flutter_appauth 8.0.3 flutter_appauth: ^8.0.3 copied to clipboard
This plugin provides an abstraction around the Android and iOS AppAuth SDKs so it can be used to communicate with OAuth 2.0 and OpenID Connect providers
[8.0.3] #
- [iOS][macOS] reverted change on attempt to add Swift Package Manager as there were issues found. 8.0.2 has now been considered retracted on pub.dev as a result
- Pinned compileSdkVersion of Android example app to 34 to continue support the current AGP versions until plugin and example app are updated
[8.0.2] #
- [iOS][macOS] bumped AppAuth iOS dependency to 1.7.6
- [iOS][macOS] BAD added Swift Package Manager support but "local" testing didn't uncover. This has been reverted by 8.0.3
[8.0.1] #
- Fixed issue 568 where compilation could fail with a
'OIDExternalUserAgent.h' file not found
error
[8.0.0+1] #
- Updated 8.0.0 as it was missing mention of the privacy manifest file to the macOS implementation of the plugin
[8.0.0] #
- Breaking change Replaced the
preferEphemeralSession
property in theAuthorizationRequest
,AuthorizationTokenRequest
andEndSessionRequest
classes withexternalUserAgent
. Thanks to the PR from john-slow.externalUserAgent
is presented by the newlyExternalUserAgent
enum that has the following valuesasWebAuthenticationSession
: uses the ASWebAuthenticationSession APIs where possible. This is the default value and was the default behaviour behaviour that aligns with what the AppAuth iOS SDK would do in choosing the best available user-agentephemeralAsWebAuthenticationSession
: uses an ephemeral session via the ASWebAuthenticationSession APIs. Applications that previously usedpreferEphemeralSession
and specified to betrue
can migrate by specifying this enum valuesfSafariViewController
: uses the SFSafariViewController APIs
- Updated iOS plugin details to indicate it needs a minimum iOS version of 11.0. This aligns with the minimum best supported version for Flutter 3.13.0
- Updated macOS plugin details to indicate it needs a minimum iOS version of 10.14. This aligns with the minimum best supported version for Flutter 3.13.0
- [Android] some refactoring around code related to
allowInsecureConnections
has been done in response to issue 554 - [Android] added logic to help with issues like 205 where an app tries to refresh a token but the instances of
AuthorizationService
have been disposed - [macOS] added privacy manifest file
7.0.1 #
- [iOS] correctly bumped AppAuth iOS dependency to 1.7.5. The 7.0.0 release mistakenly only bumped the dependency for macOS
7.0.0 #
- Breaking change Bumped minimum Flutter and Dart SDK constraints to 3.13.0 and 3.1.0 respectively
- Breaking change all methods have now been made to return non-nullable types
- [macOS] bumped AppAuth iOS dependency to 1.7.5
- Updated error handling to expose more details for each platform. Plugin will now throw
FlutterAppAuthUserCancelledException
when an authorization request has been cancelled as a result of the user closing the browser. For other scenarios the plugin will throwFlutterAppAuthPlatformException
. See the API docs for both classes for more details on the available details. Both exception classes inherit fromPlatformException
so the changes should be backwards compatible - Updated readme with more details on essential knowledge and links to OAuth 2.0 specifications
6.0.7 #
- [Android] updated plugin to specify
Theme.AppCompat.Translucent.NoTitleBar
as the theme for theRedirectUriReceiverActivity
from the AppAuth Android SDK. This is to fix a crash raised with issues #362 and #515
6.0.6 #
- [iOS][macOS] bumped AppAuth iOS dependency to 1.7.4
6.0.5 #
- [iOS] bumped AppAuth iOS dependency to 1.7.2
6.0.4 #
- [Android] when no suitable browser is found when calling either
authorize()
orauthorizeAndExchange()
, rather than crashing the plugin will now throw aPlatformException
with an error code ofno_browser_available
. Thanks to the PR from NikHomann - Removed duplicate asterisk from the 6.0.3 changelog entry around how the example app got updated
6.0.3 #
- [Android] community has reported that there seem to be instances where the plugin encounters a null intent on some devices upon processing a end session request. This resulted in a crash before but will now throw a
PlatformException
. Thanks to the PR from John - Updated example app so that the Android side specifies the minimum SDK version version that aligns with what's specified by the Flutter SDK
6.0.2+1 #
- [iOS] added privacy manifest
6.0.2 #
- [macOS] fixed deprecation warning around using
init
and to useinitWithPresentingWindow
via the AppAuth iOS/macOS SDK instead. Thanks to the PR from Ivan Tivonenko
6.0.1 #
- [iOS] updated plugin so it supports apps that leverage the multiple window capability that Apple added to iOS 13. Thanks to the PR from Jerold Albertson
- Added a link to the tutorials section of the readme that walks through how to use this plugin with Asgardeo. Thanks to the PR from Achintha Isuru
6.0.0 #
- Potentially breaking change [iOS][macOS] bumped AppAuth dependency to 1.6.2 where fixes were done to allow SDK to compile in Xcode 14 by bumping the minimum OS versions
- Bumped maximum Dart SDK constraint
- Recreated iOS and macOS side of example app so it would work with new Flutter 3.10 stable release
5.0.0 #
- Breaking change Bumped minimum Flutter SDK version to 3.0.0 and Dart SDK version to 2.17
- [Android] removed references to v1 embedding
- [Android] updated
compileSdkVersion
to 31 (Android 12) - [Android] bumped AGP (Android Gradle plugin) to 7.4.2
- [Android] conditionally adds a namespace for compatibility with AGP 8.0
- Note: it's quite likely that the AppAuth Android SDK itself requires this change going forward but this change will ensure that the
flutter_appauth
plugin has done this change ahead of time
- Note: it's quite likely that the AppAuth Android SDK itself requires this change going forward but this change will ensure that the
- Applied following updates to the example app on the Android side
- Bumped AGP to 7.4.2 and Gradle 7.5
- Used namespace instead of package identifier since the latter has been deprecated (reference: https://developer.android.com/build/releases/past-releases/agp-7-3-0-release-notes#package-deprecated). Note that as of this writing, using the
flutter run
command on the stable channel (i.e. Flutter version 3.7.1) to debug/run the app will in an error that says "package identifier or launch activity not found". However, an APK or app bundle can still be built and will run on a device. The Flutter team have already addressed this issue on the master channel that is currently on version 3.10.0-17.0.pre.21 so would expect the next stable release to contain the fix. Alternatively developers can manually restore the package identifier though this change was done to avoid issues from happening in the future
4.2.1+1 #
- Added comments to example app to explain how code challenge takes place per PKCE. Thanks to PR from Davide Ravasi
- Updated code for API docs to avoid lines longer than 80 characters
4.2.1 #
- [iOS][macOS] bumped AppAuth dependency to 1.6.0
4.2.0 #
- Added
preferEphemeralSession
toEndSessionRequest
Thanks to the PR from Daniel Ziegler
4.1.0+1 #
- Added missing credit to 4.1.0 changelog entry
- Updated readme to remove Android setup step for setting
queries
inAndroidManifest.xml
as that is now handled directly with the AppAuth Android SDK
4.0.1 #
- Bumped AppAuth iOS dependency. Thanks to PR from Didier Prophete
4.0.0 #
- Added support for macOS. Thanks to the PR from Jordy Langen
3.0.1 #
- [iOS] fix
nonce
not being returned correctly on iOS
3.0.0 #
- Breaking change
AuthorizationResponse
's constructor now includesnonce
and has changed to take positional parameters nonce
can now be specified forTokenRequest
class. This is especially useful on Android as the AppAuth Android SKD had turned on ID token validation that results in nonce mismatch errors. These errors should no longer appear when using thenonce
value returned by theAuthorizationResponse
object after callingauthorize()
and passing the value to theTokenRequest
when calling thetoken()
method- Bumped AppAuth Android SDK to 0.11.1 where the SDK reports that it has fixed an issue where rotating device could lead to the SDK reporting that the user cancelled login flow
2.4.2 #
- Added const constructor to
FlutterAppAuth
2.4.1+1 #
- Example app has been updated to point to the new demo IdentityServer instance
2.4.1 #
- [iOS] fixed issue with
scopes
not being sent correctly as they should've been space-delimited instead of comma-delimited. Thanks to the PR from Angle Wang
2.4.0 #
- Added
scopes
property toTokenResponse
class andAuthorizationTokenResponse
class that inherits from it. Thanks to PR from leoshusar - [Android] applied fix to a scenario where skipping https check on the issuer wasn't done for refreshing tokens. Thanks to the PR from Javier Puerto
2.3.0 #
- [Android]
claims
can now be passed as part of theadditionalParameters
included with requests without triggering an exception by the AppAuth Android SDK. Thanks to the PR from Garry Jeromson
2.2.0+1 #
- Updated Android setup section in the readme around setting the redirect scheme via manifest placeholders. If you've experienced Android build errors that says
applicationName
can't be found then check the readme for updated instructions, which is to use the+=
operation instead of=
on themanifestPlaceholders
property in thebuild.gradle
file
2.2.0 #
- [Android] updated error handling so more details are returned. Thanks to Andreas Kägi for originally starting on the PR
2.1.0+1 #
- Fix grammar in 2.1.0 changelog entry
2.1.0 #
- [Android]
ui_locales
can now be passed as part of theadditionalParameters
included with requests without triggering an exception by the AppAuth Android SDK. Thanks to the PR from dimitristoz
2.0.0 #
- Breaking change
AuthorizationServiceConfiguration
constructor has changed to take named parameters - Added
endSession()
method,EndSessionRequest
andEndSessionResponse
classes to support end session requests - [Android] skips https issuer check if
allowInsecureConnections
is true. Thanks to the PR from Roman Fürst - Bumped AppAuth Android and iOS SDK dependencies
- Added FAQs section to readme to describe a common iOS issue with Azure B2C and Azure AD
1.1.1 #
- [Android] Migrate maven repository from jcenter to mavenCentral.
1.1.0+2 #
- Bumped AppAuth Android and iOS dependencies
1.1.0+1 #
- Updated the minimum version iOS supported by the example app to 9.0 since Flutter 2.5 has deprecated support for 8.0
1.1.0 #
-
- Added the ability to specify the response mode for authorization requests. This can be done using the
responseMode
parameter when constructing either anAuthorizationRequest
orAuthorizationTokenRequest
. This was done as the AppAuth Android SDK throws an exception when this was done viaadditionalParameters
- Added the ability to specify the response mode for authorization requests. This can be done using the
- Updated Dart SDK constraints
1.0.0+1 #
- There are no functional changes in this release. The only changes done were to suppress warnings that were occurring as a result of making use of Android v1 embedding APIs for backwards compatibility
1.0.0 #
- Migrated to null safety
0.9.2+6 #
- [Android] community has reported that there seem to be instances where the plugin encounters a null intent on some devices upon processing a authorisation request. This resulted in a crash before but will now throw a
PlatformException
. Thanks to the PR from Leon Havenga
0.9.2+5 #
- Updated the Android setup section in the readme to include information for apps targeting Android 11 (API 30) or newer
- [Android] bumped compile SDK version for the plugin to 30
- Updated example app to use compile and target SDK version 30
0.9.2+4 #
0.9.2+3 #
- [Android] fix issue 79 where an authorisation request could cause the UI to momentarily hang due to AppAuth trying to warm up the browser
0.9.2+2 #
- Updated example app to use a new client id that works with the demo IdentityServer instance
0.9.2+1 #
- Updated readme to add a link to Auth0 blog post and mention that the value assigned to
appAuthRedirectScheme
within the Android application'sbuild.gradle
file should be all in lowercase
0.9.2 #
- [iOS] Fixes release build issue about including a non-modular header that came about from release 0.9.1+1. If you experienced issues with 0.9.1+1 (in my experience only occurs if your iOS app uses Swift), please update to 0.9.2
0.9.1 #
- [iOS] Update AppAuth SDK dependency to 1.3.1
0.9.0 #
- Bumped dependency on
flutter_appauth_platform_interface
- [iOS] The
preferEphemeralSession
property has been added to theAuthorizationRequest
andAuthorizationTokenRequest
classes. This enables authorization requests to be done a in private session that won't share cookies and other data with the user's regular browser. This property only works when run on iOS versions 13 and above. Thanks to the PR from Matthew Smith - BREAKING CHANGE bumping the
flutter_appauth_platform_interface
dependency includes the removal of thetoMap
method from all classes. These methods were used internally by plugin and thus have been removed - BREAKING CHANGE Bumped Gradle plugin to 3.6.3
0.8.3 #
- [Android] Fixed an issue where a
NullPointerException
could occur when too many operations are started at one time. Thanks to the PR from Josh Burton
0.8.2 #
- [Android] Fixed issue 98 where certain exceptions on Android could prevent the plugin from being able to perform more operations
0.8.1 #
- Bump dependency on
flutter_appauth_platform_interface
to take in fix for casting error that could apply upon callingtoken()
method
0.8.0 #
- Migrated plugin to use platform interface
- [Android] Support v2 Android embedding. Example app has been updated accordingly
- BREAKING CHANGE removed name constructor from
FlutterAppAuth
class that visible for testing - BREAKING CHANGE when grant type cannot be inferred, this now throws an
ArgumentError
instead of a string containing the error message - Fixed some formatting issues in the changelog
0.7.0+1 #
- Fix code snippet in readme where the variable for saving the result of the
token()
method should have been of typeTokenResponse
(issue 74). Thanks to PR from Stephen Owens.
0.7.0 #
- Add minimum version of Flutter (1.12.13+hotfix.5) to address
MissingPluginException
raised issue 66 - Update pubspec file of example app to reference plugin in the
dependencies
section instead ofdev_dependencies
to avoid confusion - Update changelog for 0.6.0 where the minimum Flutter version should have been added
0.6.0+1 #
- Correct changelog entry for 0.6.0 release. Previously reported plugin updated to use Gradle plugin 3.5.2 but should have written 3.5.3
0.6.0 #
- [Android] BREAKING CHANGE Bump Gradle plugin to 3.5.3
- [iOS] Fix issue 63 where
login_hint
andpromptValues
was only passed when using service discovery - Update pubspec to match latest version of pub
- NOTE: this release actually requires updating the latest Flutter stable release (1.12) but missed enforcing it in this release. If you run into a
MissingPluginException
from using this version, please update your Flutter SDK.
0.5.0 #
- [Android] BREAKING CHANGE Bump compile and target SDK versions to 29
- [Android] BREAKING CHANGE Bump Gradle plugin to version 3.5.2
- Bump example app to use Gradle distribution version 5.4.1
0.4.2 #
- [iOS] Update AppAuth SDK dependency to 1.2 so it works on iOS 13. Thanks to the PR from Aynur Dinmukhametov
0.4.0+1 #
- Make it clearer in the readme that AndroidX is required
0.4.0 #
- [iOS] Update AppAuth SDK dependency to 1.1
- Update email address in pubspec.yaml
- Add
GrantTypes
class as a convenience for other developers to use - BREAKING CHANGE
authorize
method has been corrected to accept an instance of theAuthorizationRequest
class as opposed to an instance of theAuthorizationTokenRequest
class even though a token isn't being requested
0.3.0+1 #
- Update email address in pubspec.yaml
0.3.0 #
- [iOS] Explicitly set to depend on version 1.0 of the AppAuth iOS SDK
- Added Cirrus CI configuration
0.2.1+2 #
- Updated README to fix section on refreshing tokens where
authorizationCode
was shown in code snippet by mistake
0.2.1+1 #
- Updated README to add a note suggesting developers to check the documentation of the identity provider they plan to use
0.2.1 #
- [iOS] Fix issue with
login_hint
OAuth parameter (specified by theloginHint
field of theAuthorizationTokenRequest
andAuthorizationRequest
classes). Example app has also been updated to demonstrate how to specify it - Added support for specifying the
prompt
OAuth parameter. This can be specified by populating thepromptValues
field in the either theAuthorizationTokenRequest
orAuthorizationRequest
class. Updated example app (note: code is commented out) to demonstrate how to use it
0.2.0 #
- BREAKING CHANGE Updated the Android Gradle plugin to version 3.4.0. Applies to both the library and sample app
- Updated README with a note for developers to check to see if their development environment on the Android is up to date as this should now be fixed with the release of Android Studio 3.4
- Updated the Gradle distribution used by the example app to 5.1.1
0.1.1 #
- Changed the request codes used internally on the Android side to be less than 16 bits. Thanks to the PR from Dviejopomata
0.1.0 #
- BREAKING CHANGE Updated lower bound of the Dark SDK constraints from 2.0.0-dev.68.0 to 2.1.0
- Added more details to the error messages when platform exceptions are raised e.g. when problems occur exchanging the authorization code. Note that there will be differences in the level of details that will be returned on each platform. This is due the differences between the SDKs on each platform
0.0.4+1 #
- No functional changes in this release. Just remove old comment in the code and changes to format the README more nicely
0.0.4 #
- BREAKING CHANGE renamed
authorizeAndExchangeToken
method toauthorizeAndExchangeCode
to reflect what happens behind the scenes - Added an
authorize
method that performs an authorization request to get an authorization code without exchanging it - Updated README and sample code to demonstrate the use of the
authorize
method, how to exchange the authorization code for tokens and how to perform an authorization request that will retrieve the disocvery document with an issuer instead of the full discovery endpoint URL.
0.0.3+1 #
- Fix code around inferring grant type.
- Update plugin description
0.0.3 #
- Fix to infer grant type based on what is provided when creating a token request (currently only refresh token is supported);
- Update README to include link to https://appauth.io
- Update example to include (commented out) code where the authorization and token endpoints can be explicit set instead of relying on discovery to fetch those endpoints
0.0.2+1 #
- Switch example to connect to test instance of IdentityServer4
0.0.2 #
- Fix error when either
discoveryUrl
orissuer
has been passed to theAuthorizationTokenRequest
constructor
0.0.1+1 #
- Update the README to add sections for setting up on Android and iOS
0.0.1 #
- Initial release of the plugin.