vk_id

Description:

vk id

VK ID #


Pure dart impl of OAuth VK ID API.
The module allows to generate 'authorize' link, retrieve OAuth token and user data
General #

Dart SDK >=3.3.0

Supports 2 modes:

Front-end authorization code exchange without SDK: Generating random code_verifier and state at front-end
Back-end authorization code exchange without SDK: Generating random code_verifier and state at back-end and sending code_challenge with state to front-end

Supports VK app platforms:

Android
iOS
Web

Notice: You aren't strictly bound between the hardware and the VK app platform. For example, you can authorize on iOS VK app using Android device
Supports VK ID APIs:

Generating 'auhtorize' link for VK ID with code_verifier or code_challenge
Exchange received from passed user login redirect authorization code for access, refresh, id tokens
Refresh access token through refresh token
Get public (masked) user info
Get full (unmasked) user info
Revoke permissions for authorization
Invalidate authorization (Logout)

Notice: This module doesn't support user authorization. Use webview on flutter context to do it
Setup #

Create and setup VK app
Create VkIDController instance with VK app client ID

If you have previously saved authorization, you can set init oauth and profile data for controller ctor
Authorization #
Generating authorize link #
You may generate authorize link itself (redirect_uri and code_challenge or code_verifier) or request the generated link from back-end

Android, iOS: Redirect uri must be 'vk{clientID}://vk.com/blank.html'. Otherwise VK will throw an error for authorize
Web: Redirect uri must match with uri from VK web app settings. Also you can use default value from Android and iOS apps (vk{clientID}://vk.com/blank.html)

Authorize link generation examples

Android and iOS with code_challenge

final controller = VkIDController(clID: 1234567890);
//Generate code_verifier and code_challenge itself or get code_challenge from back-end
final codeChallenge = "1234567890RND0987654321";
final uri = controller.generateAuthorizeLinkWithCodeChallenge(codeChallenge: codeChallenge);
copied to clipboard

Android and iOS with random code_verifier

final controller = VkIDController(clID: 1234567890);
final codeVerifierWithUri = controller.generateAuthorizeLinkWithCodeVerifier();
copied to clipboard

Android and iOS with user-defined code_verifier

final controller = VkIDController(clID: 1234567890);
//Generate code_verifier
final codeVerifier = "1234567890RND0987654321";
final codeVerifierWithUri = controller.generateAuthorizeLinkWithCodeVerifier(codeVerifier: codeVerifier);
copied to clipboard

Web with code_challenge and user-defined redirect_uri from VK web app settings

final controller = VkIDController(clID: 1234567890);
final redirectUri = "https://site.com/redirect";
//Generate code_verifier and code_challenge itself or get code_challenge from back-end
final codeChallenge = "1234567890RND0987654321";
final uri = controller.generateAuthorizeLinkWithCodeChallenge(codeChallenge: codeChallenge, redirectUri: redirectUri);
copied to clipboard

Web with code_challenge and default redirect_uri

final controller = VkIDController(clID: 1234567890);
//Generate code_verifier and code_challenge itself or get code_challenge from back-end
final codeChallenge = "1234567890RND0987654321";
final uri = controller.generateAuthorizeLinkWithCodeChallenge(codeChallenge: codeChallenge);
copied to clipboard

Web with random code_verifier and user-defined redirect_uri from VK web app settings

final controller = VkIDController(clID: 1234567890);
final redirectUri = "https://site.com/redirect";
//Generate code_verifier
final codeVerifier = "1234567890RND0987654321";
final codeVerifierWithUri = controller.generateAuthorizeLinkWithCodeVerifier(codeVerifier: codeVerifier);
copied to clipboard

Web with random code_verifier and default redirect_uri

final controller = VkIDController(clID: 1234567890);
//Generate code_verifier
final codeVerifier = "1234567890RND0987654321";
final codeVerifierWithUri = controller.generateAuthorizeLinkWithCodeVerifier(codeVerifier: codeVerifier);
copied to clipboard
Authorizing on VK ID #
You need flutter context and webview to handle it
Pass authorize link to webview. Also include NavigationDelegate for preventing redirect navigation requests. See example for details
On success authorization you will be redirected by uri from redirect_uri + query parameters

Front-end mode: Block redirect from id.vk.com on webview context (Prevent navigation request). Also you need extract 'code' and 'device_id' parameters from query for exchanging OAuth token
Back-end mode: If VK app is web, don't block redirect. Otherwise block it and process authorization data

Retrieve OAuth token #

Front-end mode: Use controller method to exchange authorization_code for access_token
Back-end mode: Send, if needed, data to back-end for exchanging

VK ID controller refreshes the access token itself if necessary