From 96d4db86caee5a48baa2db25b657634593072cce Mon Sep 17 00:00:00 2001
From: "Guillaume \"B.B.\" Van Hemmen"
<GuillaumeHemmen@noreply.git.van-hemmen.com>
Date: Thu, 17 Oct 2024 12:50:33 +0200
Subject: [PATCH 1/7] #0000 - Update OAuth discovery URL in app/index.tsx
Changed the OAuth discovery URL to point to the integration environment. This ensures the authentication flow interacts with the intended backend during development and testing.
---
app/index.tsx | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/app/index.tsx b/app/index.tsx
index 5a021bc..8c17255 100644
--- a/app/index.tsx
+++ b/app/index.tsx
@@ -15,7 +15,7 @@ export default function indexScreen() {
const clientId = '509-marn-app';
- const discovery = AuthSession.useAutoDiscovery('https://fes509-ref.m-team.be/login/oauth2/realms/root/realms/509');
+ const discovery = AuthSession.useAutoDiscovery('https://auth-integ.partenamut.be/login/oauth2');
const [request, result, promptAsync] = AuthSession.useAuthRequest(
{
From 6352d7f8a09292c3c941f0cbd4219274817bc0fa Mon Sep 17 00:00:00 2001
From: "Guillaume \"B.B.\" Van Hemmen"
<GuillaumeHemmen@noreply.git.van-hemmen.com>
Date: Thu, 17 Oct 2024 12:52:33 +0200
Subject: [PATCH 2/7] #0000 - Update redirect URI and client ID for
authentication
Changed the redirect URI and client ID to align with the new POC setup. This update ensures compatibility with the new authentication server configuration.
---
app/index.tsx | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/app/index.tsx b/app/index.tsx
index 8c17255..0b0d69f 100644
--- a/app/index.tsx
+++ b/app/index.tsx
@@ -6,14 +6,14 @@ import {Button, Text, View} from "react-native";
WebBrowser.maybeCompleteAuthSession();
// const redirectURI = AuthSession.makeRedirectUri({native: 'http://127.0.0.1:8082/ssoCallback', // TODO: why is it translated to localhost? Why /ssoCallback is missing?});
-const redirectURI = 'https://poc-sso-marn.van-hemmen.com/ssoCallback';
+const redirectURI = 'https://poc-sso-marn-500.van-hemmen.com/ssoCallback';
console.log(redirectURI);
export default function indexScreen() {
const [tokenResponse, setTokenResponse] = useState<TokenResponse | null>(null);
- const clientId = '509-marn-app';
+ const clientId = '509-marn-poc-app';
const discovery = AuthSession.useAutoDiscovery('https://auth-integ.partenamut.be/login/oauth2');
From 6e9430675502d4bac43cb32cd869f0028dc424fc Mon Sep 17 00:00:00 2001
From: "Guillaume \"B.B.\" Van Hemmen"
<GuillaumeHemmen@noreply.git.van-hemmen.com>
Date: Mon, 21 Oct 2024 09:58:34 +0200
Subject: [PATCH 3/7] #0000 - Add Nginx setup to Dockerfile with CORS support
This commit introduces the Nginx setup by using the official Nginx Alpine image and copying the custom Nginx configuration into the Docker container. It also includes CORS headers in the Nginx configuration to allow requests from any origin with specific headers and methods.
---
Dockerfile | 11 +++++++++++
nginx.conf | 27 +++++++++++++++++++++++++++
2 files changed, 38 insertions(+)
create mode 100644 nginx.conf
diff --git a/Dockerfile b/Dockerfile
index 1219c09..3c91e38 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,3 +1,14 @@
+# Use the official Nginx image from Docker Hub
FROM nginx:alpine3.20
+# Copy your application files to the appropriate directory if needed
COPY dist /usr/share/nginx/html
+
+# Copy custom Nginx configuration file to the container
+COPY nginx.conf /etc/nginx/nginx.conf
+
+# Expose the port that the application is running on
+EXPOSE 80
+
+# Start Nginx when the container launches
+CMD ["nginx", "-g", "daemon off;"]
diff --git a/nginx.conf b/nginx.conf
new file mode 100644
index 0000000..5d89e32
--- /dev/null
+++ b/nginx.conf
@@ -0,0 +1,27 @@
+server {
+ listen 80;
+ server_name yourdomain.com;
+
+ location / {
+ # other settings...
+
+ # Allow CORS for all domains (or specify a particular domain instead of *)
+ add_header 'Access-Control-Allow-Origin' '*';
+
+ # Allow specific headers
+ add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
+
+ # Allow specific methods
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
+
+ if ($request_method = 'OPTIONS') {
+ add_header 'Access-Control-Allow-Origin' '*';
+ add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
+ add_header 'Access-Control-Max-Age' 1728000;
+ add_header 'Content-Type' 'text/plain; charset=utf-8';
+ add_header 'Content-Length' 0;
+ return 204;
+ }
+ }
+}
From d15bf1c7d3c636bf6ae8ee3fec218e3290055ad4 Mon Sep 17 00:00:00 2001
From: "Guillaume \"B.B.\" Van Hemmen"
<GuillaumeHemmen@noreply.git.van-hemmen.com>
Date: Mon, 21 Oct 2024 10:06:40 +0200
Subject: [PATCH 4/7] #0000 - Reorganize and enhance the NGINX configuration
structure
Introduce a refined NGINX configuration template with user, worker settings, and modular include directives. This improves clarity and allows easier integration of additional configuration files, while maintaining existing CORS settings.
---
nginx.conf | 57 ++++++++++++++++++++++++++++++++----------------------
1 file changed, 34 insertions(+), 23 deletions(-)
diff --git a/nginx.conf b/nginx.conf
index 5d89e32..4ee8485 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -1,27 +1,38 @@
-server {
- listen 80;
- server_name yourdomain.com;
+user www-data;
+ worker_processes auto;
+ pid /run/nginx.pid;
+ include /etc/nginx/modules-enabled/*.conf;
- location / {
- # other settings...
+ events {
+ worker_connections 768;
+ }
- # Allow CORS for all domains (or specify a particular domain instead of *)
- add_header 'Access-Control-Allow-Origin' '*';
+ http {
+ server {
+ listen 80;
+ server_name yourdomain.com;
- # Allow specific headers
- add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
+ location / {
+ # other settings...
+ # Allow CORS for all domains (or specify a particular domain instead of *)
+ add_header 'Access-Control-Allow-Origin' '*';
+ # Allow specific headers
+ add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
+ # Allow specific methods
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
+ if ($request_method = 'OPTIONS') {
+ add_header 'Access-Control-Allow-Origin' '*';
+ add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
+ add_header 'Access-Control-Max-Age' 1728000;
+ add_header 'Content-Type' 'text/plain; charset=utf-8';
+ add_header 'Content-Length' 0;
+ return 204;
+ }
+ }
+ }
- # Allow specific methods
- add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
-
- if ($request_method = 'OPTIONS') {
- add_header 'Access-Control-Allow-Origin' '*';
- add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
- add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
- add_header 'Access-Control-Max-Age' 1728000;
- add_header 'Content-Type' 'text/plain; charset=utf-8';
- add_header 'Content-Length' 0;
- return 204;
- }
- }
-}
+ # Include other server and configuration files
+ include /etc/nginx/conf.d/*.conf;
+ include /etc/nginx/sites-enabled/*;
+ }
From 7d017d7feb3c3890da79c5c77400a5e52e8a88c5 Mon Sep 17 00:00:00 2001
From: "Guillaume \"B.B.\" Van Hemmen"
<GuillaumeHemmen@noreply.git.van-hemmen.com>
Date: Mon, 21 Oct 2024 10:18:32 +0200
Subject: [PATCH 5/7] #0000 - Reorganize and enhance the NGINX configuration
structure
Introduce a refined NGINX configuration template with user, worker settings, and modular include directives. This improves clarity and allows easier integration of additional configuration files, while maintaining existing CORS settings.
---
Dockerfile | 2 +-
nginx-extra.conf | 18 ++++++++++++++++++
nginx.conf | 38 --------------------------------------
3 files changed, 19 insertions(+), 39 deletions(-)
create mode 100644 nginx-extra.conf
delete mode 100644 nginx.conf
diff --git a/Dockerfile b/Dockerfile
index 3c91e38..62b3354 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -5,7 +5,7 @@ FROM nginx:alpine3.20
COPY dist /usr/share/nginx/html
# Copy custom Nginx configuration file to the container
-COPY nginx.conf /etc/nginx/nginx.conf
+COPY nginx-extra.conf /etc/nginx/conf.d/nginx-extra.conf
# Expose the port that the application is running on
EXPOSE 80
diff --git a/nginx-extra.conf b/nginx-extra.conf
new file mode 100644
index 0000000..71230cc
--- /dev/null
+++ b/nginx-extra.conf
@@ -0,0 +1,18 @@
+location / {
+ # other settings...
+ # Allow CORS for all domains (or specify a particular domain instead of *)
+ add_header 'Access-Control-Allow-Origin' '*';
+ # Allow specific headers
+ add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
+ # Allow specific methods
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
+ if ($request_method = 'OPTIONS') {
+ add_header 'Access-Control-Allow-Origin' '*';
+ add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
+ add_header 'Access-Control-Max-Age' 1728000;
+ add_header 'Content-Type' 'text/plain; charset=utf-8';
+ add_header 'Content-Length' 0;
+ return 204;
+ }
+}
diff --git a/nginx.conf b/nginx.conf
deleted file mode 100644
index 4ee8485..0000000
--- a/nginx.conf
+++ /dev/null
@@ -1,38 +0,0 @@
-user www-data;
- worker_processes auto;
- pid /run/nginx.pid;
- include /etc/nginx/modules-enabled/*.conf;
-
- events {
- worker_connections 768;
- }
-
- http {
- server {
- listen 80;
- server_name yourdomain.com;
-
- location / {
- # other settings...
- # Allow CORS for all domains (or specify a particular domain instead of *)
- add_header 'Access-Control-Allow-Origin' '*';
- # Allow specific headers
- add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
- # Allow specific methods
- add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
- if ($request_method = 'OPTIONS') {
- add_header 'Access-Control-Allow-Origin' '*';
- add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
- add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
- add_header 'Access-Control-Max-Age' 1728000;
- add_header 'Content-Type' 'text/plain; charset=utf-8';
- add_header 'Content-Length' 0;
- return 204;
- }
- }
- }
-
- # Include other server and configuration files
- include /etc/nginx/conf.d/*.conf;
- include /etc/nginx/sites-enabled/*;
- }
From 54f17cc4f2a4be2d07071dce9c3227b199f32745 Mon Sep 17 00:00:00 2001
From: "Guillaume \"B.B.\" Van Hemmen"
<GuillaumeHemmen@noreply.git.van-hemmen.com>
Date: Mon, 21 Oct 2024 10:25:13 +0200
Subject: [PATCH 6/7] #0000 - Reorganize and enhance the NGINX configuration
structure
Introduce a refined NGINX configuration template with user, worker settings, and modular include directives. This improves clarity and allows easier integration of additional configuration files, while maintaining existing CORS settings.
---
nginx-extra.conf | 37 ++++++++++++++++++++-----------------
1 file changed, 20 insertions(+), 17 deletions(-)
diff --git a/nginx-extra.conf b/nginx-extra.conf
index 71230cc..e77cbe4 100644
--- a/nginx-extra.conf
+++ b/nginx-extra.conf
@@ -1,18 +1,21 @@
-location / {
- # other settings...
- # Allow CORS for all domains (or specify a particular domain instead of *)
- add_header 'Access-Control-Allow-Origin' '*';
- # Allow specific headers
- add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
- # Allow specific methods
- add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
- if ($request_method = 'OPTIONS') {
- add_header 'Access-Control-Allow-Origin' '*';
- add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
- add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
- add_header 'Access-Control-Max-Age' 1728000;
- add_header 'Content-Type' 'text/plain; charset=utf-8';
- add_header 'Content-Length' 0;
- return 204;
- }
+server {
+ listen 80;
+ location / {
+ # other settings...
+ # Allow CORS for all domains (or specify a particular domain instead of *)
+ add_header 'Access-Control-Allow-Origin' '*';
+ # Allow specific headers
+ add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
+ # Allow specific methods
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
+ if ($request_method = 'OPTIONS') {
+ add_header 'Access-Control-Allow-Origin' '*';
+ add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization';
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
+ add_header 'Access-Control-Max-Age' 1728000;
+ add_header 'Content-Type' 'text/plain; charset=utf-8';
+ add_header 'Content-Length' 0;
+ return 204;
+ }
+ }
}
From 99800ab3a76bd6b57d8edc51f9a24c35627afb7b Mon Sep 17 00:00:00 2001
From: "Guillaume \"B.B.\" Van Hemmen"
<GuillaumeHemmen@noreply.git.van-hemmen.com>
Date: Mon, 21 Oct 2024 10:53:59 +0200
Subject: [PATCH 7/7] #0000 - Modify OAuth discovery to hard-coded
configuration
Replaced the dynamic useAutoDiscovery function with a hard-coded configuration object. This change ensures more control over OAuth parameters and might address any dynamic discovery issues encountered before.
---
app/index.tsx | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 55 insertions(+), 1 deletion(-)
diff --git a/app/index.tsx b/app/index.tsx
index 0b0d69f..d2b5cbe 100644
--- a/app/index.tsx
+++ b/app/index.tsx
@@ -15,7 +15,61 @@ export default function indexScreen() {
const clientId = '509-marn-poc-app';
- const discovery = AuthSession.useAutoDiscovery('https://auth-integ.partenamut.be/login/oauth2');
+ // const discovery = AuthSession.useAutoDiscovery('https://auth-integ.partenamut.be/login/oauth2');
+ const discovery = {
+ "request_parameter_supported": true,
+ "pushed_authorization_request_endpoint": "https://auth-integ.partenamut.be/login/oauth2/par",
+ "introspection_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES+A192KW", "RSA-OAEP", "ECDH-ES+A128KW", "RSA-OAEP-256", "A128KW", "A256KW", "ECDH-ES", "dir", "A192KW"],
+ "claims_parameter_supported": false,
+ "introspection_endpoint": "https://auth-integ.partenamut.be/login/oauth2/introspect",
+ "issuer": "https://auth-integ.partenamut.be/login/oauth2",
+ "id_token_encryption_enc_values_supported": ["A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512"],
+ "userinfo_encryption_enc_values_supported": ["A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512"],
+ "authorization_endpoint": "https://auth-integ.partenamut.be/login/oauth2/authorize",
+ "authorization_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES+A192KW", "RSA-OAEP", "ECDH-ES+A128KW", "RSA-OAEP-256", "A128KW", "A256KW", "ECDH-ES", "dir", "A192KW"],
+ "introspection_encryption_enc_values_supported": ["A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512"],
+ "claims_supported": [],
+ "rcs_request_signing_alg_values_supported": ["PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512"],
+ "token_endpoint_auth_methods_supported": ["client_secret_post", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth", "none", "client_secret_basic"],
+ "tls_client_certificate_bound_access_tokens": true,
+ "response_modes_supported": ["query.jwt", "fragment", "jwt", "form_post.jwt", "form_post", "fragment.jwt", "query"],
+ "backchannel_logout_session_supported": true,
+ "token_endpoint": "https://auth-integ.partenamut.be/login/oauth2/access_token",
+ "response_types_supported": ["code token id_token", "code", "code id_token", "id_token", "code token", "token", "token id_token"],
+ "authorization_encryption_enc_values_supported": ["A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512"],
+ "revocation_endpoint_auth_methods_supported": ["client_secret_post", "private_key_jwt", "self_signed_tls_client_auth", "tls_client_auth", "none", "client_secret_basic"],
+ "request_uri_parameter_supported": true,
+ "grant_types_supported": ["implicit", "urn:ietf:params:oauth:grant-type:saml2-bearer", "refresh_token", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:device_code", "authorization_code", "urn:openid:params:grant-type:ciba", "urn:ietf:params:oauth:grant-type:uma-ticket", "urn:ietf:params:oauth:grant-type:token-exchange", "urn:ietf:params:oauth:grant-type:jwt-bearer"],
+ "version": "3.0",
+ "userinfo_endpoint": "https://auth-integ.partenamut.be/login/oauth2/userinfo",
+ "require_request_uri_registration": true,
+ "code_challenge_methods_supported": ["plain", "S256"],
+ "id_token_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES+A192KW", "RSA-OAEP", "ECDH-ES+A128KW", "RSA-OAEP-256", "A128KW", "A256KW", "ECDH-ES", "dir", "A192KW"],
+ "authorization_signing_alg_values_supported": ["PS384", "RS384", "EdDSA", "ES384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512"],
+ "request_object_signing_alg_values_supported": ["PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512"],
+ "request_object_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES+A192KW", "ECDH-ES+A128KW", "RSA-OAEP", "RSA-OAEP-256", "A128KW", "A256KW", "ECDH-ES", "dir", "A192KW"],
+ "rcs_response_signing_alg_values_supported": ["PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512"],
+ "introspection_signing_alg_values_supported": ["PS384", "RS384", "EdDSA", "ES384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512"],
+ "check_session_iframe": "https://auth-integ.partenamut.be/login/oauth2/connect/checkSession",
+ "scopes_supported": [],
+ "backchannel_logout_supported": true,
+ "acr_values_supported": ["itsmeAffiliation", "eid", "impersonate", "impersonateNew", "usernamePassword", "fasCitizenLevel400", "itsme"],
+ "request_object_encryption_enc_values_supported": ["A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512"],
+ "rcs_request_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES+A192KW", "RSA-OAEP", "ECDH-ES+A128KW", "RSA-OAEP-256", "A128KW", "A256KW", "ECDH-ES", "dir", "A192KW"],
+ "userinfo_signing_alg_values_supported": ["ES384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512"],
+ "require_pushed_authorization_requests": false,
+ "rcs_response_encryption_enc_values_supported": ["A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512"],
+ "userinfo_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES+A192KW", "RSA-OAEP", "ECDH-ES+A128KW", "RSA-OAEP-256", "A128KW", "A256KW", "ECDH-ES", "dir", "A192KW"],
+ "end_session_endpoint": "https://auth-integ.partenamut.be/login/oauth2/connect/endSession",
+ "rcs_request_encryption_enc_values_supported": ["A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512"],
+ "revocation_endpoint": "https://auth-integ.partenamut.be/login/oauth2/token/revoke",
+ "rcs_response_encryption_alg_values_supported": ["ECDH-ES+A256KW", "ECDH-ES+A192KW", "ECDH-ES+A128KW", "RSA-OAEP", "RSA-OAEP-256", "A128KW", "A256KW", "ECDH-ES", "dir", "A192KW"],
+ "token_endpoint_auth_signing_alg_values_supported": ["PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512"],
+ "jwks_uri": "https://auth-integ.partenamut.be/login/oauth2/connect/jwk_uri",
+ "subject_types_supported": ["public", "pairwise"],
+ "id_token_signing_alg_values_supported": ["PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512"],
+ "registration_endpoint": "https://auth-integ.partenamut.be/login/oauth2/register"
+ }
const [request, result, promptAsync] = AuthSession.useAuthRequest(
{