I would like to use the Resource Owner Password Credentials Grant in my app.
I’m aware that’s not the best implementation of Oauth2 and could leads to security problems.
- The resource owner and the client are “mine”
- I can’t change the API aka I must send
client_id, client_secret, username, password, grant_type:'password'in order to receive tokens
I was reading and trying ot use AppAuth but it’s “deprecated” and I don’t see how I could possibly send all those params …
Should I use OAuthProps. additionalParameters in order to add my username/password/grant_type to the request ? (It didn’t work)
The AuthSession Doc isn’t very clear either…
I’ve took a look at react-native-app-auth package but still don’t see the “Resource Owner Password Credentials Grant” flow well described …
Must I handle the OAuth workflow on my own ?
(SDK 40.0.1 for Android and iOS)