Skip to content

Releases: logto-io/dart

v2.1.0

09 Sep 08:16
31dee5f
Compare
Choose a tag to compare

New features

Add extra parameters to the signIn method to customize the sign-in experience.

See the Authentication parameters for more details.

  1. directSignIn: This parameter allows you to skip the first screen of the sign-in page and directly go to the social or enterprise SSO connectors's sign-in page.

    • social:<idp-name>: Use the specified social connector, e.g. social:google
    • sso:<connector-id>: Use the specified enterprise SSO connector, e.g. sso:123456
  2. firstScreen: This parameter allows you to customize the first screen that users see when they start the authentication process. The value for this parameter can be:

    • sign_in: Allow users to directly access the sign-in page.
    • register: Allow users to directly access the registration page.
    • single_sign_on: Allow users to directly access the single sign-on (SSO) page.
    • identifier:sign_in: Allow users to directly access a page that only displays specific identifier-based sign-in methods to users.
    • identifier:register: Allow users to directly access a page that only displays specific identifier-based registration methods to users.
    • reset_password: Allow users to directly access the password reset page.
  3. identifiers: Additional parameter to specify the identifier type for the first screen. This parameter is only used when the firstScreen parameter is set to identifier:sign_in, identifier:register, or reset_password. The value can be a list of the following supported identifier types:

    • email
    • phone
    • username
  4. extraParams: This parameter allows you to pass additional custom parameters to the Logto sign-in page. The value for this parameter should be a Map<String, String> object.

Bug fixes

Fix the logtoClient.getAccessToken method always fetching new access token bug.

Background:
On each token exchange request, Logto dart SDK will cache the token response in the local storage. To reduce the number of token exchange requests, the SDK should always return the cached access token if it's not expired. Only when the access token is expired, the SDK should fetch a new access token using the refresh token.
However, the current implementation always fetches a new access token even if the cached access token is not expired.

Root cause:
Previously, all the access token storage keys are generated using the combination of the token's resource, organization, and scopes values. This is to ensure that multiple access tokens can be stored in the storage without conflict.
Logto does not support narrowing down the scopes during a token exchange request, so the scopes value is always the same as the initial token request, therefore scopes is not necessary to be included in the logtoClient.getAccessToken method. Without the scopes value specified, the SDK can not locate the correct access token in the storage, which leads to always fetching a new access token.

Fix:
Remove the scope parameter from the _tokenStorage.buildAccessTokenKey and _tokenStorage.getAccessToken methods. Always get and set the access token using the resource and organization values as the key.

v2.0.2

18 Jul 02:48
de35beb
Compare
Choose a tag to compare

Bug Fixes

Fix the OpenIdClaims class key parsing issue:

  • avatar key is now renamed as picture, mapped from the picture key in the token claims
  • phone key is now renamed as phoneNumber, mapped from the phone_number key in the token claims
  • phoneVerified key is now renamed as phoneNumberVerified, mapped from the phone_number_verified key in the token claims

Previous key mapping values are always empty as they are unavailable in the IdToken claims.
This fix updates the key mapping to the correct values.

v2.0.1

03 Jun 03:42
08e2f3c
Compare
Choose a tag to compare

Bug Fixes

  • Issue: LogtoClient.getUserInfo method throws an not authenticated error when the initial access token is expired.
  • Expected behavior: The method should refresh the access token and return the user info properly.
  • Fix: Always get the access token by calling LogtoClient.getAccessToken, which will refresh the token automatically if it's expired.

v2.0.0

31 May 02:21
a455d42
Compare
Choose a tag to compare

Dependency updates

This release includes a significant upgrade of the Dart SDK version, moving from Dart 2.x to Dart 3.0.0 and above.

This upgrade ensures compatibility with the latest features and improvements in the Dart ecosystem. Please update your development environment accordingly to take advantage of the new capabilities and enhancements offered by Dart 3.x.

v1.2.0

05 Feb 07:20
5172e91
Compare
Choose a tag to compare

Support Logto organization authorization flow

Dependencies updates

  • bump http package dependency to 1.2.0
  • bump flutter_secure_storage package dependency to 9.0.0
  • bump flutter_lints package dependency to 3.0.x

New features

  • Update LogtoConfig to support new organization features, including new organization scopes and fetching organization token
  • Add LogtoClient.getOrganizationToken method to support organization token retrieval

Other updates

  • Export all the necessary classes and interfaces from logto_core to logto_client package
  • Update the example app to demonstrate the new organization feature

v1.1.0 Bump dependency versions for Flutter 3.10.x

07 Jun 11:06
d2cbe13
Compare
Choose a tag to compare

Bug Fix

  • fix the Logto sign-out bug. The token revoke endpoint was misconfigured

Bump version

  • bump version to support Flutter 3.10
  • bump the HTTP dependency to the latest version
  • bump the flutter_web_auth dependency to the latest version
  • bump the flutter_secure_storage dependency to the latest version

v1.0.0 public

10 Apr 05:40
ce1911d
Compare
Choose a tag to compare

Official Public Package. Fully adapt for Logto cloud.

  • including RBAC support
  • adding new logtoClient.getUserInfo fetching method for retrieving authenticated user info

What's Changed

  • refactor(dart): remove role_names claim declaration in id_token by @simeng-li in #31
  • refactor(dart): replace idTokenHint with clientId in signout uri by @simeng-li in #32
  • feat(dart): update the userInfo API response type by @simeng-li in #36
  • feat(dart): add interaction mode props to the signIn method by @simeng-li in #33

Full Changelog: v0.0.2...v1.0.0

v0.0.2 Adapt RBAC

19 Jan 06:58
7723757
Compare
Choose a tag to compare
v0.0.2 Adapt RBAC Pre-release
Pre-release

What's Changed

Remove the hard-coded scope param of the getAccessToken request payload in Logto Client. Use OIDC-Provider's default behavior.

  • if no resource indicator is provided, an IdToken and an opaque Access Token will be issued.
  • if a valid resource indicator is present, a JWT Access Token will be issued with all the scopes pre-granted for that target resource.
  • refactor(dart): remove scope from getAccessToken payload by @simeng-li in #30

Full Changelog: v0.0.1...v0.0.2

v0.0.1

18 Oct 07:04
d2c2297
Compare
Choose a tag to compare
v0.0.1 Pre-release
Pre-release

Packages

Name Description
logto_core Core SDK is used for generation dart project with basic API and util method provided.
logto_client Client SDK for flutter native apps. Built based on logto_core with user sign-in interaction flow integrated

Platforms

iOS, Android

Features

  • User sign-in using Logto's webAuth
  • User sign-out
  • Retrieve idToken claims
  • Retrieve access token