How to authenticate using pure Java (CLI) and safe_app_java


#1

I am experimenting with the safe_app_android and so far the things looks OK. In order to create a more convenient Java wrapper around the native bindings I am trying to create CLI client that does not use android but pure Java (to avoid any android dependencies). Is there a tutorial/example (language does not matter) where I can see how the request is made and how the Auth response is obtained?


#2

So far I was able to see that the Safe browser is listening to a port but its value is different on each start so there seems to be no way to open socket to it and do auth…


#3

Similar to mobile platforms, authentication on desktops is done via registered URI schemes. Once you’ve encoded the auth request in the application, this auth request can be sent to the safe browser by opening a URI of the format:

safe-auth://<encoded_auth_request>

The browser will decode this request and show the authentication pop-up.
Once the user allows/denies the request the authenticator opens a URI of the following format:

safe-<base64_encoded_appId>://<encoded_auth_response>

To support this you will need to register your desktop application to open for URIs with the mentioned protocol, fetch the encoded auth response with which you can connect to the network.


#4

Thanks!

What is the appId in this case, the string ID of the app (like com.example.myapp) converted to bytes and then base64 encoded?


#5

Yes, exactly.
There is one more situation that needs to be handled on desktop. Once you register the application to open from the URI, a new instance of the application would be created after authentication. The application will need to handle the maintenance of a single instance. I remember doing it using junique.

I’ll try and put together an example of the above so that others can refer it too :slight_smile:


#6

I’m not sure if it is a help or a distraction, but here’s the code (by @benno) that does auth for a SAFE CLI app: