Using react-native-app-auth plugin with Fitbit OAuth 2.0

℡╲_俬逩灬. 提交于 2019-12-24 18:41:12

问题


I am working on a mobile app I am trying to integrate with Fitbit. In the documentation, I noticed that Fitbit OAuth 2.0 requires a browser window be opened for the authentication process or else an app would be banned from Fitbit. After reviewing several packages on npm for handling OAuth 2.0, I found react-native-app-auth.

Does react-native-app-auth function in a way that makes sure this Fitbit rule is not violated? This is somewhat confusing for me in that this is a mobile app. I would really like to use this plugin but want to make sure my app is not banned from Fitbit.


回答1:


Pretty much the de facto standard for mobile logins these days is to plug in the Google AppAuth libraries, which handle logins via InApp browsers. These windows are external to the actual mobile app, and are recommended from both a security and usability viewpoint:

  • AppAuth iOS

  • AppAuth Android

React Native has a bridge to integrate these libraries, but this is not trivial unfortunately.

While I don't know FitBit, it has become quite common for logins on a web view to be banned, and I'm pretty sure that using AppAuth based libraries would get you past this blocker.

Gary

PS. Rather than writing any code, a good next step might be to point the actual AppAuth samples at FitBit, to check that logins work OK. I have some posts that might help with this:

  • Running iOS AppAuth sample
  • Running Android AppAuth sample

If I'm not mistaken you'll just need to download the samples, then configure 3 fields to point to FitBit:

  • Authority
  • Client Id
  • Redirect URI

My write ups are in terms of Okta, but logins should work for any open standards based provider.



来源:https://stackoverflow.com/questions/54151748/using-react-native-app-auth-plugin-with-fitbit-oauth-2-0

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!