Forum General

3-legged OAuth with Xamarin.Auth and SAP Cloud Platform

JonasRembrattJonasRembratt SEUniversity ✭✭✭
edited March 2018 in General

I'm getting my head around OAuth2 using Xamarin.Auth but there'sa few things I need help understanding.

First off is the use of the URL Type (in iOS). I have successfully used 3-L OAuth with Facebook without the overridden AppDelegate.OpenUrl ever have been called. Indeed, I passed the usual Facebook redirect (http://www.facebook.com/connect/login_success.html) and all worked just fine. OpenUrl was never called back to and, apparently, a URL Type was not needed.

I do the same with Sap Cloud Platform however and I get an "invalid_grant" for result. I then tried passing my custom URL Type ("{bundle id}:/oauthCallback"), set a breakpoint in AppDelegate.OpenUrl and started the login. After having passed my user credentials I get a nice looking error page instead, informing me the authentication failed. OpenUrl was (again) not called back to.

So, apparently I haven't understood the use of the URL Type in OAuth flows. When exactly is it needed?

Also, if anyone has any experience with authenticating SCP any hints as to why I get a "invalid_grant" would be much appreciated.

Cheers

Tagged:

Answers

  • JonasRembrattJonasRembratt SEUniversity ✭✭✭
    edited March 2018

    If anyone is interested. The reason I got a "invalid_redirect" is because OAuth2Authenticator automatically adds a trailing slash (/) to the redirect uri value. Apparently, this is a known issue (that should be fixed). I hacked it by simply adding a slash in my requested redirect URI but that won't be a reliable workaround as some providers might reject such URIs for policy reasons.

    I still don't get how/when I need to use a custom URL Type for the callback so please enlighten me! :smile:

  • AllanChin.6924AllanChin.6924 USUniversity ✭✭✭

    Hi - did you ever get the OpenUrls() invoked?

Sign In or Register to comment.