Add Authentication to Your Xamarin App with OpenID Connect
This tutorial shows you how to build secure authentication with Xamarin Forms and OpenID Connect.
Jason Lee
Hi,
I was able to follow through the tutorial with a new project targeting Android 8.1.
I got all the way through loading the MainPage, and when I hit the LOGIN button I get an exception:
System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation.
Any idea?
Thanks,
Jason
leebrandt
Is there any more information in the inner exception?
Jason Lee
The inner exception was strangely empty. But after inspecting all the codes I figured out it was the missing Current Instance I forgot to instantiate in the MainActivity class. Thanks for checking though.
Now I was able to get direct to the Okta login widget page, however, I did not get redirect back to the app after logging in from the Okta widget. It just froze there. There is no output from VS Studio as if the app has disconnected from the IDE.
Jason Lee
Never mind, I figured the redirection to the app too.
Aamir Khan
Hi,
I am getting a confirmation popup when clicking on the Okta Login button before redirecting to Okta screen.
Can this behavior be suppressed.
Thanks,
Aamir https://uploads.disquscdn.c…
Aamir Khan
Jason,
Did you also get this confirmation popup?
Aamir Khan
Did you guys implement the Logout feature, i am struggling to clear the cookies.
Even if i delete the cookies ,browser somehow persists the data and the user is logged in again.
Any inputs would really be helpful.
Thanks,
Aamir
Aamir Khan
Did you guys implement the Logout feature, i am struggling to clear the cookies.
Even if i delete the cookies ,browser somehow persists the data and the user is logged in again.
Any inputs would really be helpful.
Nate Barbettini
This is a system dialog that was added in iOS 11. More info here: https://github.com/openid/A…
Nate Barbettini
We didn’t have time to show logout in this example, sorry. The reason the user is immediately logged in again is that the user’s session is still active on the Okta authorization server.
There are a few things you can do:
- Send the prompt=login parameter with the login request to force Okta to reauthenticate the user. You can use the AdditionalParameters dictionary on the AuthorizationRequest for this.
- Redirect to the logout endpoint in the browser to destroy the Okta session in that browser.
Vishal Pachori
How can we refresh token after the token expires without redirecting to the Okta authentication web page?
Eric Eskildsen
Any idea what I’m doing wrong? It hangs on login form submission for me.
I’m using https://github.com/oktadeve…. My only change was to replace the braced values in Constants.cs.
EDIT: And the braced value of android:scheme in AndroidManifest.xml.
EDIT 2: It’s working now. My scheme in AndroidManifest.xml was incorrect. It should be just the scheme of the callback URI listed under “Applications > [Your App] > General > Login > Login redirect URIs” in Okta. That means to omit everything after the colon: e.g., “com.oktapreview.yourSubdomain”. I thought I’d done that the first time since that’s what a scheme is, but it’s possible I may have left the colon on. I played with it a few more times, adding the forward slash etc. before reverting to just the scheme this morning, and it works now.
Joshua Tanton
This is great and worked well. But when I follow the instructions here https://developer.okta.com/… I replace Constants.DiscoveryEndpoint with my AuthUrl for the Identity provider. However, I’m not sure what to put for my nonce and state parameters. I was first getting invalid_nonce error, I just entered the same value from the documentation. Now I get an invalid_state error. When I try to use the value from the documentation I get the same AuthorizationException but the okta dashboard doesn’t detect the call and I don’t get a more specific error. I’m not sure how we are suppose to get these nonce and state values. Is there another api we are supposed to call first? Remember I’m trying to use this so the login page will accept microsoft credentials.
Matt Raible
Thanks for letting us know you got it working!
Rohan Palan
Are you able to implement logout for android?
Rohan Palan
I followed your instruction. It still remembers logged in user.
Ankit Parekh
Hi Vishal, even i have the same query how can we refresh token after the token expires, did you get any solution for this?
Vishal Pachori
You can do that with RefreshToken. you need to hit “/oauth2/v1/token” Post request with Request Body containing grant_type , refresh_token , and client ID. Check the okta documentation for further details.
Ankit Parekh
I tried a lot with adding/removing various parameters as mentioned in okta documentation but none worked and getting 401 unauthorized.
As per okta documentation for PKCE auth type, one need to use client_assertion and client_assertion_type, I also did that but still no luck. I have posted my concerns to okta team and they are looking into that.
Meanwhile if possible, can you post exact request parameters to hit “/oauth2/v1/token”, that will really help.