bapp_auth 0.2.1 copy "bapp_auth: ^0.2.1" to clipboard
bapp_auth: ^0.2.1 copied to clipboard

Published 3 days agoverified publishercbsoft.ro
SDKFlutter
PlatformAndroidiOSLinuxmacOSWindows

Metadata

Cross-platform authentication for BAPP framework platforms with Keycloak SSO and automatic token management

More...

0.2.1 #

  • Updated bapp_api_client dependency from ^0.4.4 to ^0.5.0

0.2.0 #

  • BREAKING: Replaced built-in API client with bapp_api_client package
    • Removed BappApiClient, ApiError, RetryConfig classes
    • Added dependency on bapp_api_client ^0.4.4
    • Re-exports BappApiClient and PagedList for convenience
  • New BappAuth orchestrator class
    • Single entry point for auth lifecycle: initialize → login → refresh → logout
    • Pre-configured BappApiClient with automatic bearer token injection
    • Reactive authStateStream for driving UI (initial, loading, authenticated, unauthenticated)
    • Configurable BAPP API host per project, fixed Keycloak hostname (id.bapp.ro)
  • New BappAuthConfig configuration
    • host: BAPP API base URL (configurable per project)
    • ssoAutoLogin: silent SSO login on initialize using prompt=none
    • sessionId: user-scoped token storage for shared devices (kiosk/POS)
  • Silent SSO with prompt=none
    • Non-interactive SSO passes prompt=none to Keycloak for instant response
    • No login form shown — if session exists, authenticates silently
    • Minimal browser flash on all platforms
  • Shared device support
    • sessionId scopes token storage per user (key: bapp_auth_token_{clientId}_{sessionId})
    • switchSession() method for switching users at runtime
    • Multiple users on same device never overwrite each other's tokens
  • AuthenticatedHttpClient
    • Transparent bearer token injection on all requests
    • Proactive refresh when token expiring within 30 seconds
    • Automatic retry on 498 (Token Expired) responses
    • Concurrent refresh prevention with lock
  • Android compatibility fix for flutter_web_auth_2 v5
    • Forces preferEphemeral: true on Android to trigger CustomTabsIntent fallback
    • Ensures compatibility with all Chrome versions (including Chrome 56+ on Android 7)
  • Bug fix: TokenResponse.fromJson now restores issuedAt
    • Previously, deserialized tokens always had issuedAt = DateTime.now(), making expired tokens appear valid
  • Updated dependencies: http ^1.6.0, flutter_web_auth_2 ^5.0.1, url_launcher ^6.3.2, crypto ^3.0.7
  • Integration tests: Cross-platform tests for macOS, iOS, Android (automated + interactive SSO)
  • 45 unit tests, 7 integration tests

0.1.5 #

  • Automatic Token Refresh: API client now automatically refreshes expired tokens
    • Proactive refresh when token is expiring within 30 seconds
    • Handles 498 (Token Expired) responses by refreshing and retrying
    • Concurrent refresh prevention with lock mechanism
    • onAuthRequired callback when refresh fails
  • Updated Dependencies: flutter_web_auth_2 ^4.1.0, shared_preferences ^2.5.4, flutter_lints ^6.0.0
  • Improved Documentation: Added dartdoc comments to 20%+ of public API
  • Code Quality: Fixed dart format issues, comprehensive test coverage (47 tests)

0.1.4 #

  • Fixed JSON handling in CI credentials

0.1.3 #

  • Fixed pub.dev token path for newer Dart versions

0.1.2 #

  • Fixed GitLab CI credentials handling for pub.dev publishing

0.1.1 #

  • Added GitLab CI/CD pipeline for automated publishing to pub.dev
  • Added .pubignore to exclude development files from published package

0.1.0 #

  • Initial release
  • Cross-platform OAuth Support:
    • Android (custom URL schemes)
    • iOS (custom URL schemes)
    • macOS (custom URL schemes)
    • Web (origin-based redirects)
    • Windows (localhost redirects)
    • Linux (localhost redirects)
  • Keycloak OAuth Integration:
    • SSO OpenID Connect flow with PKCE
    • Browser session reuse - Users already logged in to Keycloak in browser won't need to log in again!
    • Private/ephemeral mode option for fresh logins
    • Device authentication flow support
    • Automatic platform detection for redirect URIs
  • Token Management:
    • Token persistence with SharedPreferences
    • Automatic token refresh
    • Token expiration detection
  • Comprehensive API Client:
    • Inspired by Python SDK patterns
    • Token and Bearer authentication
    • CRUD operations for content types
    • Task, Action, and Widget APIs
    • Pagination support (streaming and bulk)
    • Multi-tenancy support
    • Automatic retry with exponential backoff
    • Error handling
  • Developer Experience:
    • PlatformConfig helper for automatic redirect URI detection
    • Complete platform configuration guide
    • Working example app with UI for all platforms
    • Comprehensive test coverage (12 tests)

Metadata

1
likes
160
points
93
downloads

Documentation

API reference

Publisher

verified publishercbsoft.ro

Weekly Downloads

Metadata

Cross-platform authentication for BAPP framework platforms with Keycloak SSO and automatic token management

Homepage

License

MIT (license)

Dependencies

bapp_api_client, crypto, flutter, flutter_web_auth_2, http, shared_preferences, url_launcher

More

Packages that depend on bapp_auth

Back