microsoft-authentication-library-for-dotnet: [Bug] Android 14 users unable to sign in to our app
Library version used
4.56.0
.NET version
Xamarin / .NET 5
Scenario
ManagedIdentityClient - managed identity
Is this a new or an existing app?
The app is in production, I haven’t upgraded MSAL, but started seeing this issue
Issue description and reproduction steps
We are receiving reports from Android 14 users that they can’t sign into our app. Repro steps are:
Launch app without already being signed in, or sign out and attempt to sign back in. MS Identity client takes user to browser and presents our login screen. User enters their credentials and taps login. Activity indicator is shown while credentials are verified. The user is taken from the browser to a second instance of our app instead of being returned to the first instance that initiated the sign in process. The new instance shows nothing but a white screen.
Performing the above steps on Android 13 or older devices works as expected.
Screenshots:
Relevant code snippets
No app code is involved that we know of.
Expected behavior
Users are returned to our app and it continues to function as expected.
Identity provider
Azure B2C Custom Policy
Regression
No response
Solution and workarounds
No response
About this issue
- Original URL
- State: closed
- Created 9 months ago
- Reactions: 17
- Comments: 21 (1 by maintainers)
@tbaggett Good to hear that it works. Thank you for providing all the details.
Ack, this seems serious. Note that MSAL (the SDK) does not own the content of the authorize pages, the service (B2C) does. And it looks like none of you upgraded MSAL or made app deployments.
I am following up with the B2C team to understand if any B2C service deployments have occurred.
I recommend that you reach out to Microsoft support (e.g. via the Azure portal) to raise the incident visiblity.
It is possible. I haven’t looked into how MS implemented their cross-platform splash screen on Android yet.
We are in the process of converting our Xamarin Forms app to MAUI. I will test the MAUI version on an Android 14 device to see if I also see the multiple activities there. I will let you know if I see the same issue there.
We have determined the root cause of the issue and a way to fix it. I will provide the details because other Android apps using Azure B2C login may also experience this issue.
Our Android app has a dedicated Activity for use as a splash screen. It is set as the main launcher activity so that the Android OS will create and display it when the app is started. This activity then creates an instance of our MainActivity and navigates to it. This has been a common pattern used when a splash screen is desired in Android apps, as the OS didn’t offer splash screen support for a long time.
Our splash Activity also has a launch mode configuration of “SingleTask”, which should prevent multiple separate instances of the app appearing. This combination of activities and launch modes have worked as expected prior to Android 14. Android 14 is not respecting this configuration.
The two app instances seen in my earlier screenshots occur due to the splash and main Activities being created and can be seen before the login webview is seen. Upon successful login, the B2C login appears to be switching to the splash screen activity instead of the main activity that it was initiated from.
Beginning with Android API 31, Android supports proper splash screens. We implemented the native Android splash screen support and removed the splash screen Activity. We also changed the main Activity to be launched by Android when our app is started. We will also integrate the AndroidX SplashScreen compat library into a future release of the app to restore the splash screen for Android APIs prior to 31.
We have confirmed that this change fixes the login issue in Android 14. We will be conducting additional testing across more Android versions and devices and will provide updates if issues are found.