I'm not an expert desktop and mobile developer. My experience in this field is from a while ago, particularly in mobile development, where I wouldn't claim professional competence. Most of the time, I've created desktop console applications supporting backend processing. Still, I know how hard it is to build native applications with a GUI, especially when cross-platform support is required.
When I heard about .NET MAUI, I immediately thought it would be an ambitious and very interesting project. Several development teams dream of having a single codebase (or so) for applications that can run on different platforms.
.NET MAUI and OpenID Connect
I had the chance to play with MAUI to explore the integration with Auth0 authentication, which is based on OpenID Connect, a standard authentication protocol. However, since my first attempt around mid-2022, I immediately ran into issues on the Windows platform.
As you may know, OpenID Connect is a browser-based authentication protocol. This means that authentication is performed by opening the Identity Provider's login page in a system browser window. Auth0's experience is similar to what happens when you access a website using your Google or Facebook account.
While you might consider using an embedded WebView in your native application, best practices recommend launching authentication in a separate system browser window. Among other things, this allows you to benefit from Single Sign-On. But let's not digress.
.NET MAUI leverages the WebAuthenticator class to initiate the browser-based OpenID Connect authentication flow. While this approach provides a seamless experience for user login on platforms like Android, iOS, and macOS, developers encounter significant challenges with Windows when implementing secure authentication in their .NET MAUI applications. This was true three years ago, and it is still true at the time of writing:
A Frustrating Experience
You know, I'm not the only one surprised by this issue. If you take a look at the long threads around this issue, you can see many developers are complaining about the missing support for a very common feature such as authentication in Microsoft's own operating system!
But developers are not sitting idly by. Some have rolled up their sleeves and found workarounds. My colleagues on the SDK team have also implemented a solution inspired by the one adopted by WinUIEx.
Thanks to this workaround implemented by the Auth0 MAUI SDK, I was able to create some sample apps, write some tutorials, and add a MAUI template to the Auth0 Templates for .NET package.
Everything worked fine until .NET 9. With the latest release, once again, OpenID Connect integration stopped working in applications migrated to .NET 9, and the threads restarted (if ever they have actually stopped).
We also had some requests for help in the Auth0 Community forum.
The Ongoing Journey of .NET MAUI Authentication on Windows
Bottom line, MAUI developers had to revise their workarounds to fix the OIDC integration once again. My colleagues on the SDK team were also great in finding a way to fix the issue once again and update the MAUI SDK to support OIDC in .NET 9. On my side, I took the opportunity to update the Auth0 Templates for .NET package just in these days and provide you with a working .NET MAUI template for Windows.
From some ongoing discussions, it seems like there is a glimmer of light for the future. It goes without saying that every MAUI developer is looking forward to the resolution of this complicated relationship between MAUI, OpenID Connect, and Windows.
And you? What has been your experience integrating OpenID Connect authentication in MAUI applications on Windows? Share your story below.👇
Top comments (0)