Keycloak 到 Flutter Android 应用程序重定向问题:HTTP 正在运行,HTTPS 出现错误
Keycloak to Flutter Android App Redirect Issue : HTTP is working, HTTPS is giving error
我已经实施 flutter_appauth 并且我正在使用 Keycloak 作为身份验证服务器。
代码片段如下:
Main.dart
final String _clientId = 'flutter-demo-app';
//final String _redirectUrl = 'com.example.sampleflutterauthapp:/*';
final String _redirectUrl = 'com.example.sampleflutterauthapp:/*';
final String _issuer = 'https://10.0.2.2:8443/auth/realms/flutter';
final String _discoveryUrl =
'https://10.0.2.2:8443/auth/realms/flutter/.well-known/openid-configuration';
final String _postLogoutRedirectUrl = 'com.example.sampleflutterauthapp://';
final List<String> _scopes = <String>[
'openid',
'profile',
'offline_access'
];
final AuthorizationServiceConfiguration _serviceConfiguration =
const AuthorizationServiceConfiguration(
authorizationEndpoint: 'https://10.0.2.2:8443/auth/realms/flutter/protocol/openid-connect/auth',
tokenEndpoint: 'https://10.0.2.2:8443/auth/realms/flutter/protocol/openid-connect/token',
endSessionEndpoint: 'https://10.0.2.2:8443/auth/realms/flutter/protocol/openid-connect/logout',
);
Future<void> _signInWithAutoCodeExchange(
{bool preferEphemeralSession = false}) async {
try {
_setBusyState();
final AuthorizationTokenResponse? result =
await _appAuth.authorizeAndExchangeCode(
AuthorizationTokenRequest(
_clientId,
_redirectUrl,
serviceConfiguration: _serviceConfiguration,
scopes: _scopes,
preferEphemeralSession: preferEphemeralSession,
allowInsecureConnections: true,
),
);
我的 build.gradle 文件 Android 应用程序如下用于 HTTPS 重定向:
我的keycloak配置如下:
我 运行 我的应用程序在 Pixel 5 API 31 (Andoid 12.0) 作为虚拟设备。
如果我使用以下 Keycloak 服务器的 http url,它工作正常。
final String _issuer = 'http://10.0.2.2:8080/auth/realms/flutter';
如果我使用 Keycloak 服务器的以下 HTTPS url,身份验证会成功完成,但会重定向到 Android 应用程序
我收到网络错误
final String _issuer = 'https://10.0.2.2:8443/auth/realms/flutter';
PlatformException(authorize_and_exchange_code_failed, Failed to
authorize: [error: null, description: Network error],
java.security.cert.CertPathValidatorException: Trust anchor for
certification path not found., null)
请告诉我我在这里遗漏了什么才能使其与 HTTPS 一起使用。
请找到解决方案,因为您必须在 subjectAltName
中使用正确的值配置 self-signed-certificate
更多详情请参考以下link
configure-self-singed-certificate
我已经实施 flutter_appauth 并且我正在使用 Keycloak 作为身份验证服务器。
代码片段如下: Main.dart
final String _clientId = 'flutter-demo-app';
//final String _redirectUrl = 'com.example.sampleflutterauthapp:/*';
final String _redirectUrl = 'com.example.sampleflutterauthapp:/*';
final String _issuer = 'https://10.0.2.2:8443/auth/realms/flutter';
final String _discoveryUrl =
'https://10.0.2.2:8443/auth/realms/flutter/.well-known/openid-configuration';
final String _postLogoutRedirectUrl = 'com.example.sampleflutterauthapp://';
final List<String> _scopes = <String>[
'openid',
'profile',
'offline_access'
];
final AuthorizationServiceConfiguration _serviceConfiguration =
const AuthorizationServiceConfiguration(
authorizationEndpoint: 'https://10.0.2.2:8443/auth/realms/flutter/protocol/openid-connect/auth',
tokenEndpoint: 'https://10.0.2.2:8443/auth/realms/flutter/protocol/openid-connect/token',
endSessionEndpoint: 'https://10.0.2.2:8443/auth/realms/flutter/protocol/openid-connect/logout',
);
Future<void> _signInWithAutoCodeExchange(
{bool preferEphemeralSession = false}) async {
try {
_setBusyState();
final AuthorizationTokenResponse? result =
await _appAuth.authorizeAndExchangeCode(
AuthorizationTokenRequest(
_clientId,
_redirectUrl,
serviceConfiguration: _serviceConfiguration,
scopes: _scopes,
preferEphemeralSession: preferEphemeralSession,
allowInsecureConnections: true,
),
);
我的 build.gradle 文件 Android 应用程序如下用于 HTTPS 重定向:
我的keycloak配置如下:
我 运行 我的应用程序在 Pixel 5 API 31 (Andoid 12.0) 作为虚拟设备。
如果我使用以下 Keycloak 服务器的 http url,它工作正常。
final String _issuer = 'http://10.0.2.2:8080/auth/realms/flutter';
如果我使用 Keycloak 服务器的以下 HTTPS url,身份验证会成功完成,但会重定向到 Android 应用程序 我收到网络错误
final String _issuer = 'https://10.0.2.2:8443/auth/realms/flutter';
PlatformException(authorize_and_exchange_code_failed, Failed to authorize: [error: null, description: Network error], java.security.cert.CertPathValidatorException: Trust anchor for certification path not found., null)
请告诉我我在这里遗漏了什么才能使其与 HTTPS 一起使用。
请找到解决方案,因为您必须在 subjectAltName
中使用正确的值配置 self-signed-certificate更多详情请参考以下link configure-self-singed-certificate