OAuth Support
Dexi apps support secure OAuth authentication for 3rd party services such as Google through end-to-end encryption so that only when the app needs it does it have access to the unencrypted access tokens.
The Dexi platform itself is not able to read these encrypted tokens - the app itself holds the encryption key.
To enable 3rd party OAuth authentication for your app you need to define an "oauth" configuration field like the following:
Provider Configuration
You might need to configure the OAuth provider with the following:
Authorized redirect URIs :https://app.dexi.io/oauth2/app/validate
Authorized JavaScript origins:https://app.dexi.io
configuration:
google:
title: Google
type: oauth
help: Connect your google account to get access to your google account
required: true
sortOrder: 1
configuration:
oauth: #These 2 endpoints are required. The below configuration is correct when using the Dexi App SDK and implementing the OAuthHandler interface
redirect:
method: POST
url: "${baseUrl}/oauth/redirect"
validate:
method: POST
url: "${baseUrl}/oauth/validate"
A working Java Spring module supporting Google OAuth authentication is available in https://github.com/dexiio/spring-app-sdk-google-oauth.
OAuth versions supported
Note that both OAuth1 and OAuth2 have a similar user flow and therefor both are supported since the actual authentication process is entirely performed by your app.
This can be used as-is for Google authentication or serve as a reference implementation for new OAuth implementations.
An example of using the module can be found here:
https://github.com/dexiio/app-service-googledrive
Further documentation on how an OAuthHandler can be implemented in the Java SDK can be found here: OAuthHandler
Updated almost 5 years ago