.io")(httpServer, {
allowRequest: (req, callback) => {
const origin = req.headers.origin
const origins = [
undefined,
"http://localhost:5500",
"http://127.0.0.1:5500"
]
callback(null, origins.includes(origin))
}
})
(This works only for v2)
I am setting proxy.conf.json file
It works on ionic serve but not working when I am taking build and install to device the api calls are not worked
{
"/horse": {
"target": "http://100.24.131.250",
"secure": false,
"changeOrigin": true,
"logLevel": "debug"
}
}
Yo have to pass your URL directly instead of Proxy when you run on Device
first check weather app is on localhost or Device
isApp()
{
return (!document.URL.startsWith('http')document.URL.startsWith('http://localhost:8080'));
}
then publish your Basepath Or URL like this
if(!isApp())
{
this.URL="./horse"
}
else
{
this.URL="www.YourUrl.com"
}
EDIT: On phone assistant its working now problem just exist in google action simulator
I just try to setup Google Actions SDK account Linking with implicit grant and try to test it in Simulator.
First question is this even possible in Simulator?
To Do so I added at the action console account linking with the type
implicit grant to my action.
The url I used is working.
Now I added a signup request to my action. For testing so if I write signup in simulator the server response with:
{
conversationToken: JSON.stringify(state),
expectUserResponse: true,
expectedInputs: [
{
inputPrompt: {
initialPrompts: [
{
textToSpeech: "PLACEHOLDER_FOR_SIGN_IN"
}
],
noInputPrompts: []
},
possibleIntents: [
{
"intent": "actions.intent.SIGN_IN",
"inputValueData": {}
}
],
speechBiasingHints: []
}
]
}
After this the server didn't request the sign in page route (the address is correct!). It just responds with SignIN intent ERROR :
{
"isInSandbox'": false,
"surface": {
"capabilities": [
{
"name": "actions.capability.AUDIO_OUTPUT"
},
{
"name": "actions.capability.SCREEN_OUTPUT"
}
]
},
"inputs": [
{
"rawInputs": [
{
"query": "i think so",
"inputType": "VOICE"
}
],
"arguments": [
{
"name": "SIGN_IN",
'extension': {
"#type": "type.googleapis.com/google.actions.v2.SignInValue",
"status": "Error"
}
}
],
"intent': "actions.intent.SIGN_IN"
}
],
"device": {
"locale": "en-US"
},
"conversation": {
"conversationId": "1494606917128",
"type": "ACTIVE",
"conversationToken": "[\"_actions_on_google_\"]"
}
}
Why? Where is the problem? Can I see a error message somewhere?
Here is what happen in the simulator between 3 and 4:
Is it same when you use the phone app? For me it opens an embedded browser with my /auth endpoint, which the simulator doesn’t do.
I am able to make it WORKING after a long time.
We have to enable the webhook first and we can see how to enable the webhook in the dialog flow fulfillment docs
If we are going to use Google Assistant, then we have to enable the Google Assistant Integration in the integrations first.
Then follow the steps mentioned below for the Account Linking in actions on google:-
Go to google cloud console -> APIsand Services -> Credentials -> OAuth 2.0 client IDs -> Web client -> Note the client ID, client secret from there
-> Download JSON - from json note down the project id, auth_uri, token_uri
-> Authorised Redirect URIs -> White list our app's URL -> in this URL fixed part is https://oauth-redirect.googleusercontent.com/r/ and append the project id in the URL
-> Save the changes
Actions on Google -> Account linking setup
1. Grant type = Authorisation code
2. Client info
1. Fill up client id,client secrtet, auth_uri, token_uri
2. Enter the auth uri as https://www.googleapis.com/auth and token_uri as https://www.googleapis.com/token
3. Save and run
4. It will show an error while running on the google assistant, but dont worry
5. Come back to the account linking section in the assistant settings and enter auth_uri as https://accounts.google.com/o/oauth2/auth
and token_uri as https://accounts.google.com/o/oauth2/token
6. Put the scopes as https://www.googleapis.com/auth/userinfo.profile and https://www.googleapis.com/auth/userinfo.email
and weare good to go.
7. Save the changes.
In the hosting server logs, we can see the access token value and through access token, we can get the details regarding the email address.
Append the access token to this link "https://www.googleapis.com/oauth2/v1/userinfo?access_token=" and we can get the required details in the resulting json page.
accessToken = req.get("originalRequest").get("data").get("user").get("accessToken")
r = requests.get(link)
print("Email Id= " + r.json()["email"])
print("Name= " + r.json()["name"])
P.S. You can use the Grant Type as Implicit also instead of Authorisation code.