From 2030c4db9caa644055b6def3948f01aeff92dee0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vin=C3=ADcius=20Campitelli?= <1877191+vcampitelli@users.noreply.github.com> Date: Mon, 14 Aug 2023 16:05:50 -0300 Subject: [PATCH 1/3] :memo: Adding FusionAuth integration README --- app/README-FusionAuth.md | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 app/README-FusionAuth.md diff --git a/app/README-FusionAuth.md b/app/README-FusionAuth.md new file mode 100644 index 00000000..fa8eab16 --- /dev/null +++ b/app/README-FusionAuth.md @@ -0,0 +1,34 @@ +# Using AppAuth with [FusionAuth](https://fusionauth.io) + +[FusionAuth](https://fusionauth.io) is a customer authentication and authorization platform built by developers, for developers. It can be easily integrated to your AppAuth Android app with very few touches: + +1. Install FusionAuth using [Docker](https://fusionauth.io/docs/v1/tech/installation-guide/docker) (there are [other options available](https://fusionauth.io/docs/v1/tech/installation-guide/)) +2. [Expose the local instance to Internet](https://fusionauth.io/docs/v1/tech/developer-guide/exposing-instance) and copy the address ngrok gave you +3. Log into the admin UI using the ngrok address +4. Browse to `Tenants` and click on the blue pencil icon to edit the **Default** tenant + * In the `Issuer` field, paste the address you copied earlier + * Save the tenant +5. Navigate to the `Applications` page, click on the green plus icon to create one + * Give it a meaningful `Name` (e.g. `My Android App`) + * Select the `OAuth` tab and fill in these fields: + * `Client Authentication`: *Not required when using PKCE* + * `PKCE`: *Required* + * `Authorized redirect URLs`: your app redirect URI (e.g. `net.openid.appauthdemo:/oauth2redirect`) + * Go to the `JWT` tab + * Click on the `Enabled` switch + * Set both `Access token signing key` and `Id token signing key` to *Auto generate a new key on save...* to generate a new pair of asymmetric keys + * Save the application +6. After being redirected back to the `Applications` page, click on the green magnifying glass for the created application to view its details + * Scroll down to `OAuth2 & OpenID Connect Integration details` and copy the `OpenID Connect Discovery` address + * In the `OAuth configuration` section, copy the `Client Id` for the newly created application +7. In your Android app, edit `app/res/raw/auth_config.json` and paste the values you copied into lines 2 and 6: + ```json + { + "client_id": "THE CLIENT ID YOU COPIED FROM FUSIONAUTH", + "redirect_uri": "net.openid.appauthdemo:/oauth2redirect", + "end_session_redirect_uri": "net.openid.appauthdemo:/oauth2redirect", + "authorization_scope": "openid offline_access", + "discovery_uri": "THE OPENID CONNECT DISCOVERY ADDRESS YOU COPIED FROM FUSIONAUTH", + "https_required": true + } + ``` From 185e268ddc374477949c7d47b2fc0348f709b1be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vin=C3=ADcius=20Campitelli?= <1877191+vcampitelli@users.noreply.github.com> Date: Mon, 14 Aug 2023 16:06:15 -0300 Subject: [PATCH 2/3] :memo: Adding FusionAuth integration link to the README and sorting links --- app/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/README.md b/app/README.md index befcd884..2d0b5911 100644 --- a/app/README.md +++ b/app/README.md @@ -58,9 +58,10 @@ Each identity provider is free to submit a set of instructions for configuring t interact with their authorization endpoints. Those who have submitted instructions are listed below: +- [FusionAuth](README-FusionAuth.md) +- [Gluu](README-Gluu.md) - [Google](README-Google.md) - [Okta](README-Okta.md) -- [Gluu](README-Gluu.md) ## Should I use this same configuration pattern in my own apps? From 16a2be4e49285174a16313d6f2636fc0e449db67 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vin=C3=ADcius=20Campitelli?= <1877191+vcampitelli@users.noreply.github.com> Date: Tue, 15 Aug 2023 08:57:33 -0300 Subject: [PATCH 3/3] :memo: Updating instructions after Dan's review --- app/README-FusionAuth.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/README-FusionAuth.md b/app/README-FusionAuth.md index fa8eab16..5565da34 100644 --- a/app/README-FusionAuth.md +++ b/app/README-FusionAuth.md @@ -2,7 +2,7 @@ [FusionAuth](https://fusionauth.io) is a customer authentication and authorization platform built by developers, for developers. It can be easily integrated to your AppAuth Android app with very few touches: -1. Install FusionAuth using [Docker](https://fusionauth.io/docs/v1/tech/installation-guide/docker) (there are [other options available](https://fusionauth.io/docs/v1/tech/installation-guide/)) +1. Install FusionAuth on your [Cloud](https://fusionauth.io/docs/v1/tech/installation-guide/cloud), using [Docker](https://fusionauth.io/docs/v1/tech/installation-guide/docker), or check [other options available](https://fusionauth.io/docs/v1/tech/installation-guide/) 2. [Expose the local instance to Internet](https://fusionauth.io/docs/v1/tech/developer-guide/exposing-instance) and copy the address ngrok gave you 3. Log into the admin UI using the ngrok address 4. Browse to `Tenants` and click on the blue pencil icon to edit the **Default** tenant @@ -16,7 +16,7 @@ * `Authorized redirect URLs`: your app redirect URI (e.g. `net.openid.appauthdemo:/oauth2redirect`) * Go to the `JWT` tab * Click on the `Enabled` switch - * Set both `Access token signing key` and `Id token signing key` to *Auto generate a new key on save...* to generate a new pair of asymmetric keys + * Set both `Access token signing key` and `Id token signing key` to *Auto generate a new key on save...* to generate a new pair of asymmetric keys using the RS256 algorithm * Save the application 6. After being redirected back to the `Applications` page, click on the green magnifying glass for the created application to view its details * Scroll down to `OAuth2 & OpenID Connect Integration details` and copy the `OpenID Connect Discovery` address