As I understand it, the MAUI mobile application generated by ABP Suite seem to use Preferences instead of SecureStorage for storing JWT tokens which AFAIK isn't the recommended way of doing it as it is not as secure as SecureStorage. There is even a community post about this
https://community.abp.io/posts/using-abp-client-proxies-in-maui-with-openid-connect-em7x1s8k
private async Task SetTokenCacheAsync(string accessToken, string refreshToken)
{
await _storage.SetAsync(IssueTrackrConsts.OidcConsts.AccessTokenKeyName, accessToken);
await _storage.SetAsync(IssueTrackrConsts.OidcConsts.RefreshTokenKeyName, refreshToken);
}
private async Task ClearTokenCacheAsync()
{
await _storage.RemoveAsync(IssueTrackrConsts.OidcConsts.AccessTokenKeyName);
await _storage.RemoveAsync(IssueTrackrConsts.OidcConsts.RefreshTokenKeyName);
}
public class DefaultStorage : IStorage, ITransientDependency
{
public Task<string> GetAsync(string key)
{
return Task.FromResult(Preferences.Get(key, string.Empty));
}
public Task SetAsync(string key, string value)
{
Preferences.Set(key, value);
return Task.CompletedTask;
}
public Task RemoveAsync(string key)
{
Preferences.Remove(key);
return Task.CompletedTask;
}
}
7 Answer(s)
-
0
Hi @improwise
As mentioned in article, Secure Storage requires platform-specific configuration. Preferences usage is for development purposes. You should replace it for production.
-
0
Hi @improwise
As mentioned in article, Secure Storage requires platform-specific configuration. Preferences usage is for development purposes. You should replace it for production.
Even so that should probably be highlighted more than it is today, as I would assume that most people would assume that generated code is "best in class" and being ready for production (as ready as anything MAUI can be).
Just noticed that it was your community post I linked to :)
-
0
Thanks for your feedback, We'll make it more visible in the template and documentation.
-
1
We completed all the configurations in the template and add a section to the documentation about iOS configuration. With the new version, SecureStorage will be used in startup templates.
-
0
We completed all the configurations in the template and add a section to the documentation about iOS configuration. With the new version, SecureStorage will be used in startup templates.
Great. thanks. Is that expected to make the version 6 release then?
-
0
Yes, it'll be included in v6.0 and it'll be released very soon.
-
0
Yes, it'll be included in v6.0 and it'll be released very soon.
Quick question, how do we keep track of changes between versions in the ABP Commercial as I would imagine those are never available via GitHub, neither as Issues nor code? By creating a new ABP Suite project I can see that this changes seem to be included now but would like to be able to track changes more in detail. Thanks.
