### Quickstart: Login, Status, Token, Logout Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc_cli.md A sequence of commands to perform a full OIDC authentication flow: login, check status, get a token, and finally logout. ```bash oidc login interactive --issuer https://issuer.example.com --client-id your-client-id oidc status oidc token get oidc logout ``` -------------------------------- ### Linux flutter_secure_storage Setup Source: https://github.com/bdaya-dev/oidc/wiki/oidc~getting started Configure build and stage packages for flutter_secure_storage on Linux using snapcraft. Ensure necessary development and runtime libraries are installed. ```yaml parts: uet-lms: source: . plugin: flutter flutter-target: lib/main.dart build-packages: - libsecret-1-dev - libjsoncpp-dev stage-packages: - libsecret-1-0 - libjsoncpp-dev ``` -------------------------------- ### Install Executable Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/CMakeLists.txt Installs the application executable to the root of the installation prefix. This makes the main binary available in the bundle. ```cmake install(TARGETS ${BINARY_NAME} RUNTIME DESTINATION "${CMAKE_INSTALL_PREFIX}" COMPONENT Runtime) ``` -------------------------------- ### Install Dependencies Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_loopback_listener/README.md Run dart pub get to install the project dependencies after updating pubspec.yaml. ```sh dart pub get ``` -------------------------------- ### Define Installation Directories Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/CMakeLists.txt Sets variables for the data and library directories within the installation bundle. These are used for subsequent install commands. ```cmake set(INSTALL_BUNDLE_DATA_DIR "${CMAKE_INSTALL_PREFIX}/data") set(INSTALL_BUNDLE_LIB_DIR "${CMAKE_INSTALL_PREFIX}/lib") ``` -------------------------------- ### Install oidc_cli from pub.dev Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc_cli.md Installs the oidc_cli globally using dart pub global activate. ```bash dart pub global activate oidc_cli ``` -------------------------------- ### Install very_good_cli Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_default_store/README.md Install the very_good_cli tool globally to manage and run tests for your project. ```sh dart pub global activate very_good_cli ``` -------------------------------- ### Install Flutter Library Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/CMakeLists.txt Installs the main Flutter library file to the lib directory of the installation bundle. This is a core component for Flutter applications. ```cmake install(FILES "${FLUTTER_LIBRARY}" DESTINATION "${INSTALL_BUNDLE_LIB_DIR}" COMPONENT Runtime) ``` -------------------------------- ### Install Dependencies Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_default_store/README.md Run this command in your terminal to fetch and install the project dependencies after updating pubspec.yaml. ```sh flutter packages get ``` -------------------------------- ### Configure Installation Prefix for Bundle Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/CMakeLists.txt Sets the installation prefix to a bundle directory within the build directory. This makes the installation process create a self-contained bundle. ```cmake # === Installation === # By default, "installing" just makes a relocatable bundle in the build # directory. set(BUILD_BUNDLE_DIR "${PROJECT_BINARY_DIR}/bundle") if(CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT) set(CMAKE_INSTALL_PREFIX "${BUILD_BUNDLE_DIR}" CACHE PATH "..." FORCE) endif() ``` -------------------------------- ### Usage Example for HTTP Client Wrapper Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc-usage-accesstoken.md Shows how to instantiate and use the OidcHttpClient to make requests with the access token automatically included. ```dart final client = OidcHttpClient( originalClient: Client(), userManager: manager, ); // client.get(...); // client.post(...); ``` -------------------------------- ### Clean Build Bundle Directory on Install Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/CMakeLists.txt Installs a custom command to remove the build bundle directory before installation. This ensures a clean installation by removing old files. ```cmake # Start with a clean build bundle directory every time. install(CODE " file(REMOVE_RECURSE \"${BUILD_BUNDLE_DIR}/\") " COMPONENT Runtime) ``` -------------------------------- ### Add Oidc Web Core Package Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_web_core/README.md Install the oidc_web_core package using the dart pub add command. ```sh dart pub add oidc_web_core ``` -------------------------------- ### Add oidc_web_core and oidc_core Dependencies Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc_web_core.md Install the necessary packages for OIDC web core functionality using Dart's package manager. ```bash dart pub add oidc_web_core oidc_core ``` -------------------------------- ### Install ICU Data File Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/CMakeLists.txt Installs the ICU data file to the data directory of the installation bundle. This file is required for internationalization support. ```cmake install(FILES "${FLUTTER_ICU_DATA_FILE}" DESTINATION "${INSTALL_BUNDLE_DATA_DIR}" COMPONENT Runtime) ``` -------------------------------- ### Run Development Server with webdev Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_web_core/example/README.md Activate and use the `webdev serve` command to run the application locally during development. This command starts a development server that provides hot-reloading and other development-friendly features. ```bash dart pub global activate webdev webdev serve ``` -------------------------------- ### Re-copy Assets Directory on Install Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/CMakeLists.txt Installs a custom command to remove and then copy the assets directory. This ensures that the assets in the bundle are always up-to-date with the build output. ```cmake # Fully re-copy the assets directory on each build to avoid having stale files # from a previous install. set(FLUTTER_ASSET_DIR_NAME "flutter_assets") install(CODE " file(REMOVE_RECURSE \"${INSTALL_BUNDLE_DATA_DIR}/${FLUTTER_ASSET_DIR_NAME}\") " COMPONENT Runtime) install(DIRECTORY "${PROJECT_BUILD_DIR}/${FLUTTER_ASSET_DIR_NAME}" DESTINATION "${INSTALL_BUNDLE_DATA_DIR}" COMPONENT Runtime) ``` -------------------------------- ### Usage Example for Dio Interceptor Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc-usage-accesstoken.md Demonstrates how to add the custom OidcUserManagerInterceptors to a dio instance. ```dart dio.interceptors.add(OidcUserManagerInterceptors(userManager: manager)); ``` -------------------------------- ### Set Install RPATH Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/CMakeLists.txt Configures the runtime search path for libraries. This ensures that the executable can find its shared libraries when run. ```cmake set(CMAKE_INSTALL_RPATH "$ORIGIN/lib") ``` -------------------------------- ### Token Get Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_cli/README.md Prints the current access token, refreshing it if needed. ```APIDOC ## `token get` Print the current access token, refreshing it if needed. ```bash oidc token get [--no-auto-refresh] ``` Options: - `--[no-]auto-refresh` (optional, default: enabled): If enabled, refreshes the token automatically when it is expired/expiring soon. Output: - Prints the raw access token to stdout. ``` -------------------------------- ### Install AOT Library Conditionally Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/CMakeLists.txt Installs the Ahead-Of-Time (AOT) compiled library on non-Debug builds. This library is used for performance optimization. ```cmake # Install the AOT library on non-Debug builds only. if(NOT CMAKE_BUILD_TYPE MATCHES "Debug") install(FILES "${AOT_LIBRARY}" DESTINATION "${INSTALL_BUNDLE_LIB_DIR}" COMPONENT Runtime) endif() ``` -------------------------------- ### Install Bundled Plugin Libraries Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/CMakeLists.txt Conditionally installs bundled plugin libraries if they exist. These are additional libraries required by specific Flutter plugins. ```cmake if(PLUGIN_BUNDLED_LIBRARIES) install(FILES "${PLUGIN_BUNDLED_LIBRARIES}" DESTINATION "${INSTALL_BUNDLE_LIB_DIR}" COMPONENT Runtime) endif() ``` -------------------------------- ### Set Minimum CMake Version and Project Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/CMakeLists.txt Specifies the minimum required CMake version and names the project. This is a standard starting point for any CMake project. ```cmake cmake_minimum_required(VERSION 3.10) project(runner LANGUAGES CXX) ``` -------------------------------- ### Local Storage Helper Functions Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_web_core/example/web/redirect.html Provides utility functions for interacting with local storage, specifically for OIDC-related data. Includes functions to get and set items with a defined namespace. ```javascript function getLocalStorage(namespace, key) { const rawRes = localStorage.getItem('oidc.' + namespace + '.' + key); if (!rawRes) { return null; } return rawRes; } ``` ```javascript function setLocalStorage(namespace, key, value) { const keysEntryKey = 'oidc.keys.' + namespace; var keys = localStorage.getItem(keysEntryKey); if (!keys) { keys = "[]"; } const parsedKeys = JSON.parse(keys); if (!(parsedKeys instanceof Array)) { console.error('parsedKeys is not an array.', parsedKeys); } parsedKeys.push(key); localStorage.setItem(keysEntryKey, JSON.stringify(parsedKeys)); localStorage.setItem('oidc.' + namespace + '.' + key, value); } ``` -------------------------------- ### Sign and Verify Data with HMAC-SHA256 Source: https://github.com/bdaya-dev/oidc/blob/main/packages/crypto_keys_plus/README.md Example of creating a key pair from a JWK, signing content using HMAC-SHA256, and verifying the signature with the public key. ```dart import 'package:crypto_keys/crypto_keys.dart'; import 'dart:typed_data'; main() { // Create a key pair from a JWK representation var keyPair = new KeyPair.fromJwk({ "kty": "oct", "k": "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75" "aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow" }); // A key pair has a private and public key, possibly one of them is null, if // required info was not available when construction // The private key can be used for signing var privateKey = keyPair.privateKey; // Create a signer for the key using the HMAC/SHA-256 algorithm var signer = privateKey.createSigner(algorithms.signing.hmac.sha256); // Sign some content, to be integrity protected var content = "It's me, really me"; var signature = signer.sign("It's me, really me".codeUnits); print("Signing '$content'"); print("Signature: ${signature.data}"); // The public key can be used for verifying the signature var publicKey = keyPair.publicKey; // Create a verifier for the key using the specified algorithm var verifier = publicKey.createVerifier(algorithms.signing.hmac.sha256); var verified = verifier.verify(new Uint8List.fromList(content.codeUnits), signature); if (verified) print("Verification succeeded"); else print("Verification failed"); } ``` -------------------------------- ### listenToFrontChannelLogoutRequests Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc-usage.md Listens to incoming front channel logout requests. The listenTo parameter determines which path should be listened to for receiving the request. On Windows/Linux/macOS, this starts a server on the same port. ```APIDOC ## listenToFrontChannelLogoutRequests ### Description Listens to incoming front channel logout requests. The listenTo parameter determines which path should be listened to for receiving the request. On Windows/Linux/macOS, this starts a server on the same port. ### Method `static Stream listenToFrontChannelLogoutRequests({ required Uri listenTo, OidcFrontChannelRequestListeningOptions options = const OidcFrontChannelRequestListeningOptions(), }); ``` -------------------------------- ### Proxy Dart Pub Get Command Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_cli/README.md Execute the 'dart pub get' command through the oidc_cli proxy. This ensures the OIDC session token is up-to-date for authenticated package publishing. ```bash oidc dart pub get ``` -------------------------------- ### Listen for Front Channel Logout Requests Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc-usage.md Listens for incoming front-channel logout requests on a specified URI. On Windows, Linux, and macOS, this starts a server on the same port. Configure the listening path using the 'listenTo' parameter. ```dart static Stream listenToFrontChannelLogoutRequests({ required Uri listenTo, OidcFrontChannelRequestListeningOptions options = const OidcFrontChannelRequestListeningOptions(), }); ``` -------------------------------- ### getPlatformEndSessionResponse Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc-usage.md Starts the end session flow and returns the response. Consider using OidcEndpoints.getProviderMetadata to obtain the metadata parameter if it's not readily available. ```APIDOC ## getPlatformEndSessionResponse ### Description Starts the end session flow and returns the response. Consider using OidcEndpoints.getProviderMetadata to obtain the metadata parameter if it's not readily available. ### Method `static Future getPlatformEndSessionResponse({ required OidcProviderMetadata metadata, required OidcEndSessionRequest request, OidcPlatformSpecificOptions options = const OidcPlatformSpecificOptions(), }); ``` -------------------------------- ### Start OIDC End Session Flow Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc-usage.md Initiates the OIDC end session flow. Consider fetching provider metadata using OidcEndpoints.getProviderMetadata. ```dart static Future getPlatformEndSessionResponse({ required OidcProviderMetadata metadata, required OidcEndSessionRequest request, OidcPlatformSpecificOptions options = const OidcPlatformSpecificOptions(), }); ``` -------------------------------- ### Configure Flutter library and headers Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/flutter/CMakeLists.txt Defines the path to the Flutter Linux GTK shared library and its associated header files. These are published to the parent scope for use in installation steps. ```cmake set(FLUTTER_LIBRARY "${EPHEMERAL_DIR}/libflutter_linux_gtk.so") # Published to parent scope for install step. set(FLUTTER_LIBRARY ${FLUTTER_LIBRARY} PARENT_SCOPE) set(FLUTTER_ICU_DATA_FILE "${EPHEMERAL_DIR}/icudtl.dat" PARENT_SCOPE) set(PROJECT_BUILD_DIR "${PROJECT_DIR}/build/" PARENT_SCOPE) set(AOT_LIBRARY "${PROJECT_DIR}/build/lib/libapp.so" PARENT_SCOPE) ``` -------------------------------- ### Run Unit Tests and Generate Coverage Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_core/README.md Commands to activate the coverage tool, run unit tests, format coverage data, and generate an HTML report. ```sh dart pub global activate coverage 1.2.0 dart test --coverage=coverage dart pub global run coverage:format_coverage --lcov --in=coverage --out=coverage/lcov.info ``` ```sh # Generate Coverage Report genhtml coverage/lcov.info -o coverage/ # Open Coverage Report open coverage/index.html ``` -------------------------------- ### Add oidc_desktop to pubspec.yaml Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_desktop/README.md To begin using Oidc Desktop, add the package to your project's pubspec.yaml file under dependencies. ```yaml dependencies: oidc_desktop: ``` -------------------------------- ### Build Production Version with webdev Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_web_core/example/README.md Use the `webdev build` command to create a production-ready build of the web application. This command optimizes the code for deployment. ```bash webdev build ``` -------------------------------- ### Run Unit Tests with Coverage Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_default_store/README.md Execute all unit tests and generate a coverage report using the very_good_cli. ```sh very_good test --coverage ``` -------------------------------- ### Proxy Flutter Pub Get Command Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_cli/README.md Execute the 'flutter pub get' command through the oidc_cli proxy. This ensures the OIDC session token is up-to-date for authenticated package publishing. ```bash oidc flutter pub get ``` -------------------------------- ### Activate oidc_cli Locally Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_cli/README.md Activate the CLI locally from the repository root using Melos or directly via path. ```bash dart run melos run oidc:activate ``` ```bash dart pub global activate --source path packages/oidc_cli ``` -------------------------------- ### Load Flutter Entrypoint Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_web/example/web/index.html This JavaScript code initializes the Flutter engine and runs the application. It's designed to be executed when the web page loads. ```javascript const serviceWorkerVersion = null; window.addEventListener('load', function(ev) { // Download main.dart.js _flutter.loader.loadEntrypoint({ serviceWorker: { serviceWorkerVersion: serviceWorkerVersion, }, onEntrypointLoaded: function(engineInitializer) { engineInitializer.initializeEngine().then(function(appRunner) { appRunner.runApp(); }); } }); }); ``` -------------------------------- ### Add oidc_flutter_appauth to pubspec.yaml Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_flutter_appauth/README.md To start using this package, add it to your project's pubspec.yaml file under dependencies. ```yaml dependencies: oidc_flutter_appauth: ``` -------------------------------- ### Interactive OIDC Login with Custom Store Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_cli/README.md Log in interactively to an OIDC provider while specifying a custom location for the OIDC store file. ```bash oidc --store ./oidc-store.json login interactive \ --issuer https://issuer.example.com \ --client-id your-client-id ``` -------------------------------- ### Add oidc_core to pubspec.yaml Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_core/README.md Add this dependency to your project's pubspec.yaml file to start using the oidc_core package. ```sh dart pub add oidc_core ``` -------------------------------- ### Activate oidc_cli directly from path Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc_cli.md Activates the oidc_cli globally using a local path source. ```bash dart pub global activate --source path packages/oidc_cli ``` -------------------------------- ### Get OIDC Access Token Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_cli/README.md Retrieve the current OIDC access token. The token will be automatically refreshed if it is expiring soon. ```bash oidc token get ``` -------------------------------- ### Basic OidcUserManager Usage Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/README.md Demonstrates the basic steps to create, initialize, listen for user changes, log in using the authorization code flow, and log out with the OidcUserManager. ```dart //1. create the manager: final manager = OidcUserManager.lazy( discoveryDocumentUri: OidcUtils.getOpenIdConfigWellKnownUri( Uri.parse('https://server.example.com'), ), // TODO: add other settings ); //2. init() await manager.init(); //3. listen to user changes manager.userChanges().listen((user) { print('currentUser changed to $user'); }); //4. login final newUser = await manager.loginAuthorizationCodeFlow(); //5. logout await manager.logout(); ``` -------------------------------- ### Get OIDC token Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc_cli.md Retrieves the current OIDC access token. It will automatically refresh if the token is expiring soon, unless disabled. ```bash oidc token get [--no-auto-refresh] ``` -------------------------------- ### Device login with oidc_cli Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc_cli.md Initiates an OIDC login flow using the Device Authorization Grant. This is useful for devices without direct browser access. ```bash oidc login device [options] ``` -------------------------------- ### Activate oidc_cli from this repo Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc_cli.md Activates the oidc_cli by running a melos command from the local repository. ```bash dart run melos run oidc:activate ``` -------------------------------- ### Encrypt and Decrypt Data with AES-GCM Source: https://github.com/bdaya-dev/oidc/blob/main/packages/crypto_keys_plus/README.md Example of generating a symmetric key pair, encrypting content with AES-GCM and additional authenticated data, and then decrypting it. ```dart import 'package:crypto_keys/crypto_keys.dart'; import 'dart:typed_data'; main() { // Generate a new random symmetric key pair var keyPair = new KeyPair.generateSymmetric(128); // Use the public key to create an encrypter with the AES/GCM algorithm var encrypter = keyPair.publicKey.createEncrypter(algorithms.encryption.aes.gcm); // Encrypt the content with an additional authentication data for integrity // protection var content = "A very secret text"; var aad = "It is me"; var v = encrypter.encrypt(new Uint8List.fromList(content.codeUnits), additionalAuthenticatedData: new Uint8List.fromList(aad.codeUnits)); print("Encrypting '$content'"); print("Ciphertext: ${v.data}"); print("Authentication tag: ${v.authenticationTag}"); // Use the private key to create the decrypter var decrypter = keyPair.privateKey.createEncrypter(algorithms.encryption.aes.gcm); // Decrypt and verify authentication tag var decrypted = decrypter.decrypt(v); print("Decrypted text: '${new String.fromCharCodes(decrypted)}'"); } ``` -------------------------------- ### Parse X.509 Certificate from PEM File Source: https://github.com/bdaya-dev/oidc/blob/main/packages/x509_plus/README.md Demonstrates how to parse an X.509 certificate from a PEM file using the x509_plus package. Ensure the 'cert.pem' file exists in the same directory. ```dart import 'package:x509_plus/x509.dart'; import 'dart:io'; void main() { var cert = parsePem(new File('cert.pem').readAsStringSync()); print(cert); } ``` -------------------------------- ### Generate and Open Coverage Report Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_loopback_listener/README.md Generate an HTML coverage report using genhtml and open it in a web browser. ```sh # Generate Coverage Report genhtml coverage/lcov.info -o coverage/ # Open Coverage Report open coverage/index.html ``` -------------------------------- ### Initiate Login with Authorization Code Flow Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc-usage.md Call this method to initiate the Authorization Code Flow. It uses previously configured settings but allows overriding parameters like originalUri, extraStateData, and extra parameters for token requests. ```dart manager.loginAuthorizationCodeFlow() ``` -------------------------------- ### Find and check system-level GTK dependencies Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/flutter/CMakeLists.txt Uses PkgConfig to find and check for required GTK, GLIB, GIO, and BLKID libraries. These are essential for the Flutter GTK backend. ```cmake find_package(PkgConfig REQUIRED) pkg_check_modules(GTK REQUIRED IMPORTED_TARGET gtk+-3.0) pkg_check_modules(GLIB REQUIRED IMPORTED_TARGET glib-2.0) pkg_check_modules(GIO REQUIRED IMPORTED_TARGET gio-2.0) pkg_check_modules(BLKID REQUIRED IMPORTED_TARGET blkid) ``` -------------------------------- ### Create a JWT Source: https://github.com/bdaya-dev/oidc/blob/main/packages/jose_plus/README.md Illustrates the creation of a JSON Web Token (JWT) signed as a JSON Web Signature (JWS). This involves defining claims, a signing key, and the signing algorithm. ```dart main() async { var claims = new JsonWebTokenClaims.fromJson({ "exp": new Duration(hours: 4).inSeconds, "iss": "alice", }); // create a builder, decoding the JWT in a JWS, so using a // JsonWebSignatureBuilder var builder = new JsonWebSignatureBuilder(); // set the content builder.jsonContent = claims.toJson(); // add a key to sign, can only add one for JWT builder.addRecipient( new JsonWebKey.fromJson({ "kty": "oct", "k": "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow" }), algorithm: "HS256"); // build the jws var jws = builder.build(); // output the compact serialization print("jwt compact serialization: ${jws.toCompactSerialization()}"); } ``` -------------------------------- ### Add OIDC Dependencies Source: https://github.com/bdaya-dev/oidc/wiki/oidc~getting started Add the oidc and oidc_default_store packages to your project using Dart Pub. ```sh dart pub add oidc oidc_default_store ``` -------------------------------- ### Implement Maximum Offline Duration Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc-offline-auth.md Track the start of offline mode and periodically check the duration. Force re-authentication if the user has been offline for a predefined maximum period, such as 7 days. ```dart // Track when offline mode started DateTime? offlineModeStart; manager.events().listen((event) { if (event is OidcOfflineModeEnteredEvent) { offlineModeStart = event.at; } else if (event is OidcOfflineModeExitedEvent) { offlineModeStart = null; } }); // Check offline duration periodically Timer.periodic(Duration(hours: 1), (timer) { if (offlineModeStart != null) { final offlineDuration = DateTime.now().difference(offlineModeStart!); if (offlineDuration > Duration(days: 7)) { // Force re-authentication after 7 days offline await manager.forgetUser(); // Navigate to login screen } } }); ``` -------------------------------- ### Create Flutter Wrapper Plugin Library Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/windows/flutter/CMakeLists.txt Builds a static library for the Flutter C++ wrapper intended for plugins. It includes core and plugin-specific sources, applies standard build settings, and links against the Flutter library. ```cmake list(APPEND CPP_WRAPPER_SOURCES_CORE "core_implementations.cc" "standard_codec.cc" ) list(TRANSFORM CPP_WRAPPER_SOURCES_CORE PREPEND "${WRAPPER_ROOT}/") list(APPEND CPP_WRAPPER_SOURCES_PLUGIN "plugin_registrar.cc" ) list(TRANSFORM CPP_WRAPPER_SOURCES_PLUGIN PREPEND "${WRAPPER_ROOT}/") # Wrapper sources needed for a plugin. add_library(flutter_wrapper_plugin STATIC ${CPP_WRAPPER_SOURCES_CORE} ${CPP_WRAPPER_SOURCES_PLUGIN} ) apply_standard_settings(flutter_wrapper_plugin) set_target_properties(flutter_wrapper_plugin PROPERTIES POSITION_INDEPENDENT_CODE ON) set_target_properties(flutter_wrapper_plugin PROPERTIES CXX_VISIBILITY_PRESET hidden) target_link_libraries(flutter_wrapper_plugin PUBLIC flutter) target_include_directories(flutter_wrapper_plugin PUBLIC "${WRAPPER_ROOT}/include" ) add_dependencies(flutter_wrapper_plugin flutter_assemble) ``` -------------------------------- ### Get Last Successful Server Contact Time Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc-offline-auth.md Retrieve the timestamp of the last successful server communication. Useful for displaying 'Last synced' status in the UI. Returns null if no server contact has occurred. ```dart class OidcUserManagerBase { /// Gets the last time the manager successfully communicated with the server. /// This can be useful for displaying "Last synced" information in the UI. /// Returns null if no successful server contact has been made yet. DateTime? get lastSuccessfulServerContact; } ``` -------------------------------- ### Create a JWE Source: https://github.com/bdaya-dev/oidc/blob/main/packages/jose_plus/README.md Demonstrates how to create a JSON Web Encryption (JWE) object. This involves setting content, protected headers, recipient keys, and the content encryption algorithm. ```dart main() async { // create a builder var builder = new JsonWebEncryptionBuilder(); // set the content builder.stringContent = "This is my bigest secret"; // set some protected header builder.setProtectedHeader("createdAt", new DateTime.now().toIso8601String()); // add a key to encrypt the Content Encryption Key var jwk = new JsonWebKey.fromJson( { "kty": "RSA", "n": "sXchDaQebHnPiGvyDOAT4saGEUetSyo9MKLOoWFsueri23bOdgWp4Dy1Wl" "UzewbgBHod5pcM9H95GQRV3JDXboIRROSBigeC5yjU1hGzHHyXss8UDpre" "cbAYxknTcQkhslANGRUZmdTOQ5qTRsLAt6BTYuyvVRdhS8exSZEy_c4gs_" "7svlJJQ4H9_NxsiIoLwAEk7-Q3UXERGYw_75IDrGA84-lA_-Ct4eTlXHBI" "Y2EaV7t7LjJaynVJCpkv4LKjTTAumiGUIuQhrNhZLuF_RJLqHpM2kgWFLU" "7-VTdL1VbC2tejvcI2BlMkEpk1BzBZI0KQB0GaDWFLN-aEAw3vRw", "e": "AQAB", "d": "VFCWOqXr8nvZNyaaJLXdnNPXZKRaWCjkU5Q2egQQpTBMwhprMzWzpR8Sxq" "1OPThh_J6MUD8Z35wky9b8eEO0pwNS8xlh1lOFRRBoNqDIKVOku0aZb-ry" "nq8cxjDTLZQ6Fz7jSjR1Klop-YKaUHc9GsEofQqYruPhzSA-QgajZGPbE_" "0ZaVDJHfyd7UUBUKunFMScbflYAAOYJqVIVwaYR5zWEEceUjNnTNo_CVSj" "-VvXLO5VZfCUAVLgW4dpf1SrtZjSt34YLsRarSb127reG_DUwg9Ch-Kyvj" "T1SkHgUWRVGcyly7uvVGRSDwsXypdrNinPA4jlhoNdizK2zF2CWQ", "p": "9gY2w6I6S6L0juEKsbeDAwpd9WMfgqFoeA9vEyEUuk4kLwBKcoe1x4HG68" "ik918hdDSE9vDQSccA3xXHOAFOPJ8R9EeIAbTi1VwBYnbTp87X-xcPWlEP" "krdoUKW60tgs1aNd_Nnc9LEVVPMS390zbFxt8TN_biaBgelNgbC95sM", "q": "uKlCKvKv_ZJMVcdIs5vVSU_6cPtYI1ljWytExV_skstvRSNi9r66jdd9-y" "BhVfuG4shsp2j7rGnIio901RBeHo6TPKWVVykPu1iYhQXw1jIABfw-MVsN" "-3bQ76WLdt2SDxsHs7q7zPyUyHXmps7ycZ5c72wGkUwNOjYelmkiNS0", "dp": "w0kZbV63cVRvVX6yk3C8cMxo2qCM4Y8nsq1lmMSYhG4EcL6FWbX5h9yuv" "ngs4iLEFk6eALoUS4vIWEwcL4txw9LsWH_zKI-hwoReoP77cOdSL4AVcra" "Hawlkpyd2TWjE5evgbhWtOxnZee3cXJBkAi64Ik6jZxbvk-RR3pEhnCs", "dq": "o_8V14SezckO6CNLKs_btPdFiO9_kC1DsuUTd2LAfIIVeMZ7jn1Gus_Ff" "7B7IVx3p5KuBGOVF8L-qifLb6nQnLysgHDh132NDioZkhH7mI7hPG-PYE_" "odApKdnqECHWw0J-F0JWnUd6D2B_1TvF9mXA2Qx-iGYn8OVV1Bsmp6qU", "qi": "eNho5yRBEBxhGBtQRww9QirZsB66TrfFReG_CcteI1aCneT0ELGhYlRlC" "tUkTRclIfuEPmNsNDPbLoLqqCVznFbvdB7x-Tl-m0l_eFTj2KiqwGqE9PZ" "B9nNTwMVvH3VRRSLWACvPnSiwP8N5Usy-WRXS-V7TbpxIhvepTfE0NNo" }, ); builder.addRecipient(jwk, algorithm: "RSA1_5"); // set the content encryption algorithm to use builder.encryptionAlgorithm = "A128CBC-HS256"; // build the jws var jwe = builder.build(); // output the compact serialization print("jwe compact serialization: ${jwe.toCompactSerialization()}"); // output the json serialization print("jwe json serialization: ${jwe.toJson()}"); } ``` -------------------------------- ### Start OIDC Authorization Flow Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc-usage.md Initiates the OIDC authorization flow. On Android/iOS/macOS, if the response type is not 'code', this method returns null. It does not perform token exchange. Consider fetching provider metadata using OidcEndpoints.getProviderMetadata. ```dart static Future getPlatformAuthorizationResponse({ required OidcProviderMetadata metadata, required OidcAuthorizeRequest request, OidcPlatformSpecificOptions options = const OidcPlatformSpecificOptions(), }); ``` -------------------------------- ### Android Application Tag Configuration for Backup Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc-getting-started.md Add android:fullBackupContent and android:dataExtractionRules attributes to the application tag in AndroidManifest.xml. ```diff ``` -------------------------------- ### getPlatformAuthorizationResponse Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc-usage.md Starts the authorization flow and returns the response. On Android/iOS/macOS, if the request's responseType is not 'code', it returns null. This method does not perform token exchange. Consider using OidcEndpoints.getProviderMetadata to obtain the metadata parameter if it's not readily available. ```APIDOC ## getPlatformAuthorizationResponse ### Description Starts the authorization flow and returns the response. On Android/iOS/macOS, if the request's responseType is not 'code', it returns null. This method does not perform token exchange. Consider using OidcEndpoints.getProviderMetadata to obtain the metadata parameter if it's not readily available. ### Method `static Future getPlatformAuthorizationResponse({ required OidcProviderMetadata metadata, required OidcAuthorizeRequest request, OidcPlatformSpecificOptions options = const OidcPlatformSpecificOptions(), }); ``` -------------------------------- ### prepareImplicitFlowRequest Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc_core.md Prepares an implicit flow request by generating a state parameter. ```APIDOC ## prepareImplicitFlowRequest ### Description Prepares an opinionated implicit flow request by creating a state parameter. ### Method (Not specified, likely a client-side SDK method) ### Endpoint (Not applicable for this client-side SDK method) ### Parameters (Not specified in source) ### Request Example (Not specified in source) ### Response (Not specified in source) ``` -------------------------------- ### prepareAuthorizationCodeFlowRequest Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc_core.md Prepares an authorization code flow request, including generating a PKCE pair and a state parameter. ```APIDOC ## prepareAuthorizationCodeFlowRequest ### Description Prepares an opinionated authorization code flow request by creating a PKCE pair and a state parameter. ### Method (Not specified, likely a client-side SDK method) ### Endpoint (Not applicable for this client-side SDK method) ### Parameters (Not specified in source) ### Request Example (Not specified in source) ### Response (Not specified in source) ``` -------------------------------- ### Run Unit Tests and Generate Coverage Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_loopback_listener/README.md Execute unit tests and generate a coverage report using dart test and the coverage package. ```sh dart pub global activate coverage 1.2.0 dart test --coverage=coverage dart pub global run coverage:format_coverage --lcov --in=coverage --out=coverage/lcov.info ``` -------------------------------- ### Configure Front Channel Logout Request Listening Options Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc-usage.md Set up options for listening to front channel logout requests, specifically for web platforms. Ensure the broadcast channel name matches the one in your redirect.html. ```dart frontChannelRequestListeningOptions: OidcFrontChannelRequestListeningOptions( //currently only supports web. web: OidcFrontChannelRequestListeningOptions_Web( broadcastChannel: 'oidc_flutter_web/request' ) ) ``` -------------------------------- ### Login Password Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_cli/README.md Logs in using the Resource Owner Password Credentials grant. ```APIDOC ## `login password` Log in using the Resource Owner Password Credentials grant. ```bash oidc login password \ --issuer \ --client-id \ --username \ --password ``` ``` -------------------------------- ### Initialize the OIDC Manager Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc_web_core.md Asynchronously initialize the OIDC user manager. This must be called before accessing user information or performing authentication actions. ```dart await manager.init(); ``` -------------------------------- ### Login with Resource Owner Password Credentials Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_cli/README.md Log in to an OIDC provider using the Resource Owner Password Credentials grant. This requires the issuer, client ID, username, and password. ```bash oidc login password \ --issuer \ --client-id \ --username \ --password ``` -------------------------------- ### Add Oidc Loopback Listener to pubspec.yaml Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_loopback_listener/README.md Add the oidc_loopback_listener package as a dependency in your pubspec.yaml file. ```yaml dependencies: oidc_loopback_listener: ``` -------------------------------- ### Create Flutter Wrapper App Library Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/windows/flutter/CMakeLists.txt Builds a static library for the Flutter C++ wrapper intended for the application runner. It includes core and application-specific sources, applies standard build settings, and links against the Flutter library. ```cmake list(APPEND CPP_WRAPPER_SOURCES_CORE "core_implementations.cc" "standard_codec.cc" ) list(TRANSFORM CPP_WRAPPER_SOURCES_CORE PREPEND "${WRAPPER_ROOT}/") list(APPEND CPP_WRAPPER_SOURCES_APP "flutter_engine.cc" "flutter_view_controller.cc" ) list(TRANSFORM CPP_WRAPPER_SOURCES_APP PREPEND "${WRAPPER_ROOT}/") # Wrapper sources needed for the runner. add_library(flutter_wrapper_app STATIC ${CPP_WRAPPER_SOURCES_CORE} ${CPP_WRAPPER_SOURCES_APP} ) apply_standard_settings(flutter_wrapper_app) target_link_libraries(flutter_wrapper_app PUBLIC flutter) target_include_directories(flutter_wrapper_app PUBLIC "${WRAPPER_ROOT}/include" ) add_dependencies(flutter_wrapper_app flutter_assemble) ``` -------------------------------- ### Custom command to assemble Flutter library and headers Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/flutter/CMakeLists.txt A custom command that uses `flutter_tools/bin/tool_backend.sh` to generate the Flutter library and header files. A phony target is used to ensure this command runs on every build. ```cmake add_custom_command( OUTPUT ${FLUTTER_LIBRARY} ${FLUTTER_LIBRARY_HEADERS} ${CMAKE_CURRENT_BINARY_DIR}/_phony_ COMMAND ${CMAKE_COMMAND} -E env ${FLUTTER_TOOL_ENVIRONMENT} "${FLUTTER_ROOT}/packages/flutter_tools/bin/tool_backend.sh" ${FLUTTER_TARGET_PLATFORM} ${CMAKE_BUILD_TYPE} VERBATIM ) add_custom_target(flutter_assemble DEPENDS "${FLUTTER_LIBRARY}" ${FLUTTER_LIBRARY_HEADERS} ) ``` -------------------------------- ### Find and Check GTK+ 3.0 Package Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/CMakeLists.txt Uses PkgConfig to find and check for the GTK+ 3.0 development files. This makes GTK+ available as an imported target for linking. ```cmake # System-level dependencies. find_package(PkgConfig REQUIRED) pkg_check_modules(GTK REQUIRED IMPORTED_TARGET gtk+-3.0) ``` -------------------------------- ### OIDC CLI Store Path Command Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc_cli.md Prints the resolved path where the OIDC CLI stores its configuration and tokens. ```bash oidc store-path ``` -------------------------------- ### Show OIDC status Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc_cli.md Displays the current authentication status and configuration details. ```bash oidc status ``` -------------------------------- ### Interactive login with oidc_cli Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc_cli.md Initiates an interactive OIDC login flow using the Authorization Code grant. Requires issuer and client ID. ```bash oidc login interactive --issuer --client-id [options] ``` -------------------------------- ### Set Runtime Output Directory for Executable Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc/example/linux/CMakeLists.txt Configures the executable's runtime output directory to a subdirectory. This is done to ensure resources are correctly located for bundled applications. ```cmake # Only the install-generated bundle's copy of the executable will launch # correctly, since the resources must in the right relative locations. To avoid # people trying to run the unbundled copy, put it in a subdirectory instead of # the default top-level location. set_target_properties(${BINARY_NAME} PROPERTIES RUNTIME_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}/intermediates_do_not_run" ) ``` -------------------------------- ### OIDC CLI Discovery Command Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc_cli.md Prints the OIDC discovery JSON. You can specify the issuer URL or a .well-known URI. ```bash oidc discovery [--issuer | --well-known ] ``` -------------------------------- ### Web Redirect URI Configuration Source: https://github.com/bdaya-dev/oidc/wiki/oidc~getting started Configure development and production redirect URIs for web applications. Ensure the `frontChannelLogoutUri` includes the `requestType` parameter for proper handling. ```dart final htmlPageLinkDevelopment = Uri.parse('http://localhost:22433/redirect.html'); final htmlPageLinkProduction = Uri.parse('https://mywebsite.com/redirect.html'); final htmlPageLink = kDebugMode ? htmlPageLinkDevelopment : htmlPageLinkProduction; final redirectUri = htmlPageLink; final postLogoutRedirectUri = htmlPageLink; final frontChannelLogoutUri = htmlPageLink.replace( queryParameters: { ...htmlPageLink.queryParameters, 'requestType': 'front-channel-logout' } ); ``` -------------------------------- ### Add oidc_default_store to pubspec.yaml Source: https://github.com/bdaya-dev/oidc/blob/main/packages/oidc_default_store/README.md Add the oidc_default_store dependency to your pubspec.yaml file to include it in your project. ```yaml dependencies: oidc_default_store: ``` -------------------------------- ### Initiate Login with Password Grant Source: https://github.com/bdaya-dev/oidc/blob/main/docs/oidc-usage.md Use this method for the Password Grant flow, requiring only username and password. Optionally, scopeOverride can be used to change the default scopes. ```dart manager.loginPassword(username: "user", password: "password") ```