commit ebf1711c2b051d01a60dced94c2f5124d27e678a · bretton.dev/coves-mobile

+2 -5

android/app/src/main/AndroidManifest.xml

···

       9
       9
        
                   android:name=".MainActivity"

     

       10
       10
        
                   android:exported="true"

     

       11
       11
        
                   android:launchMode="singleTop"

     

       12
       12
       -
                   android:taskAffinity=""

     

       13
       12
        
                   android:theme="@style/LaunchTheme"

     

       14
       13
        
                   android:configChanges="orientation|keyboardHidden|keyboard|screenSize|smallestScreenSize|locale|layoutDirection|fontScale|screenLayout|density|uiMode"

     

       15
       14
        
                   android:hardwareAccelerated="true"

     
···

       30
       29
        
               </activity>

     

       31
       30
        
       

     

       32
       31
        
               <!-- flutter_web_auth_2 CallbackActivity for OAuth callbacks -->

     

       33
       33
       -
               <!-- This MUST be a separate activity to prevent go_router interference -->

     

       32
       32
       +
               <!-- Uses private-use URI scheme per atproto spec (RFC 8252) -->

     

       34
       33
        
               <activity

     

       35
       34
        
                   android:name="com.linusu.flutter_web_auth_2.CallbackActivity"

     

       36
       35
        
                   android:exported="true">

     
···

       38
       37
        
                       <action android:name="android.intent.action.VIEW"/>

     

       39
       38
        
                       <category android:name="android.intent.category.DEFAULT"/>

     

       40
       39
        
                       <category android:name="android.intent.category.BROWSABLE"/>

     

       41
       41
       -
       

     

       42
       42
       -
                       <!-- OAuth callback URL scheme -->

     

       43
       43
       -
                       <data android:scheme="dev.workers.brettmay0212.lingering-darkness-50a6"/>

     

       40
       40
       +
                       <data android:scheme="social.coves"/>

     

       44
       41
        
                   </intent-filter>

     

       45
       42
        
               </activity>

     

       46
       43
        
               <!-- Don't delete the meta-data below.

+1 -1

ios/Runner/Info.plist

···

       54
       54
        
       			<string>social.coves.oauth</string>

     

       55
       55
        
       			<key>CFBundleURLSchemes</key>

     

       56
       56
        
       			<array>

     

       57
       57
       -
       				<string>dev.workers.brettmay0212.lingering-darkness-50a6</string>

     

       57
       57
       +
       				<string>social.coves</string>

     

       58
       58
        
       			</array>

     

       59
       59
        
       		</dict>

     

       60
       60
        
       	</array>

+17 -56

lib/config/oauth_config.dart

···

       1
       1
       -
       import 'package:atproto_oauth_flutter/atproto_oauth_flutter.dart';

     

       2
       2
       -
       

     

       3
       3
       -
       import 'environment_config.dart';

     

       4
       4
       -
       

     

       5
       5
       -
       /// OAuth Configuration for atProto

     

       1
       1
       +
       /// OAuth Configuration for Coves Backend OAuth

     

       6
       2
        
       ///

     

       7
       7
       -
       /// This configuration provides ClientMetadata for the new

     

       8
       8
       -
       /// atproto_oauth_flutter package. The new package handles proper

     

       9
       9
       -
       /// decentralized OAuth discovery (works with ANY PDS).

     

       3
       3
       +
       /// This configuration supports the backend's mobile OAuth flow.

     

       4
       4
       +
       /// The backend handles all OAuth complexity (PKCE, DPoP, token exchange).

     

       5
       5
       +
       ///

     

       6
       6
       +
       /// Uses private-use URI scheme per atproto spec (RFC 8252):

     

       7
       7
       +
       /// - Format: social.coves:/callback (single slash!)

     

       8
       8
       +
       /// - Works on both Android and iOS without Universal Links complexity

     

       10
       9
        
       class OAuthConfig {

     

       11
       11
       -
         // OAuth Server Configuration

     

       12
       12
       -
         // Cloudflare Worker that hosts client-metadata.json and handles OAuth

     

       13
       13
       -
         // callbacks

     

       14
       14
       -
         static const String oauthServerUrl =

     

       15
       15
       -
             'https://lingering-darkness-50a6.brettmay0212.workers.dev';

     

       16
       16
       -
       

     

       17
       10
        
         // Custom URL scheme for deep linking

     

       18
       18
       -
         // Must match AndroidManifest.xml intent filters

     

       19
       19
       -
         // Using the same format as working Expo implementation

     

       20
       20
       -
         static const String customScheme =

     

       21
       21
       -
             'dev.workers.brettmay0212.lingering-darkness-50a6';

     

       11
       11
       +
         // Must match AndroidManifest.xml and Info.plist

     

       12
       12
       +
         // Uses reverse domain format per atproto spec

     

       13
       13
       +
         static const String customScheme = 'social.coves';

     

       22
       14
        
       

     

       23
       23
       -
         // API Configuration

     

       24
       24
       -
         // Environment-aware API URL

     

       25
       25
       -
         static String get apiUrl => EnvironmentConfig.current.apiUrl;

     

       15
       15
       +
         // Redirect URI using private-use URI scheme (RFC 8252)

     

       16
       16
       +
         // IMPORTANT: Single slash after scheme per RFC 8252!

     

       17
       17
       +
         static const String _redirectUri = '$customScheme:/callback';

     

       26
       18
        
       

     

       27
       27
       -
         // Derived OAuth URLs

     

       28
       28
       -
         static const String clientId = '$oauthServerUrl/client-metadata.json';

     

       19
       19
       +
         /// Get the redirect URI (same for all environments)

     

       20
       20
       +
         static String get redirectUri => _redirectUri;

     

       29
       21
        
       

     

       30
       30
       -
         // IMPORTANT: Private-use URI schemes (RFC 8252) require SINGLE slash,

     

       31
       31
       -
         // not double!

     

       32
       32
       -
         // Correct:   dev.workers.example:/oauth/callback

     

       33
       33
       -
         // Incorrect: dev.workers.example://oauth/callback

     

       34
       34
       -
         static const String customSchemeCallback = '$customScheme:/oauth/callback';

     

       35
       35
       -
       

     

       36
       36
       -
         // HTTPS callback (fallback for PDS that don't support custom

     

       37
       37
       -
         // URI schemes)

     

       38
       38
       -
         static const String httpsCallback = '$oauthServerUrl/oauth/callback';

     

       22
       22
       +
         /// Get the callback scheme for FlutterWebAuth2

     

       23
       23
       +
         static String get callbackScheme => customScheme;

     

       39
       24
        
       

     

       40
       25
        
         // OAuth Scopes - recommended scope for atProto

     

       41
       26
        
         static const String scope = 'atproto transition:generic';

     

       42
       27
        
       

     

       43
       28
        
         // Client name for display during authorization

     

       44
       29
        
         static const String clientName = 'Coves';

     

       45
       45
       -
       

     

       46
       46
       -
         /// Create ClientMetadata for the FlutterOAuthClient

     

       47
       47
       -
         ///

     

       48
       48
       -
         /// This configures the OAuth client with:

     

       49
       49
       -
         /// - Discoverable client ID (HTTPS URL to metadata JSON)

     

       50
       50
       -
         /// - HTTPS callback (primary - works with all PDS servers)

     

       51
       51
       -
         /// - Custom URL scheme (fallback - requires PDS support)

     

       52
       52
       -
         /// - DPoP enabled for token security

     

       53
       53
       -
         /// - Proper scopes for atProto access

     

       54
       54
       -
         static ClientMetadata createClientMetadata() {

     

       55
       55
       -
           return const ClientMetadata(

     

       56
       56
       -
             clientId: clientId,

     

       57
       57
       -
             // Use HTTPS as PRIMARY - prevents browser re-navigation that

     

       58
       58
       -
             // invalidates auth codes. Custom scheme as fallback (Worker page

     

       59
       59
       -
             // redirects to custom scheme anyway)

     

       60
       60
       -
             redirectUris: [httpsCallback, customSchemeCallback],

     

       61
       61
       -
             scope: scope,

     

       62
       62
       -
             clientName: clientName,

     

       63
       63
       -
             dpopBoundAccessTokens: true, // Enable DPoP for security

     

       64
       64
       -
             applicationType: 'native',

     

       65
       65
       -
             grantTypes: ['authorization_code', 'refresh_token'],

     

       66
       66
       -
             tokenEndpointAuthMethod: 'none', // Public client (mobile apps)

     

       67
       67
       -
           );

     

       68
       68
       -
         }

     

       69
       30
        
       }

+1 -16

pubspec.lock

···

       41
       41
        
             url: "https://pub.dev"

     

       42
       42
        
           source: hosted

     

       43
       43
        
           version: "2.13.0"

     

       44
       44
       -
         atproto_oauth_flutter:

     

       45
       45
       -
           dependency: "direct main"

     

       46
       46
       -
           description:

     

       47
       47
       -
             path: "packages/atproto_oauth_flutter"

     

       48
       48
       -
             relative: true

     

       49
       49
       -
           source: path

     

       50
       50
       -
           version: "0.1.0"

     

       51
       44
        
         boolean_selector:

     

       52
       45
        
           dependency: transitive

     

       53
       46
        
           description:

     
···

       371
       364
        
           source: sdk

     

       372
       365
        
           version: "0.0.0"

     

       373
       366
        
         flutter_web_auth_2:

     

       374
       374
       -
           dependency: transitive

     

       367
       367
       +
           dependency: "direct main"

     

       375
       368
        
           description:

     

       376
       369
        
             name: flutter_web_auth_2

     

       377
       370
        
             sha256: "3c14babeaa066c371f3a743f204dd0d348b7d42ffa6fae7a9847a521aff33696"

     
···

       687
       680
        
             url: "https://pub.dev"

     

       688
       681
        
           source: hosted

     

       689
       682
        
           version: "2.1.8"

     

       690
       690
       -
         pointycastle:

     

       691
       691
       -
           dependency: transitive

     

       692
       692
       -
           description:

     

       693
       693
       -
             name: pointycastle

     

       694
       694
       -
             sha256: "4be0097fcf3fd3e8449e53730c631200ebc7b88016acecab2b0da2f0149222fe"

     

       695
       695
       -
             url: "https://pub.dev"

     

       696
       696
       -
           source: hosted

     

       697
       697
       -
           version: "3.9.1"

     

       698
       683
        
         pool:

     

       699
       684
        
           dependency: transitive

     

       700
       685
        
           description:

+1 -3

pubspec.yaml

···

       34
       34
        
         # The following adds the Cupertino Icons font to your application.

     

       35
       35
        
         # Use with the CupertinoIcons class for iOS style icons.

     

       36
       36
        
         cupertino_icons: ^1.0.8

     

       37
       37
       -
         # New atproto_oauth_flutter package - proper decentralized OAuth implementation

     

       38
       38
       -
         atproto_oauth_flutter:

     

       39
       39
       -
           path: packages/atproto_oauth_flutter

     

       40
       37
        
         flutter_secure_storage: ^9.2.2

     

       41
       38
        
         shared_preferences: ^2.3.3

     

       42
       39
        
         go_router: ^16.3.0

     

       43
       40
        
         provider: ^6.1.5+1

     

       44
       41
        
         flutter_svg: ^2.2.1

     

       45
       42
        
         dio: ^5.9.0

     

       43
       43
       +
         flutter_web_auth_2: ^4.1.0

     

       46
       44
        
         cached_network_image: ^3.4.1

     

       47
       45
        
         url_launcher: ^6.3.1

     

       48
       46
        
         video_player: ^2.8.7  # Pinned for stability