Keycloak to Flutter Android App Redirect Issue : HTTP is working, HTTPS is giving error

Question

I have implemented flutter_appauth and I am using Keycloak as Authentication Server.

Code snippets are as follows: Main.dart

final String _clientId = 'flutter-demo-app';
  //final String _redirectUrl = 'com.example.sampleflutterauthapp:/*';
  final String _redirectUrl = 'com.example.sampleflutterauthapp:/*';
  final String _issuer = 'https://10.0.2.2:8443/auth/realms/flutter';
  final String _discoveryUrl =
      'https://10.0.2.2:8443/auth/realms/flutter/.well-known/openid-configuration';
  final String _postLogoutRedirectUrl = 'com.example.sampleflutterauthapp://';
  final List<String> _scopes = <String>[
    'openid',
    'profile',
    'offline_access'
  ];

  final AuthorizationServiceConfiguration _serviceConfiguration =
      const AuthorizationServiceConfiguration(
    authorizationEndpoint: 'https://10.0.2.2:8443/auth/realms/flutter/protocol/openid-connect/auth',
    tokenEndpoint: 'https://10.0.2.2:8443/auth/realms/flutter/protocol/openid-connect/token',
    endSessionEndpoint: 'https://10.0.2.2:8443/auth/realms/flutter/protocol/openid-connect/logout',
  );

Future<void> _signInWithAutoCodeExchange(
      {bool preferEphemeralSession = false}) async {
    try {
      _setBusyState();

    final AuthorizationTokenResponse? result =
          await _appAuth.authorizeAndExchangeCode(
        AuthorizationTokenRequest(
          _clientId,
          _redirectUrl,
          serviceConfiguration: _serviceConfiguration,
          scopes: _scopes,
          preferEphemeralSession: preferEphemeralSession,
          allowInsecureConnections: true,
        ),
      );

My build.gradle file for Android App is as following for HTTPS redirection:

My keycloak config are as follows:

I am running my application on Pixel 5 API 31 (Andoid 12.0) as virtual device.

If I use following http url of Keycloak Server, It is working fine.

final String _issuer = 'http://10.0.2.2:8080/auth/realms/flutter';

If I use following HTTPS url of Keycloak Server, Authentication is done successfully but while redirecting to Android App I am getting Network Error

final String _issuer = 'https://10.0.2.2:8443/auth/realms/flutter';

PlatformException(authorize_and_exchange_code_failed, Failed to authorize: [error: null, description: Network error], java.security.cert.CertPathValidatorException: Trust anchor for certification path not found., null)

Kindly let me know what am I missing here to make it work with HTTPS.

I have tried following things as part of solution but did not get any success. AndroidManifest.xml Added intent-filter as following as work around: ` ` — milan.sangani, Apr 28 '22 at 06:01
I have tried adding Keycloak certificate in adroid app as following but did not get any success. [network_security_config.xml](https://user-images.githubusercontent.com/12907055/165236873-69aaef00-0bca-436d-98f6-b2edd8ce407b.png) [Keycloak Certificate](https://user-images.githubusercontent.com/12907055/165234663-09d1b186-c0ac-4e7d-8d13-d47ef14b97a3.png) — milan.sangani, Apr 28 '22 at 06:05
Kindly find the work around solution as you have to configure self-signed-certificate with proper values in **subjectAltName** For more details refer following link [configure-self-singed-certificate](https://stackoverflow.com/questions/69709018/xamarin-android-how-to-pin-self-signed-certifcate-via-network-security-config-x) — milan.sangani, May 06 '22 at 06:33

score 0 · Accepted Answer · answered May 06 '22 at 06:35

0

Kindly find the work around solution as you have to configure self-signed-certificate with proper values in subjectAltName

For more details refer following link configure-self-singed-certificate

answered May 06 '22 at 06:35

milan.sangani

61
1
7

Keycloak to Flutter Android App Redirect Issue : HTTP is working, HTTPS is giving error

1 Answers1