Hey everyone, for my Compose-Desktop app, I want t...
# compose-desktop
s
Hey everyone, for my Compose-Desktop app, I want to integrate with an API which makes use of an OIDC authorization code flow and therefor needs access to a browser session to complete successfully. Is there any form of support for browser session management (either through a webview, or even delegation to a system browser) for Compose-Desktop currently?
j
I don't pretend to be an OIDC expert, but if you need an embedded browser, you might try CEF: https://github.com/JetBrains/compose-jb/tree/master/cef I'm not sure how OIDC works, but I thought it was primarily intended to protect web resources. I assumed the common solution would be to launch a web browser (https://stackoverflow.com/questions/5226212/how-to-open-the-default-webbrowser-using-java) that would navigate redirect back to your own website upon successful authentication, and then your desktop app would get any data/tokens by querying the site you control with a shared secret. Alternatively, sometimes the flow involves an embedded jetty instance, but usually you don't get https there (not that you need it since such traffic doesn't leave the machine) and your host is localhost, so many auth providers won't forward back to that URL. Either way, for user auth, having the user use their own browser is generally beneficial because they may already be logged in there and so the whole process is streamlined.
👍 1
s
Thanks for the suggestion, but in the end I ended up using the Microsoft OAuth2 useragent library (https://github.com/microsoft/oauth2-useragent) in combination with SWT, and that seems to do the trick for retrieving all necessary info.