{"id":22268147,"url":"https://github.com/curityio/android-haapi-ui-sdk-demo","last_synced_at":"2026-03-12T19:34:29.989Z","repository":{"id":74437412,"uuid":"601061534","full_name":"curityio/android-haapi-ui-sdk-demo","owner":"curityio","description":"An OpenID Connect Android demo app showing how to use the HAAPI UI SDK and hardened mobile security","archived":false,"fork":false,"pushed_at":"2026-01-30T12:31:17.000Z","size":255,"stargazers_count":1,"open_issues_count":0,"forks_count":2,"subscribers_count":4,"default_branch":"main","last_synced_at":"2026-01-31T05:34:41.854Z","etag":null,"topics":["android","code-example","haapi","mobile","oauth2","openid-connect"],"latest_commit_sha":null,"homepage":"https://curity.io/resources/learn/kotlin-android-haapi/","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/curityio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2023-02-13T09:34:20.000Z","updated_at":"2026-01-30T12:31:13.000Z","dependencies_parsed_at":"2023-12-15T09:27:41.671Z","dependency_job_id":"62b0caed-f985-4c01-9743-d2c5aee48b7b","html_url":"https://github.com/curityio/android-haapi-ui-sdk-demo","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/curityio/android-haapi-ui-sdk-demo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fandroid-haapi-ui-sdk-demo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fandroid-haapi-ui-sdk-demo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fandroid-haapi-ui-sdk-demo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fandroid-haapi-ui-sdk-demo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/curityio","download_url":"https://codeload.github.com/curityio/android-haapi-ui-sdk-demo/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fandroid-haapi-ui-sdk-demo/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30439963,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-12T14:34:45.044Z","status":"ssl_error","status_checked_at":"2026-03-12T14:09:33.793Z","response_time":114,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","code-example","haapi","mobile","oauth2","openid-connect"],"created_at":"2024-12-03T11:11:41.807Z","updated_at":"2026-03-12T19:34:29.938Z","avatar_url":"https://github.com/curityio.png","language":"Kotlin","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Android Application using the HAAPI UI SDK\n\n[![Quality](https://img.shields.io/badge/quality-test-yellow)](https://curity.io/resources/code-examples/status/)\n[![Availability](https://img.shields.io/badge/availability-source-blue)](https://curity.io/resources/code-examples/status/)\n\nAn example Android app that uses the Curity Identity Server's Hypermedia API to perform an OIDC flow.\\\nAuthentication uses native screens without the need for an external browser.\n\n## Getting Started\n\nStart with a local automated deployment to ensure that you understand the technical setup.\\\nYou can then apply the same configuration to deployed environments.\n\n### 1. Deploy the the Curity Identity Server\n\nEnsure that the local computer has these prerequisites:\n\n- A Docker engine.\n- The `envsubst` tool, e.g with `brew install gettext`.\n- The `jq` tool, e.g with `brew install jq`.\n\nFirst copy a `license.json` file for the Curity Identity Server into the root folder.\\\nThen run a Docker deployment and indicate how connected simulators or devices call the Curity Identity Server.\n\nFor example, run the following commands to connect to a macOS computer using its IP address.\\\nOr some older Android emulators might require `IDSVR_HOST_NAME` to use the special value `10.0.2.2`.\n\n```bash\nexport USE_NGROK='false'\nexport IDSVR_HOST_NAME=\"$(ipconfig getifaddr en0)\"\n./start-idsvr.sh\n```\n\n### 2. View Security Configuration\n\nThe [Mobile Deployments](https://github.com/curityio/mobile-deployments) repository explains further information about the deployed backend infrastructure.\\\nYou can view the [HAAPI Configuration](config/docker-template.xml) to understand the settings to apply to deployed environments.\n\n### 3. Test Basic Logins\n\nRun the app and first test basic logins using an HTML Form authenticator.\\\nSign in to the deployed environment and use a pre-shipped test user account.\n\n- Username: `demouser`\n- Password: `Password1`\n\n### 4. Test Native Passkey Logins\n\nPasskeys require hosting of assets documents at a trusted internet HTTPS URL.\\\nYou can use ngrok to host assets documents to enable the testing of passkeys logins.\n\nThe following example commands deploy the Curity Identity Server with a passkeys configuration.\\\nSee the tutorial link at the end of this README to learn more about the ngrok tool.\n\n```bash\nexport USE_NGROK='true'\n./start-idsvr.sh\n```\n\n### 5. Free Deployment Resources\n\nOnce you have finished local testing, free all backend resources with the following command:\n\n```bash\n./stop-idsvr.sh\n```\n\n## Application Code\n\nThe following links point you to the most essential areas of the example app's source code.\n\n### Main Source Files\n\nThis app only authenticates the user, then displays the tokens obtained from the authorization server.\\\nSee the following source files to understand how that works:\n\n- The [Configuration](app/src/main/java/io/curity/haapidemo/Configuration.kt) object contains all of the OpenID Connect settings.\n- The [DemoApplication](app/src/main/java/io/curity/haapidemo/DemoApplication.kt) shows how to create a global object to complete the configuration.\n- The [MainActivity](app/src/main/java/io/curity/haapidemo/MainActivity.kt) shows how to use a `haapiFlowLauncher` to implement a login and receive tokens.\n- The [AuthenticatedActivity](app/src/main/java/io/curity/haapidemo/authenticated/AuthenticatedActivity.kt) and [TokensFragment](app/src/main/java/io/curity/haapidemo/authenticated/TokensFragment.kt) show how to use tokens to call APIs once authentication completes.\n\n## Customizing the Look and Feel\n\nThe [HAAPI Android customization tutorial](https://curity.io/resources/learn/haapi-mobile-android-customization) explains how to change the default theme.\\\nSee also the [Developer Documentation](https://curity.io/docs/haapi-android-ui/latest/) for the finer details of customization options.\n\n## Resources\n\nSee the following tutorials for additional developer information:\n\n- The [Kotlin Android App using HAAPI](https://curity.io/resources/learn/kotlin-android-haapi/) tutorial provides an overview of the code example's behaviors.\n- The [ngrok tutorials](https://curity.io/resources/learn/mobile-setup-ngrok/) explain how to use an internet URL and [view HAAPI messages](https://curity.io/resources/learn/expose-local-curity-ngrok/#ngrok-inspection-and-status).\n- The [Configure Native Passkeys for Mobile Logins](https://curity.io/resources/learn/mobile-logins-using-native-passkeys/) tutorial explains the technical setup when using passkeys.\n- The [HAAPI Mobile Guides](https://curity.io/resources/haapi-ui-sdk/) provide further details for HAAPI mobile developers.\n- The [Implementing HAAPI Attestation Fallback](https://curity.io/resources/learn/implementing-haapi-fallback/) explains how to manage non-compliant Android devices.\n\n## Further information\n\nPlease visit [curity.io](https://curity.io/) for more information about the Curity Identity Server.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fandroid-haapi-ui-sdk-demo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcurityio%2Fandroid-haapi-ui-sdk-demo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fandroid-haapi-ui-sdk-demo/lists"}