Oauth2 客户端和开放 ID 连接 在 Flutter 中 - 授权代码授予类型

所以大多数的教程去授权只是使用Firebase的Auth，和大多数后端工作被照顾。

我需要在Dart/Flutter中为Intuit的Quickbooks Online创建一个OAuth客户端。

我的基本理解是当用户启动我的Flutter Web应用程序时，我弹出一个屏幕来启动授权代码授予- OAuth。

他们使用这个弹出屏幕登录Intuit Quickbooks，然后授予我的应用程序权限。

此时我的应用程序应该收到一个授权码。

我猜我需要在我的谷歌云Firestore存储此授权码?

我需要将此授权码发送回Intuit &收到2件东西:一个访问令牌&a刷新令牌。

我想我也应该把这些存储在云Firestore?

但是我看不出云功能在这幅图中有什么作用。是否使用云功能对云存储进行写/读操作?

如何处理用户会话?我还需要解决状态管理。

我开始理解为什么很多人只使用内置的、开箱即用的Firebase Auth功能，因为在Dart/Flutter中开发自定义OAuth客户端是一项艰巨的任务。

我开始感到困惑&丢失。我需要一些建议，或者组织，因为我忘记了需要修改、设计或开发的东西。

Main.dart

import 'package:firebase_core/firebase_core.dart';
import 'package:flutter/material.dart';
import 'package:http/http.dart' as http;
import 'dart:html' as html;
import 'dart:convert';w
import 'package:cloud_firestore/cloud_firestore.dart';
Future main() async {
WidgetsFlutterBinding.ensureInitialized();
await Firebase.initializeApp();
runApp(App());
}
class App extends StatefulWidget {
// Create the initialization Future outside of `build`:
@override
_AppState createState() => _AppState();
}
class _AppState extends State<App> {
final Future<FirebaseApp> _initialization = Firebase.initializeApp();
@override
Widget build(BuildContext context) {
return FutureBuilder(
/// Initialize FlutterFire:
future: _initialization,
builder: (context, snapshot) {
if (snapshot.hasError) {
return Text(snapshot.error.toString());
}
/// Once complete, show your application
if (snapshot.connectionState == ConnectionState.done) {
return MyApp();
}
/// Otherwise, show something whilst waiting for initialization to complete
return CircularProgressIndicator();
},
);
}
}

/// Client id provided by Intuit, our production app ClientID
const String clientId = "ABS0R9arxiHjNcAb0rP7OMs8aS1FRiMIINxOkhQimUPewGmQ2H";
const String clientSecret = "";
class MyApp extends StatelessWidget {
/// This widget is the root of your application.
@override
Widget build(BuildContext context) {
return MaterialApp(
title: 'Title',
debugShowCheckedModeBanner: false,
theme: ThemeData(
primaryColor: cPrimaryColor,
visualDensity: VisualDensity.adaptivePlatformDensity,
),
home: MyHomePage(),
);
}
}
class MyHomePage extends StatefulWidget {
@override
_MyHomePageState createState() => _MyHomePageState();
}
class _MyHomePageState extends State<MyHomePage> {
late String _token;
late html.WindowBase _popupWin;
Future<String> _validateToken() async {
final response = await http.get(
Uri.parse('https://appcenter.intuit.com/connect/oauth2'),
headers: {'Authorization': 'OAuth $_token'},
);
return (jsonDecode(response.body) as Map<String, dynamic>)['login']
.toString();
}
void _login(String data) {
/// Parse data to extract the token.
final receivedUri = Uri.parse(data);
/// Close the popup window
if (_popupWin != null) {
_popupWin.close();
_popupWin == null; // changed = to ==
}
setState(() => _token = receivedUri.fragment
.split('&')
.firstWhere((e) => e.startsWith('access_token='))
.substring('access_token='.length));
}
@override
void initState() {
super.initState();
/// Listen to message send with `postMessage`.
html.window.onMessage.listen((event) {
/// The event contains the token which means the user is connected.
if (event.data.toString().contains('access_token=')) {
_login(event.data);
}
});
/// You are not connected so open the Intuit authentication page.
WidgetsBinding.instance!.addPostFrameCallback((_) {
final currentUri = Uri.base;
final redirectUri = Uri(
host: currentUri.host,
scheme: currentUri.scheme,
port: currentUri.port,
path: '/static.html',
);
final authUrl = //TODO add state=security_token
'https://appcenter.intuit.com/connect/oauth2?client_id=ABS0R9arxiHjNcAb0rP7OMs8aS1FRiMIINxOkhQimUPewGmQ2H&response_type=code&scope=com.intuit.quickbooks.accounting&redirect_uri=https://google.com/&state=security_token%3D138r5719ru3e1%26url%3Dhttps://qb-payment-app.web.app/';
_popupWin = html.window.open(
authUrl, "Intuit QuickBooks Online Auth", "width=800, height=900, scrollbars=yes");
});
}
@override
Widget build(BuildContext context) {
return Scaffold(
appBar: AppBar(
title: const Text('My App Bar'),
)
);
}
}