Hi,
In Angular side, we've used the angular-oauth2-oidc
package to manage authorization code flow. As I know, there is no such package for the React Native. I do not know how can you achieve that but I can briefly explain the how code flow works:
initCodeFlow
method of the OAuthService
to navigate user to login page.angular-oauth2-oidc
package performs a POST request:
URL: https://localhost:44305/connect/token
Body (form data): grant_type=authorization_code&code=94DFAD919F8645959A13EC08E79636DEE658ECB11D3D654F8D0DEAC7BC14E605&redirect_uri=https://commercial-demo.abp.io/index.html&code_verifier=U2Q1eExVY2I2ODVkQXZSY2VmeGFIZ3FxUXlfeFRRaU0ubFloRmFPSFdYTWFR&client_id=MyProjectName_App
Response: {"id_token":"id token shortened for brevity","access_token":"access token shortened for brevity","expires_in":31536000,"token_type":"Bearer","scope":"openid AbpCommercialDemo"}
You should examine the angular-oauth2-oidc
package's source code for the details.
Hello,
The problem is related to @ng-bootstrap/ng-bootstrap
package. We're working on this.
You can follow this issue:
https://github.com/abpframework/abp/issues/10743
I'll notify you when the problem is resolved. Thanks!
Please see the comment below to fix problem temporarily: https://github.com/abpframework/abp/issues/10743#issuecomment-981394068
Hello @talhazengin
We've created an internal issue. We'll let you know when it is resolved. Thanks for the repoting!
Hello,
It is already done: https://github.com/abpframework/abp/commit/86b8f952eecfc6a109ab91e1bf39983b50e7c9f6#diff-835f2b3fd6817076674e0a6599617b07b015b34849235b20017ee0601206a3b8
You need to update your project to v4.4.4 at least. Thanks!
Here is the guide for custom login & register pages for v4.4+: https://gist.github.com/mehmet-erim/dac82931935a465a48802447de501032
Hi,
For some technical reasons, we have used innerHtml
for the columns of the extensible table component. No vulnerability in this case. You cannot inject any script. Angular sanitizes it by default.
Thanks!
Hello,
It seems a problem. Can you share the access token and refresh token response?
We use theangular-ouath2-oidc
package for the authentication. So this problem is related to this package.
Downgrading the RxJS version to v6 may be fixed the problem if you use RxJS 7. If the problem will not resolve, please provide the steps to reproduce in detail.
can we expect a fix for this problem in the upcoming update?
I don't know, you can report that by creating an issue to angular-ouath2-oidc
repo. The problem should be fixed by the package authors.
Thanks!