flutter_secure_auth 🔒 #

A secure, lightweight, and null-safe authentication package for Flutter.
It supports:

• 🔐 OAuth2 PKCE Authorization Code flow
• 🔁 Access/Refresh token handling
• 🧠 Auto token refresh
• 💾 Secure token storage (Keychain / Keystore)
• ⚡ Easy REST integration

Designed for developers who want security + simplicity when integrating login systems in Flutter apps.

🚀 Installation #

Add this to your pubspec.yaml:

dependencies:
  flutter_secure_auth: ^0.1.0

🧩 Usage
#Initialize
final authService = AuthService(
  tokenEndpoint: Uri.parse('https://api.example.com/oauth/token'),
  revokeEndpoint: Uri.parse('https://api.example.com/oauth/revoke'),
);

#🔸 Sign in with username/password
final tokens = await authService.signInWithPassword(
  endpoint: Uri.parse('https://api.example.com/auth/login'),
  username: 'user@example.com',
  password: 'securePassword',
);

#🔸 OAuth2 PKCE Flow
final pkce = createPkcePair();
final authUrl = Uri.parse('https://auth.example.com/authorize').replace(queryParameters: {
  'response_type': 'code',
  'client_id': 'your-client-id',
  'redirect_uri': 'com.example.app:/oauthredirect',
  'scope': 'openid profile offline_access',
  'code_challenge': pkce.codeChallenge,
  'code_challenge_method': 'S256',
  'state': pkce.state,
});

// After redirect and code received:
final tokens = await authService.exchangeAuthorizationCode(
  code: 'returned-code',
  codeVerifier: pkce.codeVerifier,
  redirectUri: Uri.parse('com.example.app:/oauthredirect'),
);

#🔸 Make authorized requests
final request = http.Request('GET', Uri.parse('https://api.example.com/user'));
final authed = await authService.authorizedRequest(request);
final response = await authed.send();

#🔸 Sign out
await authService.signOut();