We currently have identityserver v2 (and ws-fed for our websites), and now we would like to authenticate with a phonegap app. How could this be implemented? I understand ws-fed is not an option, so for oauth our options are (I might be wrong here):
I've looked at the resource owner flow here, but it looks quite complicated, and I could find much documentation for it (read: a simple example ready to clone :-) )
The Implict flow I found some example here, but it seems to require a redirect_uri, and I can't understand how that could be achived on an app.
I noticed that in my STS admin site, there was an option for OpenID Connect also, could that be used?
I would be happy if someone could point us in the right direction?
Thanks for any help
Larsi
I've seen that in v3 some new possibilities are present (an maybe even a phonegap sample here), but unfortunatly no upgrade to v3 is currently planned
You was correct using openId connect with Implicit flow
GET /authorize?
response_type=id_token%20token
&client_id=s6BhdRkqt3
&redirect_uri=https%3A%2F%2Fclient.example.org%2Fcb
&scope=openid%20profile
&state=af0ifjsldkj
&nonce=n-0S6_WzA2Mj HTTP/1.1
Host: server.example.com
A if the user successfully authenticates they will receive a response like the following
HTTP/1.1 302 Found
Location: https://client.example.org/cb#
access_token=SlAV32hkKG
&token_type=bearer
&id_token=eyJ0 ... NiJ9.eyJ1c ... I6IjIifX0.DeWt4Qu ... ZXso
&expires_in=3600
&state=af0ifjsldkj
Many openID connect libraries just parse the response and extract the relevant values the redirect is ignored