How to implement PKCE for flutter web?

michael.pang · April 8, 2024, 12:05pm

From the example provided by auth0, after user call auth0Web.loginWithRedirect(
redirectUrl: ‘https://myRedirect.com’,
);

The result is void, then how can we exchange tokens with authorization code?
From auth0-spa-js we can know that FE need call handleRedirectCallback, but auth0_web for flutter don’t have this api, shall we call it by javascript manually?

tyf · April 8, 2024, 8:55pm

Hey there @michael.pang welcome to the community!

Can you help me understand what you mean here? Upon successful authentication with loginWithRedirect users should be redirected back to your to your application. There isn’t a direct equivalent to handleRedirectCallback but maybe the onLoad method is what you’re looking for.

Here’s how it is utilized in the sample app:

github.com

auth0-samples/auth0-flutter-samples/blob/752d1a27ec2e632a83089e73dc409ac617e1515e/sample/lib/example_app.dart#L34


      
          
          @override
          void initState() {
            super.initState();
            auth0 = widget.auth0 ??
                Auth0(dotenv.env['AUTH0_DOMAIN']!, dotenv.env['AUTH0_CLIENT_ID']!);
            auth0Web =
                Auth0Web(dotenv.env['AUTH0_DOMAIN']!, dotenv.env['AUTH0_CLIENT_ID']!);
          
            if (kIsWeb) {
              auth0Web.onLoad().then((final credentials) => setState(() {
                    _user = credentials?.user;
                  }));
            }
          }
          
          Future<void> login() async {
            try {
              if (kIsWeb) {
                return auth0Web.loginWithRedirect(redirectUrl: 'http://localhost:3000');
              }

system · April 22, 2024, 8:56pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.