Oauth2 redirect_uri

Thu Feb 13, 2014 6:09 pm

I am trying to implement oauth2 authentication. I have started with the salesforce plugin and then I'm using it to log into dropbox api. For the redirect_uri callback from dropbox I have to use the appery URL: http://appery.io/app/view/0c17c2c9-94... and have it set to public.

This works but is forever dependant on appery.io and having my app set to public in this way. I don't want this, is there another way?

Looking at Oauth2 documentation on mobile app flow, it seems the way to do this is by using a custom uri protocol (iOS) or URL matching patterns which will launch the native app (android).

Is this possible to do with an appery app?

Thu Feb 13, 2014 7:50 pm

Hi Aric,

If you don't tick 'Public', it doesn't work, right?

Thu Feb 13, 2014 10:12 pm

Correct. Without public checked, it asks you to log into an appery account.

While this works for now, I don't want to have to always redirect through appery.

How does appery get that redirect back to my app?

Fri Feb 14, 2014 2:19 pm

Hello! Looks like you've done something wrong... You should open Login window in new inAppBrowser window and track there redirect to Appery.io page. Once it's redirected close inAppBrowser window and continue work in app. There is no need to do public anything. Please check an example here https://getsatisfaction.com/apperyio/...

Fri Feb 14, 2014 7:25 pm

ok well I was using the salesforce plugin code. What you say makes sense though. So I can just make up whatever I want for the redirect uri because its going to catch that with the event handler?

Fri Feb 14, 2014 8:03 pm

I still cant get this to work. Here is the javascript I am using:
pre
function doLogin() {

Code: Select all

 &#47;&#47; as we render all pages into one file, let's check if this is a callback 
 if (window&#46;location&#46;href&#46;indexOf("access_token") == -1) { 

     var client_id = SF_Settings['client_id']; 
     var redirect_url = SF_Settings['redirect_url']; 
     var login_url = SF_Settings['login_url']; 

     var url = login_url + "?response_type=token&client_id=" + client_id + "&redirect_uri=" + encodeURI(redirect_url); 

     &#47;&#47; let's go to Salesforce to login 
     &#47;&#47;window&#46;open(url, "_self"); 

     var ref = window&#46;open(url, '_blank', 'location=no'); 
     ref&#46;addEventListener('loadstart', function(event) { 
         if (event&#46;url&#46;indexOf(redirect_url) === 0) { 
             /* if user successfully logged in */ 
             ref&#46;close(); 
             var vars = parseUrlVars(event&#46;url); 
             localStorage&#46;setItem('access_token', "Bearer " + vars&#46;access_token); /* store secret code */ 
             localStorage&#46;setItem('instance_url', vars&#46;instance_url); 
             Appery&#46;navigateTo('SF_UsingAPI', { 
                 reverse: false 
             }); /* Navigate to page 'result' */ 
         } 
     }); 

 } else { &#47;&#47; yes, this is a callback 
     alert("this shouldnt happen now"); 
     &#47;&#47; save token, url into local storag 
     saveAuthCodeInLocalStorage(); 
     &#47;&#47; navigate to Contacts page 
     Appery&#46;navigateTo('SF_UsingAPI', { 
         reverse: false 
     }); 

 }

}
/pre

Fri Feb 14, 2014 10:10 pm

Hi Aric,

1) You can use oAuth2 for authorization on WordPress: http://developer.wordpress.com/docs/o...
It's very safe mechanism we can recommend you.
2) If there is an appropriate API - yes, sure.
3) You can use any library to create QR, for example: http://larsjung.de/qrcode/

Sat Feb 15, 2014 4:45 pm

I think you might have responded to the wrong message? I wasnt asking about wordpress or QR codes.. ?

In my situation, using the above js code, the 'loadstart' event listener is never getting called. I cant figure out why because the code looks correct.

Mon Feb 17, 2014 5:54 pm

Hello! Sorry for a late reply and misunderstanding.
Could you clarify where did you put code posted above? What happens when you run this code? Does login page open? What exactly doesn't work, are there any errors in console?

Thu Feb 20, 2014 3:16 am

I am using the salesforce plugin with few changes. The javascript doLogin() is run on load of the start page in my app.

The callback should be going to the loadstart function, and not to the other else statement, so I put in that alert, and indeed that alert comes up "this shouldnt happen now". It seems that addEventListener() is not working.

Now, I understand that it probably will only work inside of a native app and not inside a browser test, because it relies on phonegap native code. But I've tried with an .apk exported from appery and it does not work.