android - 带有 oidc 的 Flutter 应用程序可以在 android 7 上运行,但不能在 v9 和 v10 上运行
问题描述
使用 keycloak 作为 UAA 的颤振应用程序与 android 版本 7 一起使用,但在 android 9、10 中使用 keycloak 应用程序成功登录后会抛出错误
以下是我的代码片段:
import 'package:flutter_appauth/flutter_appauth.dart';
Future<bool> oidcLogin() async {
print("entering oidclogin.........");
FlutterAppAuth appAuth = FlutterAppAuth();
final TokenResponse result = await appAuth.authorizeAndExchangeCode(
AuthorizationTokenRequest(CLIENT_ID, REDIRECT_URL,
serviceConfiguration: AuthorizationServiceConfiguration(
AUTHORIZATION_END_POINT, TOKEN_END_POINT),
scopes: [SCOPES],
allowInsecureConnections: true),
);
return true;
}
以下是错误
Error:
PlatformException(authorize_and_exchange_code_failed, Failed to authorize: [error: null, description: Network error], null)
Stack trace:
#0 StandardMethodCodec.decodeEnvelope (package:flutter/src/services/message_codecs.dart:569:7)
#1 MethodChannel.invokeMethod (package:flutter/src/services/platform_channel.dart:321:33)
#2 MethodChannelFlutterAppAuth.authorizeAndExchangeCode (package:flutter_appauth_platform_interface/src/method_channel_flutter_appauth.dart:31:57)
#3 FlutterAppAuth.authorizeAndExchangeCode (package:flutter_appauth/src/flutter_appauth.dart:7:44)
#4 oidcLogin (package:taskManagementApp/services/oidc-connector.dart:24:46)
#5 _SplashScreenState.tryAccessToken (package:taskManagementApp/pages/splashScreen.dart:174:11)
#6 _SplashScreenState.navigationPage (package:taskManagementApp/pages/splashScreen.dart:97:22)
#7 _rootRun (dart:async/zone.dart:1122:38)
#8 _CustomZone.run (dart:async/zone.dart:1023:19)
#9 _CustomZone.runGuarded (dart:async/zone.dart:925:7)
#10 _CustomZone.bindCallbackGuarded. (dart:async/zone.dart:965:23)
#11 _rootRun (dart:async/zone.dart:1126:13)
#12 _CustomZone.run (dart:async/zone.dart:1023:19)
#13 _CustomZone.bindCallback. (dart:async/zone.dart:949:23)
#14 Timer._createTimer. (dart:async-patch/timer_patch.dart:23:15)
#15 _Timer._runTimers (dart:isolate-patch/timer_impl.dart:384:19)
#16 _Timer._handleMessage (dart:isolate-patch/timer_impl.dart:418:5)
#17 _RawReceivePortImpl._handleMessage (dart:isolate-patch/isolate_patch.dart:174:12)
Device parameters:
id: QP1A.190711.020
androidId: fd3b98bfb6a914f4
board: exynos7904
bootloader: M205FDDU3CSL5
brand: samsung
device: m20lte
display: QP1A.190711.020.M205FDDU3CSL5
fingerprint: samsung/m20ltedd/m20lte:10/QP1A.190711.020/M205FDDU3CSL5:user/release-keys
hardware: exynos7904
host: SWDH2815
isPsychicalDevice: true
manufacturer: samsung
model: SM-M205F
product: m20ltedd
tags: release-keys
type: user
versionBaseOs:
versionCodename: REL
versionIncremental: M205FDDU3CSL5
versionPreviewSdk: 0
versionRelase: 10
versionSdk: 29
versionSecurityPatch: 2019-12-01
我检查了keycloak,用户会话创建成功。但是在flutter_appauth代码里面抛出异常。
C:\flutter\bin\flutter.bat doctor --verbose
[√] Flutter (Channel stable, v1.12.13+hotfix.8, on Microsoft Windows [Version 10.0.17763.1039], locale en-IN)
• Flutter version 1.12.13+hotfix.8 at C:\flutter
• Framework revision 0b8abb4724 (3 weeks ago), 2020-02-11 11:44:36 -0800
• Engine revision e1e6ced81d
• Dart version 2.7.0
[√] Android toolchain - develop for Android devices (Android SDK version 29.0.3)
• Android SDK at C:\Users\avs02\AppData\Local\Android\sdk
• Android NDK location not configured (optional; useful for native profiling support)
• Platform android-29, build-tools 29.0.3
• Java binary at: C:\Program Files\Android\Android Studio1\jre\bin\java
• Java version OpenJDK Runtime Environment (build 1.8.0_202-release-1483-b03)
• All Android licenses accepted.
[√] Android Studio (version 3.5)
• Android Studio at C:\Program Files\Android\Android Studio1
• Flutter plugin version 43.0.1
• Dart plugin version 191.8593
• Java version OpenJDK Runtime Environment (build 1.8.0_202-release-1483-b03)
[√] VS Code, 64-bit edition (version 1.24.1)
• VS Code at C:\Program Files\Microsoft VS Code
• Flutter extension version 2.21.1
[√] Connected device (1 available)
• SM J600G • 52006fac59e36583 • android-arm • Android 9 (API 28)
• No issues found!
Process finished with exit code 0
请帮助我,我从过去两周开始坚持下去。
解决方案
我解决了。首先将 authorizeAndExchangeCode 方法更改为分别调用授权和令牌方法。这显示了正确的错误堆栈跟踪。
该错误是由于未使用 keycloak 的 https url 端点。因此为 ssl 配置服务器并使用签名证书。
下载的证书
echo "" | openssl s_client -host phoenixelectricals.in -port 443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > phoenixelectricals.pem
在 AndroidManifest.xml 添加了以下条目
<application
.....
android:networkSecurityConfig="@xml/network_security_config">
network_security_config.xml 包含以下设置
<network-security-config>
<base-config>
<trust-anchors>
<!-- Trust preinstalled CAs -->
<certificates src="system" />
<!-- Additionally trust user added CAs -->
<certificates src="user" />
</trust-anchors>
</base-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">phoenixelectricals.in</domain>
<trust-anchors>
<certificates src="@raw/phoenixelectricals"/>
</trust-anchors>
</domain-config>
<debug-overrides>
<trust-anchors>
<certificates src="@raw/phoenixelectricals"/>
</trust-anchors>
</debug-overrides>
</network-security-config>
推荐阅读
- text - 为什么记事本需要比 LTViewr 更长的时间
- rust - 如何通过第一次出现的分隔符来拆分字符串?
- function - Go 自定义模板函数的参数
- android - 如何让'framework.jar'在Android Studio北极狐上的'android.jar'前面编译
- typescript - 如何从 d.ts 中提取选定的类型以创建新的类型文件,即新的 d.ts 文件
- javascript - 图表 js 填充不适用于数据标签
- wordpress - 子域地址不断重定向
- haskell - 在 SBV 中解决算术问题时如何避免 IO monad
- google-apps-script - 我正在尝试自动将过滤器应用于列 - 并按该列按降序对工作表进行排序
- reactjs - 如何避免嵌套地图以获得更好的渲染性能?