Awesome
<a href="https://commerce.nearform.com/open-source/" target="_blank"> <img alt="React Native App Auth" src="https://oss.nearform.com/api/banner?text=react+native+app+auth" /> </a> <p align="center"> <strong>React native bridge for AppAuth - an SDK for communicating with OAuth2 providers</strong> <br><br> </p>This versions supports react-native@0.63+
. The last pre-0.63 compatible version is v5.1.3
.
React Native bridge for AppAuth-iOS and AppAuth-Android SDKS for communicating with OAuth 2.0 and OpenID Connect providers.
This library should support any OAuth provider that implements the OAuth2 spec.
We only support the Authorization Code Flow.
Check out the full documentation here!
Tested OpenID providers
These providers are OpenID compliant, which means you can use autodiscovery.
- Identity Server4 (Example configuration)
- Identity Server3 (Example configuration)
- FusionAuth (Example configuration)
- Google (Example configuration)
- Okta (Example configuration)
- Keycloak (Example configuration)
- Azure Active Directory (Example configuration)
- AWS Cognito (Example configuration)
- Asgardeo (Example configuration)
- Microsoft (Example configuration)
Tested OAuth2 providers
These providers implement the OAuth2 spec, but are not OpenID providers, which means you must configure the authorization and token endpoints yourself.
- Uber (Example configuration)
- Fitbit (Example configuration)
- Dropbox (Example configuration)
- Reddit (Example configuration)
- Coinbase (Example configuration)
- GitHub (Example configuration)
- Slack (Example configuration)
- Strava (Example configuration)
- Spotify (Example configuration)
- Unsplash (Example configuration)
- Imgur (Example configuration)
Why you may want to use this library
AppAuth is a mature OAuth client implementation that follows the best practices set out in
RFC 8252 - OAuth 2.0 for Native Apps including using
ASWebAuthenticationSession
and SFSafariViewController
on iOS, and
Custom Tabs on
Android. WebView
s are explicitly not supported due to the security and usability reasons
explained in Section 8.12 of RFC 8252.
AppAuth also supports the PKCE ("Pixy") extension to OAuth which was created to secure authorization codes in public clients when custom URI scheme redirects are used.
To learn more, read this short introduction to OAuth and PKCE on the Formidable blog.
Contributing
Please see our contributing guide.
Running the iOS app
After cloning the repository, run the following:
cd react-native-app-auth/Example
yarn
(cd ios && pod install)
npx react-native run-ios
Running the Android app
After cloning the repository, run the following:
cd react-native-app-auth/Example
yarn
npx react-native run-android
Notes
- You have to have the emulator open before running the last command. If you have difficulty getting the emulator to connect, open the project from Android Studio and run it through there.
- ANDROID: When integrating with a project that utilizes deep linking (e.g. React Navigation deep linking), update the redirectUrl in your config and the
appAuthRedirectScheme
value in build.gradle to use a custom scheme so that it differs from the scheme used in your deep linking intent-filter as seen here.
Example:
// build.gradle
android {
defaultConfig {
manifestPlaceholders = [
appAuthRedirectScheme: 'io.identityserver.demo.auth'
]
}
}
Maintenance Status
Active: Nearform is actively working on this project, and we expect to continue for work for the foreseeable future. Bug reports, feature requests and pull requests are welcome.