Our custom Identity Provider (IdP) implements the OpenID Connect (OIDC) standards. Many of our browser-based single-page applications use it for single sign-on (SSO) authentication/authorization. Some of our desktop applications are based on Windows Presentation Foundation (WPF).
Now, our requirement is to implement this same method by launching a browser from the desktop application, and then once the single sign-on is complete, come back to the desktop application.
This is very similar to how a Docker desktop does it – launching a browser for sign-in and then redirecting back to the desktop application.
What is the right way to implement this?
Any reference to an implementation would be greatly appreciated.
The system browser is used to login, according to RFC8252. I believe Docker desktop uses a private URI schene to receive the OAuth response.
See these resources. My app is coded in Javascript but you should be able to translate the concepts: