-
-
Notifications
You must be signed in to change notification settings - Fork 14
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
refactor: refactor SDK using flutter_web_auth_2 (#76)
- Loading branch information
Showing
47 changed files
with
732 additions
and
458 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,126 +1,120 @@ | ||
| ## 0.0.1 | ||
|
|
||
| ### Packages | ||
| ## 2.1.0 | ||
|
|
||
| | Name | Description | | ||
| | ------------ | ----------------------------------------------------------------------------------------------------------- | | ||
| | logto_core | Core SDK is used for generation dart project with basic API and util method provided. | | ||
| | logto_client | Client SDK for flutter native apps. Built based on logto_core with user sign-in interaction flow integrated | | ||
| ### New features | ||
|
|
||
| ### Platforms | ||
| Add extra parameters to the signIn method for better sign-in experience customization. | ||
|
|
||
| iOS, Android | ||
| See the [Authentication parameters](https://docs.logto.io/docs/references/openid-connect/authentication-parameters) for more details. | ||
|
|
||
| ### Features | ||
| 1. `directSignIn`: This parameter allows you to skip the first screen of the sign-in page and directly go to the social or enterprise sso connectors's sign-in page. | ||
|
|
||
| - User sign-in using Logto's webAuth | ||
| - User sign-out | ||
| - Retrieve idToken claims | ||
| - Retrieve access token | ||
| - `social:<idp-name>`: Use the specified social connector, e.g. `social:google` | ||
| - `sso:<connector-id>`: Use the specified enterprise sso connector, e.g. `sso:123456` | ||
|
|
||
| ## 1.0.0 | ||
| 2. `firstScreen`: This parameter allows you to customize the first screen that users see when they start the authentication process. The value for this parameter can be: | ||
|
|
||
| ### logto_client | ||
| - `sign_in`: Allow users to directly access the sign-in page. | ||
| - `register`: Allow users to directly access the registration page. | ||
| - `single_sign_on`: Allow users to directly access the single sign-on (SSO) page. | ||
| - `identifier:sign_in`: Allow users to direct access a page that only display specific identifier-based sign-in methods to users. | ||
| - `identifier:register`: Allow users to direct access a page that only display specific identifier-based registration methods to users. | ||
| - `reset_password`: Allow users to directly access the password reset page. | ||
|
|
||
| - Support RBAC | ||
| - Add `LogtoClient.getUserInfo` to get authenticated user info | ||
| 3. `identifiers`: Additional parameter to specify the identifier type for the first screen. This parameter is only used when the `firstScreen` parameter is set to `identifier:sign_in`, `identifier:register` or `reset_password`. The value can be a list of the following supported identifier types: | ||
|
|
||
| ## 1.1.0 | ||
| - `email` | ||
| - `phone` | ||
| - `username` | ||
|
|
||
| - fix Logto sign-out bug, the token revoke endpoint was misconfigured | ||
| - bump version to support Flutter 3.10 | ||
| - bump the http dependency to the latest version | ||
| - bump the flutter_web_auth dependency to the latest version | ||
| - bump the flutter_secure_storage dependency to the latest version | ||
| 4. `extraParams`: This parameter allow you to pass additional custom parameters to the Logto sign-in page. The value for this parameter should be a Map<String, String> object. | ||
|
|
||
| ## 1.2.0 | ||
| ### Bug fixes | ||
|
|
||
| ### Dependencies update | ||
| Fix the `logtoClient.getAccessToken` method always fetching new access token bug. | ||
|
|
||
| - bump http package dependency to 1.2.0 | ||
| - bump flutter_secure_storage package dependency to 9.0.0 | ||
| - bump flutter_lints package dependency to 3.0.x | ||
| Background: | ||
| On each token exchange request, Logto dart SDK will cache the token response in the local storage. To reduce the number of token exchange requests, the SDK should always return the cached access token if it's not expired. Only when the access token is expired, the SDK should fetch a new access token using the refresh token. | ||
| However, the current implementation always fetches a new access token even if the cached access token is not expired. | ||
|
|
||
| ### Features | ||
| Root cause: | ||
| Previously, all the access token storage keys are generated using the combination of the token's `resource`, `organization` and `scopes` values. This is to ensure that multiple access tokens can be stored in the storage without conflict. | ||
| Logto does not support narrowing down the scopes during a token exchange request, so the scopes value is always the same as the initial token request, therefore `scopes` is not necessary to be included in the `logtoClient.getAccessToken` method. Without the `scopes` value specified, the SDK can not locate the correct access token in the storage, which leads to always fetching a new access token. | ||
|
|
||
| - Update `LogtoConfig` to support new organization feature, including new organization scopes and fetching organization token | ||
| - Add `LogtoClient.getOrganizationToken` method to support organization token retrieval | ||
| Fix: | ||
| Remove the `scope` parameter from the `_tokenStorage.buildAccessTokenKey` and `_tokenStorage.getAccessToken` methods. Always get and set the access token using the `resource` and `organization` values as the key. | ||
|
|
||
| ### Refactor | ||
| ## 2.0.2 | ||
|
|
||
| - Export all the necessary classes and interfaces from `logto_core` to `logto_client` package | ||
| - Update the example app to demonstrate the new organization feature | ||
| ### Bug fixes | ||
|
|
||
| ## 2.0.0 | ||
| Fix the `OpenIdClaims` class key parsing issue: | ||
|
|
||
| Upgrade to dart 3.0.0 | ||
| - `avatar` key is now `picture` mapped from the `picture` key in the token claims | ||
| - `phone` key is now `phoneNumber` mapped from the `phone_number` key in the token claims | ||
| - `phoneVerified` key is now `phoneNumberVerified` mapped from the `phone_number_verified` key in the token claims | ||
|
|
||
| - Fix the `UserInfo` abstract class used as mixin incompatibility issue | ||
| - SDK now supports Dart ^3.0.0 | ||
| - < 3.0.0 users please use the previous version of the SDK | ||
| Previous key mapping values are always empty as they are not available in the IdToken claims. | ||
| This fix update the key mapping to the correct values. | ||
|
|
||
| ## 2.0.1 | ||
|
|
||
| Bug fix | ||
| ### Bug fixes | ||
|
|
||
| Issue: `LogtoClient.getUserInfo` method throws an `not authenticated` error when the initial access token is expired. | ||
| Expected behavior: The method should refresh the access token and return the user info properly. | ||
| Fix: Always get the access token by calling `LogtoClient.getAccessToken`, which will refresh the token automatically if it's expired. | ||
|
|
||
| ## 2.0.2 | ||
| ## 2.0.0 | ||
|
|
||
| Bug fix | ||
| ### Dependencies update | ||
|
|
||
| Fix the `OpenIdClaims` class key parsing issue: | ||
| Upgrade to dart 3.0.0 | ||
|
|
||
| - `avatar` key is now `picture` mapped from the `picture` key in the token claims | ||
| - `phone` key is now `phoneNumber` mapped from the `phone_number` key in the token claims | ||
| - `phoneVerified` key is now `phoneNumberVerified` mapped from the `phone_number_verified` key in the token claims | ||
| - Fix the `UserInfo` abstract class used as mixin incompatibility issue | ||
| - SDK now supports Dart ^3.0.0 | ||
| - < 3.0.0 users please use the previous version of the SDK | ||
|
|
||
| Previous key mapping values are always empty as they are not available in the IdToken claims. | ||
| This fix update the key mapping to the correct values. | ||
| ## 1.2.0 | ||
|
|
||
| ## 2.1.0 | ||
| ### Dependencies update | ||
|
|
||
| ### New Features | ||
| - bump http package dependency to 1.2.0 | ||
| - bump flutter_secure_storage package dependency to 9.0.0 | ||
| - bump flutter_lints package dependency to 3.0.x | ||
|
|
||
| Add extra parameters to the signIn method for better sign-in experience customization. | ||
| ### New features | ||
|
|
||
| See the [Authentication parameters](https://docs.logto.io/docs/references/openid-connect/authentication-parameters) for more details. | ||
| - Update `LogtoConfig` to support new organization feature, including new organization scopes and fetching organization token | ||
| - Add `LogtoClient.getOrganizationToken` method to support organization token retrieval | ||
|
|
||
| 1. `directSignIn`: This parameter allows you to skip the first screen of the sign-in page and directly go to the social or enterprise sso connectors's sign-in page. | ||
| ### Refactors | ||
|
|
||
| - `social:<idp-name>`: Use the specified social connector, e.g. `social:google` | ||
| - `sso:<connector-id>`: Use the specified enterprise sso connector, e.g. `sso:123456` | ||
| - Export all the necessary classes and interfaces from `logto_core` to `logto_client` package | ||
| - Update the example app to demonstrate the new organization feature | ||
|
|
||
| 2. `firstScreen`: This parameter allows you to customize the first screen that users see when they start the authentication process. The value for this parameter can be: | ||
| ## 1.0.0 | ||
|
|
||
| - `sign_in`: Allow users to directly access the sign-in page. | ||
| - `register`: Allow users to directly access the registration page. | ||
| - `single_sign_on`: Allow users to directly access the single sign-on (SSO) page. | ||
| - `identifier:sign_in`: Allow users to direct access a page that only display specific identifier-based sign-in methods to users. | ||
| - `identifier:register`: Allow users to direct access a page that only display specific identifier-based registration methods to users. | ||
| - `reset_password`: Allow users to directly access the password reset page. | ||
| ### New features | ||
|
|
||
| 3. `identifiers`: Additional parameter to specify the identifier type for the first screen. This parameter is only used when the `firstScreen` parameter is set to `identifier:sign_in`, `identifier:register` or `reset_password`. The value can be a list of the following supported identifier types: | ||
| - Support RBAC | ||
| - Add `LogtoClient.getUserInfo` method to get authenticated user info | ||
|
|
||
| - `email` | ||
| - `phone` | ||
| - `username` | ||
| ## 0.0.1 | ||
|
|
||
| 4. `extraParams`: This parameter allow you to pass additional custom parameters to the Logto sign-in page. The value for this parameter should be a Map<String, String> object. | ||
| ### Packages | ||
|
|
||
| ### Bug Fixes | ||
| | Name | Description | | ||
| | ------------ | ----------------------------------------------------------------------------------------------------------- | | ||
| | logto_core | Core SDK is used for generation dart project with basic API and util method provided. | | ||
| | logto_client | Client SDK for flutter native apps. Built based on logto_core with user sign-in interaction flow integrated | | ||
|
|
||
| Fix the `logtoClient.getAccessToken` method always fetching new access token bug. | ||
| ### Supported Platforms | ||
|
|
||
| Background: | ||
| On each token exchange request, Logto dart SDK will cache the token response in the local storage. To reduce the number of token exchange requests, the SDK should always return the cached access token if it's not expired. Only when the access token is expired, the SDK should fetch a new access token using the refresh token. | ||
| However, the current implementation always fetches a new access token even if the cached access token is not expired. | ||
| iOS, Android | ||
|
|
||
| Root cause: | ||
| Previously, all the access token storage keys are generated using the combination of the token's `resource`, `organization` and `scopes` values. This is to ensure that multiple access tokens can be stored in the storage without conflict. | ||
| Logto does not support narrowing down the scopes during a token exchange request, so the scopes value is always the same as the initial token request, therefore `scopes` is not necessary to be included in the `logtoClient.getAccessToken` method. Without the `scopes` value specified, the SDK can not locate the correct access token in the storage, which leads to always fetching a new access token. | ||
| ### Features | ||
|
|
||
| Fix: | ||
| Remove the `scope` parameter from the `_tokenStorage.buildAccessTokenKey` and `_tokenStorage.getAccessToken` methods. Always get and set the access token using the `resource` and `organization` values as the key. | ||
| - User sign-in using Logto's webAuth | ||
| - User sign-out | ||
| - Retrieve idToken claims | ||
| - Retrieve access token |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,71 +1,44 @@ | ||
| def localProperties = new Properties() | ||
| def localPropertiesFile = rootProject.file('local.properties') | ||
| if (localPropertiesFile.exists()) { | ||
| localPropertiesFile.withReader('UTF-8') { reader -> | ||
| localProperties.load(reader) | ||
| } | ||
| } | ||
|
|
||
| def flutterRoot = localProperties.getProperty('flutter.sdk') | ||
| if (flutterRoot == null) { | ||
| throw new GradleException("Flutter SDK not found. Define location with flutter.sdk in the local.properties file.") | ||
| } | ||
|
|
||
| def flutterVersionCode = localProperties.getProperty('flutter.versionCode') | ||
| if (flutterVersionCode == null) { | ||
| flutterVersionCode = '1' | ||
| } | ||
|
|
||
| def flutterVersionName = localProperties.getProperty('flutter.versionName') | ||
| if (flutterVersionName == null) { | ||
| flutterVersionName = '1.0' | ||
| plugins { | ||
| id "com.android.application" | ||
| id "kotlin-android" | ||
| // The Flutter Gradle Plugin must be applied after the Android and Kotlin Gradle plugins. | ||
| id "dev.flutter.flutter-gradle-plugin" | ||
| } | ||
|
|
||
| apply plugin: 'com.android.application' | ||
| apply plugin: 'kotlin-android' | ||
| apply from: "$flutterRoot/packages/flutter_tools/gradle/flutter.gradle" | ||
|
|
||
| android { | ||
| compileSdkVersion 33 | ||
| ndkVersion flutter.ndkVersion | ||
| namespace = "com.example.example" | ||
| compileSdk = flutter.compileSdkVersion | ||
| ndkVersion = flutter.ndkVersion | ||
|
|
||
| compileOptions { | ||
| sourceCompatibility JavaVersion.VERSION_1_8 | ||
| targetCompatibility JavaVersion.VERSION_1_8 | ||
| sourceCompatibility = JavaVersion.VERSION_1_8 | ||
| targetCompatibility = JavaVersion.VERSION_1_8 | ||
| } | ||
|
|
||
| kotlinOptions { | ||
| jvmTarget = '1.8' | ||
| } | ||
|
|
||
| sourceSets { | ||
| main.java.srcDirs += 'src/main/kotlin' | ||
| jvmTarget = JavaVersion.VERSION_1_8 | ||
| } | ||
|
|
||
| defaultConfig { | ||
| // TODO: Specify your own unique Application ID (https://developer.android.com/studio/build/application-id.html). | ||
| applicationId "com.example.example" | ||
| applicationId = "com.example.example" | ||
| // You can update the following values to match your application needs. | ||
| // For more information, see: https://docs.flutter.dev/deployment/android#reviewing-the-build-configuration. | ||
| minSdkVersion 19 | ||
| targetSdkVersion flutter.targetSdkVersion | ||
| versionCode flutterVersionCode.toInteger() | ||
| versionName flutterVersionName | ||
| // For more information, see: https://flutter.dev/to/review-gradle-config. | ||
| minSdk = flutter.minSdkVersion | ||
| targetSdk = flutter.targetSdkVersion | ||
| versionCode = flutter.versionCode | ||
| versionName = flutter.versionName | ||
| } | ||
|
|
||
| buildTypes { | ||
| release { | ||
| // TODO: Add your own signing config for the release build. | ||
| // Signing with the debug keys for now, so `flutter run --release` works. | ||
| signingConfig signingConfigs.debug | ||
| signingConfig = signingConfigs.debug | ||
| } | ||
| } | ||
| } | ||
|
|
||
| flutter { | ||
| source '../..' | ||
| } | ||
|
|
||
| dependencies { | ||
| implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk7:$kotlin_version" | ||
| source = "../.." | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.