OAuth Redirect Url for WPF App (version 100.11)

677
2
08-04-2021 09:50 AM
abasch
by
New Contributor

Hi,

I’m new to the ArcGIS Runtime SDK’s and to OAuth 2.0 and apologize for anything unclear.

I’m developing a WPF app that supports users loading web maps from an ArcGIS Online portal, identical to ArcGIS Earth and the “SearchPortalMaps” WPF GitHub sample which I based my code off of. Since it’s a desktop app without a domain name, I’ve been struggling on what to put for a redirect URL in the OAuth 2.0 workflow. My two ideas were to use a custom URL protocol redirecting to the app or an httpListener to listen for requests on an IP loopback address. I’m struggling to implement either and can’t see how they lead me to an ArcGISPortal object needed for loading the web maps and named user licensing. How is this usually done?

Let me know if I can provide any clarification.

Thanks,

Ari

0 Kudos
2 Replies
JoeHershman
MVP Regular Contributor

Wish I had an answer, but I will certainly add my name as someone who would like to understand how the redirect Urls work.  I am yet to find a good explanation

0 Kudos
Nicholas-Furness
Esri Regular Contributor

Perhaps this sample will help: https://developers.arcgis.com/net/wpf/sample-code/authenticate-with-oauth/

The key thing is that you set up a couple of things ahead of time:

  1. the OAuth configuration (in WPF that appears to be registering a ServerInfo with the Runtime's AuthenticationManager)
  2. handlers (an IOAuthAuthorizeHandler to display the OAuth page and get an auth token back from it, and the AuthenticationManager's ChallengeHandler to trigger that custom IOAuthAuthorizeHandler)

Then when you access the Portal, Runtime will take care of using the configuration and handlers to authenticate.

I'm not entirely sure about the redirect URL in .NET (I focus on the iOS SDK and each SDK handles authentication in a very platform-appropriate way) but I think the redirect URL might be fairly arbitrary, with the key part being that what's configured in the Developer Dashboard matches what's configured in the Runtime app's OAuthClientInfo, and that the app is configured to recognize the URL. Either way, I think that sample above will help. Hopefully someone on the .NET team can clarify just how an app is configured to be associated with a redirect URL.

0 Kudos