Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor: refactor SDK using flutter_web_auth_2 #76

Merged
merged 2 commits into from
Jan 23, 2025
Merged

refactor: refactor SDK using flutter_web_auth_2 #76

merged 2 commits into from
Jan 23, 2025

Conversation

simeng-li
Copy link
Contributor

@simeng-li simeng-li commented Jan 22, 2025
edited
Loading

Summary

Refactor @logto/dart SDK using the new flutter_web_auth_2 library.

Context

This PR refactors the Logto Dart SDK using the new flutter_web_auth_2 package to handle the OAuth2 user authorization flow.

The SDK originally used the flutter_web_auth package to handle the OAuth2 user authorization flow. However, this outdated package is no longer maintained. We have received multiple reported issues with the package, which does not work properly with some of the latest platforms and devices. Hence, we refactor the SDK to use the new flutter_web_auth_2 package.

Updates

These updates will not affect the SDK API and user experiences. Major fixes and improvements are:

  1. Fix the namespace missing issue when building with the latest Gradle version on Android. (bug: Can`t build android apk. #75 )
  2. Fix the issue that the webview is not closing after the user completes the OAuth2 authorization flow on Android. (doc: social logins signups redirect loop on android when android:taskAffinity="" #60)
  3. The SDK now supports web applications with the latest flutter_web_auth_2 package. (feature request: consider using flutter_web_auth_2 #61 )
  4. Fix the issue on Android that the sign-in session is not cleared after the user signs out. The preferEphemeral parameter does not work on Android. Even with the ephemeralIntentFlags specified, the webview still preserves the Logto sign-in session on Android. As a workaround, for Android and Web platforms, redirect the user to the end_session_endpoint to clear the sign-in session after the user signs out manually.

Breaking change

logtoClient.signOut method now requires a redirectUri parameter. For iOS platform, this parameter is useless, but for Android and Web platforms which require an additional end_session request to clean up the sign-in session, this parameter will be used as the post_logout_redirect_uri parameter in the end_session request.

Testing

Test locally using iOS, Android, and Chrome simulators.

Checklist

  • .changeset
  • unit tests
  • integration tests
  • necessary TSDoc comments

@simeng-li
refactor: refactor SDK using flutter_web_auth_2
2fda913 
refactor the SDK using flutter_web_auth_2
@simeng-li simeng-li requested review from a team, wangsijie and charIeszhao and removed request for a team January 22, 2025 06:51
This was referenced Jan 22, 2025
Open
Open
Open
Open
@simeng-li
refactor: refactor the changelog
6ef8165 
refactor the changelog using descent order
@simeng-li simeng-li requested review from a team January 22, 2025 08:44
@simeng-li simeng-li merged commit 41dfe52 into master Jan 23, 2025
2 checks passed
@simeng-li simeng-li deleted the simeng-web-auth-v2 branch January 23, 2025 02:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wangsijie wangsijie wangsijie approved these changes

@charIeszhao charIeszhao Awaiting requested review from charIeszhao charIeszhao was automatically assigned from logto-io/mandatory-reviewers

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@simeng-li @wangsijie