Re: [OAUTH-WG] OAuth 2.0 for Native Apps: open source client libraries for Android and iOS now available

Hannes Tschofenig <hannes.tschofenig@gmx.net> Fri, 11 March 2016 09:54 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9929E12D5D4 for <oauth@ietfa.amsl.com>; Fri, 11 Mar 2016 01:54:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.602
X-Spam-Level:
X-Spam-Status: No, score=-2.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0sGSCVGGiWPm for <oauth@ietfa.amsl.com>; Fri, 11 Mar 2016 01:54:45 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2C0912D5CE for <oauth@ietf.org>; Fri, 11 Mar 2016 01:54:44 -0800 (PST)
Received: from [192.168.10.140] ([138.232.236.15]) by mail.gmx.com (mrgmx103) with ESMTPSA (Nemesis) id 0MfVzj-1aT6Yk4B1H-00P6f7; Fri, 11 Mar 2016 10:54:42 +0100
To: William Denniss <wdenniss@google.com>, "oauth@ietf.org" <oauth@ietf.org>
References: <CAAP42hABB4mrGuLv24fXhiE4E-Yupi=jU2O8nczd4rMo5RLJgQ@mail.gmail.com>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
Message-ID: <56E295E1.9030409@gmx.net>
Date: Fri, 11 Mar 2016 10:54:41 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <CAAP42hABB4mrGuLv24fXhiE4E-Yupi=jU2O8nczd4rMo5RLJgQ@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="vmSqTc2bH2RrvxcBvsJ6lSgK6po6vUqfm"
X-Provags-ID: V03:K0:KTyYg3K8Xnq6HGD/j8ndicWUW83BI5dOb8wlctXBJzZTd9/5XIN wsWxJeh1nH3Z+P9Fvx5FUczSHj8FK07ehum9W5V5I0UbFQHW++jtUOR/n9AqspAnTnoPf4T x+NXMSni/SVdE7TlFx7Gj7sg6isiyfuUOabkKdngu03Kai1cc7rUonHoXQYH7EAabI61iSy I2GyoT4Ru0LchUwquRuSw==
X-UI-Out-Filterresults: notjunk:1;V01:K0:KtjjhclL1DM=:DOTGWOfhmO6JGSXom4V5hS 2xDHhF1qMnBfIjnEo3/RpS95kHD6vCl23AGboUWSM3X3Yr1C88XsMT3WpmdEbywsCfLQevIsm c/HR9xLZklGXavcdrBVQ4KyX5P5x9x4lT/9jEJ3JMUm22V5RF7veA0/5z3Glc+9c2fBuY4pgV ICsslO4vPLWK29RceRJOL8NECbfrrcpb4aajLf98teOMpG47m5DCYW0gIavpBE4XNlikfiPhl QSVG2AyBiSTreC1u2540jaLk6E0a3TCvBGW53B2mUHxYPuBuEFca9AYeiCnWU54bWS9yh+EEX dJGev4aJjH0SEtpTlGr4e3nJW+7Ynlo5CfrpLjq9LhbNswDKc7/rWEGFUM7+PbhF8Xf/gqRGS 8vatdoz5GxFfWjncpnhZyCKRwNaC5wHNnLIqlsfpWzxeyhHNybY5Gwu/QJ0lV4TQjc2dONR0h sVD2SMwAPdQDW0Gg0pgjqk+iHk1NeVrKhK0s7b0Byqv5chrE4aTms3JPgI8aENMVnTeA0zwhO KdcvZ+Yj9RSfftTBmMcr9zhsQFceB4bOIjSfj55q4jxl92O0lBHdweBnsiRGjnT6yi0i0YW1J pRI/E3p/SjK+s1b+LhT+YWAvMq/ryS7RvBpw6sm7Be635iximu3qU+S8dzBN/QxV7P+XFFoaq tZ2rVpWTsAeWTUGKstHN4kg7rgcFDn399JGQMtiPRxldhFKqgiTCDFPZeHQf31bTKYatxm556 8gsFFL4Qo4luy8g/ZTUgzy45tpUFDbLKINmSdbFgjThNWjMalR+Pq32E8V0=
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/j6HezmZFb1cB0VYYg4WxNaeMfkc>
Subject: Re: [OAUTH-WG] OAuth 2.0 for Native Apps: open source client libraries for Android and iOS now available
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Mar 2016 09:54:46 -0000

Hi William,

sorry for the late response but I just wanted to note that I really
appreciate your efforts around making code available for specifications
we are developing. The implementation efforts that take place currently
with specification writing have always provided a lot of valuable feedback.

I will take a look at your libraries in the near future since I am
interested in using those myself for the IoT environment.

Ciao
Hannes


On 02/26/2016 08:30 PM, William Denniss wrote:
> The Google Identity team this week open sourced AppAuth for Android and
> iOS. AppAuth is a client library for OAuth that enables native Android
> and iOS apps to perform authorization flows in a secure and usable way
> using in-app browser tabs (Custom Tabs on Android,
> SFSafariViewController on iOS), fully supporting the draft best practice
> <https://tools.ietf.org/html/draft-ietf-oauth-native-apps> for
> performing standards-based auth in native apps.
> 
> The libraries are opinionated and follow the draft best practice
> completely. Low-level protocol APIs are exposed allowing customizability
> including the ability to support OAuth extensions and custom parameters.
> Higher level convenience APIs are also provided to assist with auth
> state management, and encapsulate common requests like exchanging the
> authorization code and making API calls with fresh tokens.
> 
> You can grab the code here:
> https://openid.github.io/AppAuth-Android
> https://openid.github.io/AppAuth-iOS
> 
> The library should work with any Authorization Server that supports
> public clients with custom URI scheme and/or app-claimed HTTPS redirects
> (custom URI schemes are still required for full backwards compatibility
> support, though on newer systems app-claimed HTTPS links are viable –
> both are supported by the library). We have verified interop with the
> Google and PingFederate OAuth implementations.
> 
> Please give it a spin, and let me know how it works with your own
> implementations!
> 
> 
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>