Hybrid oflline mobile app in combination with OAUTH2

Does somebody know if an offline hybrid mobile app can be used in combination with oauth2 authentication?
1 answers

Hi Nils,

This is possible, but not easy. You can check out https://docs.mendix.com/howto/mobile/implement-sso-on-a-hybrid-app-with-mendix-and-saml, this describes how you can implement SAML on a hybrid app (online). I've applied the same idea using OAuth before and this should also work for hybrid offline apps.

On a high level, the following steps are needed:
1) Open an InAppBrowser window and perform the authentication flow with all redirects here
2) Change the OAuth implementation to generate a TokenInformation object for the authenticated user when authentication is successful. See the SAML module for an example (search for TokenInformation in implementation\security\SessionManager.java). Make sure that you set an expiration date for the token.
3) Transfer this token from the InAppBrowser to your offline app. See the documentation for an example how you could do this
4) When the token is set correctly, the user will be logged in automatically

Hope this helps!