UniWebViewAuthenticationFlowGitHub
Summary
A predefined authentication flow for GitHub.
This implementation follows the flow described here.
See the OAuth 2.0 Support and OAuth 2.0 with GitHub for a more detailed guide of authentication in UniWebView.
To allow the GitHub flow working, at least you need these steps:
- Setting
Client Id
,Client Secret
,Callback Url
in theUniWebViewAuthenticationFlowGitHub
inspector. - Setting the
Auth Callbacks Urls
containing theCallback Url
in theUniWebView
preference panel.
Properties Summary
The client ID of your GitHub application. | |
The client secret of your GitHub application. | |
The callback URL of your GitHub application. | |
Optional to control this flow's behaviour. | |
The redirect URI should be used in exchange token request. | |
Suggests a specific account to use for signing in and authorizing the app. | |
The scope string of all your required scopes. | |
Whether to enable the state verification. | |
Whether or not unauthenticated users will be offered an option to sign up for GitHub during the OAuth flow. | |
The prompt that will be set to the authentication request query. | |
The additional query arguments that are used to construct the query string of the authentication request. |
Events Summary
Called when the authentication flow succeeds and a valid token is generated. | |
Called when any error (including user cancellation) happens during the authentication flow. | |
Called when the access token refresh request finishes and a valid refreshed token is generated. | |
Called when any error (including user cancellation) happens during the authentication flow. |
Methods Summary
Starts the authentication flow with the standard OAuth 2. | |
Starts the refresh flow with the standard OAuth 2. |
Properties
The client ID of your GitHub application.
Example
At the day of writing, the client Id from GitHub is something like:
githubFlow.clientId = "lv1.1234567890abcdef1234";
The client secret of your GitHub application.
NOTICE
Strictly speaking, the client secret should not be stored on the client side. In the OAuth flow of a native app, we should use PKCE whenever possible to protect the authorization process (UniWebView supports PKCE). However, GitHub’s OAuth does not currently support PKCE, so we still have to use the client secret when exchanging tokens if we do not have a backend.
A more secure approach would be to set up your own backend server and use server-to-server communication to obtain the access token. In UniWebView, you can use the Customize Flow to set the entry point for access token exchange to your server, thereby avoiding exposing the client secret in the client-side code.
The callback URL of your GitHub application.
Example
githubFlow.callbackUrl = "authhub://auth";
Optional to control this flow's behaviour.
The redirect URI should be used in exchange token request.
Suggests a specific account to use for signing in and authorizing the app.
The scope string of all your required scopes.
Whether to enable the state verification. If enabled, the state will be generated and verified in the authentication callback.
Default is false
.
Whether or not unauthenticated users will be offered an option to sign up for GitHub during the OAuth flow.
Default is true
.
The prompt that will be set to the authentication request query. For example, the possible values can be login
, consent
, select_account
and so on.
See https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
The additional query arguments that are used to construct the query string of the authentication request.
This is useful when you want to add some custom parameters to the authentication request. This string will be appended to the query string that constructed from GetAuthenticationUriArguments
.
For example, if you set the value to prompt=consent&ui_locales=en
, it will be contained in the final authentication query.
Events
Called when the authentication flow succeeds and a valid token is generated.
Example
githubFlow.OnAuthenticationFinished.AddListener(OnGitHubTokenReceived)
void OnGitHubTokenReceived(UniWebViewAuthenticationGitHubToken token) {
Debug.Log("Github Access Token: " + token.AccessToken);
}
Called when any error (including user cancellation) happens during the authentication flow.
Example
github.OnAuthenticationErrored.AddListener(OnGitHubAuthError);
void OnGitHubAuthError(long error, string message) {
Debug.Log("Error code: " + error + " Message: " + message);
}
Called when the access token refresh request finishes and a valid refreshed token is generated.
Example
githubFlow.OnRefreshTokenFinished.AddListener(OnRefreshTokenReceived)
void OnRefreshTokenReceived(UniWebViewAuthenticationGitHubToken token) {
Debug.Log("Access Token: " + token.AccessToken);
}
Called when any error (including user cancellation) happens during the authentication flow.
Example
githubFlow.OnRefreshTokenErrored.AddListener(OnRefreshTokenError);
void OnRefreshTokenError(long error, string message) {
Debug.Log("Error code: " + error + " Message: " + message);
}
Methods
Starts the authentication flow with the standard OAuth 2.0. This implements the abstract method in UniWebViewAuthenticationCommonFlow
.
Starts the refresh flow with the standard OAuth 2.0. This implements the abstract method in UniWebViewAuthenticationCommonFlow
.