WebAuthenticationBroker
Overview
WebAuthenticationBroker is a utility class that facilitates OAuth and other web-based authentication flows by providing a secure way to handle web authentication in desktop applications.
Static Methods
AuthenticateAsync
public static Task<WebAuthenticationResult> AuthenticateAsync(
TopLevel topLevel, WebAuthenticatorOptions options)
Starts an authentication flow by navigating to the specified start URI and monitoring for navigation to the end URI.
Parameters
topLevel: Owner top-level, a window on desktop platforms.options: Authentication options that control the broker's behavior
Returns
A Task<WebAuthenticationResult> containing the authentication result.
WebAuthenticationOptions
Properties
public Uri RequestUri { get; init; }
The initial URI that starts the authentication flow.
public Uri RedirectUri { get; init; }
URI that indicates the completion of the authentication flow.
public bool PreferNativeWebDialog { get; init; }
If true, WebAuthenticationBroker will avoid platform specific implementation option, and will use NativeWebDialog based implementation.
WebAuthenticationResult
Properties
public Uri? CallbackUri { get; }
The response URI containing authentication data.
Usage Example
Google OAuth is used in this example.
As a minimal requirement for setup, follow:
- Create Google credentials (Type: Desktop for Windows/macOS/Linux, or iOS). See Console Credentials. On this step client ID and redirect URI are created.
- Follow google OAuth 2.0 documentation for general knowledge.
var googleAuthRedirectUri = "http://localhost";
var googleAuthRequestUri = "https://accounts.google.com/o/oauth2/auth?response_type=code&access_type=offline&scope=openid";
googleAuthRequestUri += "&client_id=" + /* YOUR CLIENT ID */;
googleAuthRequestUri += "&redirect_uri=" + googleAuthRedirectUri;
var result = await WebAuthenticationBroker.AuthenticateAsync(
mainWindow,
new WebAuthenticatorOptions(
RequestUri: new Uri(googleAuthRequestUri),
RedirectUri: new Uri(googleAuthRedirectUri)));
Similarly it can be done with Microsoft identity, Facebook Login or other OAuth2 standard compatible options.
Platform Support
| Feature | Windows | macOS (10.15+) | Linux | iOS (iOS 12.0+) | Android | Browser |
|---|---|---|---|---|---|---|
| Platform Implementation | ✖ | ✔* | ✖ | ✔* | ✔** | ✔*** |
| NativeWebDialog | ✔ | ✔ | ✔ | ✖ | ✖ | ✖ |
* Apple platforms use ASWebAuthenticationSession implementation.
** Android uses CustomTabsIntent implementation, but support is experimental and might be changed.
*** Browser solution requires CORS to be configured to allow access to the redirected page.