OAuth Setup Issues

422
1
02-20-2023 12:16 PM
Wingold
New Contributor

I'm using Unity 2021.3.19f1 with SDK version 1.1.0

Alike both this post and this one, I'm unable to get OAuth2.0 working in my Unity editor.

I peeked inside the ArcGISEditorOAuthAuthenticationChallengeHandler.cs to see:

 

 

 

 

 

		private Task<string> HandleChallengeInternal(string authorizeURI)
		{
			var matches = Regex.Matches(authorizeURI, @"redirect_uri=([^&]*)", RegexOptions.IgnoreCase);

...
			var redirectURI = matches[0].Groups[1].Value;

			if (redirectURI == "urn:ietf:wg:oauth:2.0:oob")
			{
				return Task.FromException<string>(new ArgumentException("\"urn:ietf:wg:oauth:2.0:oob\" is not a supported redirect URI"));
			}

			try
			{
				var uri = new Uri(redirectURI);

				if (uri.Scheme == "http" && uri.Host == "localhost")
				{
					redirectURI = uri.ToString();
				}
				else
				{
					return Task.FromException<string>(new ArgumentException("Invalid redirect URI"));
				}

			}
			catch
			{
				return Task.FromException<string>(new ArgumentException("Invalid redirect URI"));
			}
...

 

 

 

 

 

 

Noticing that only a http://localhost URL would be allowed for the redirect URI. Now I'm unfamiliar with OAuth2.0 and new to ArcGIS, so maybe I don't understand the point of the redirect URI, but this seems odd? Am I not redirecting back to my application (as with a Unity Deeplink)? Or is it suppose to redirect to our private data on our server? Also, isn't it supposed to open my default browser for login details? Currently it does not, alike one of the posts I linked above.

My end goal is that we are able to load data layers (3D scenes and such) hosted on our server that are private. While the API key works to load a basemap fine, these private data layers need proper OAuth configuration.

So far, the best point I can get to is a "Authentication Failed" error as it is unable to retrieve info from my private server.

Apologies in advance for any misunderstandings or if I missed some documentation somewhere.

0 Kudos
1 Reply
TomoTakeda
Esri Contributor

Hi Wingold,

The code is the OAuthAuthenticationChallengeHandler script for the editor mode and it's the same as sample the OAuth challenge handler that is used under the Map Creator UI.

This sample script accepts only http scheme and localhost as the hosts for desktop applications as you can see in the note in this section.

https://developers.arcgis.com/unity/authentication/#arcgis-identity

If you want to use a different redirect URI, you need to write your own script.

And the authorization flow is the same as you can see in this Overview.
https://developers.arcgis.com/documentation/mapping-apis-and-services/security/arcgis-identity/serve...

I hope it helps,

0 Kudos