AppAuth-Android: Android 14 Beta - AuthorizationManagementActivity fails to handle AuthIntent due to being recreated

Checklist:

  • I am using the latest release
  • I searched for existing GitHub issues
  • I read the documentation
  • I verified the client configuration matches the information in the identity provider (or I am using dynamic client registration)
  • I am either using a custom URI scheme or https with App Links for client redirect.

Configuration

  • Version: 0.11.1
  • Integration: (native(Kotlin))
  • Identity provider: (Google, Okta)

Issue Description

Hi There.

We have been using AppAuth for years now and only now we just had a problem on Android 14.

On API 34 the login flow is broken, after the startActivity() from AuthorizationManagementActivity is called and we finish the login flow instead of the same instance of AuthorizationManagementActivity being updated to handle handleAuthorizationComplete on the onResume, a completely new instance is being created, and therefore fails to function properly.

We where able to get passed this issue by changing the launchMode of AuthorizationManagementActivity from singleTask to singleInstance

Here is a screenshot with some logs confirming that indeed a new instance of AuthorizationManagementActivity is created. Screenshot 2023-06-23 at 15 36 32

And here is the same logs after changing the launchMode to singleInstance

<activity android:name=".AuthorizationManagementActivity"
      android:exported="false"
      android:configChanges="screenSize|smallestScreenSize|screenLayout|orientation|keyboard|keyboardHidden"
      android:theme="@style/Theme.AppCompat.Translucent.NoTitleBar"
      android:launchMode="singleInstance" />
Screenshot 2023-06-23 at 15 40 21

If there is any configuration that we might have missed to fix this we would appreciate if you could point us in the right direction, in case this is not actually an issue on your end.

Thank you

About this issue

Most upvoted comments

I want actually to elaborate a bit on @troymolnar 's answer (and thank you for the idea by the way).

The trick is indeed in the launchMode of the openId activity, but to correct it make sure you replace with their whole thing:

        <activity
            android:name="net.openid.appauth.AuthorizationManagementActivity"
            android:configChanges="screenSize|smallestScreenSize|screenLayout|orientation|keyboard|keyboardHidden"
            android:exported="false"
            android:launchMode="singleInstance"
            android:theme="@style/Theme.AppCompat.Translucent.NoTitleBar"
            tools:node="replace"/>
        <activity
            android:name="net.openid.appauth.RedirectUriReceiverActivity"
            android:exported="true"
            tools:node="replace">
            <intent-filter>
                <action android:name="android.intent.action.VIEW" />

                <category android:name="android.intent.category.DEFAULT" />
                <category android:name="android.intent.category.BROWSABLE" />

                <data android:scheme="${appAuthRedirectScheme}" />
            </intent-filter>
        </activity>

Otherwise you lose the intent filter of RedirectUriReceiverActivity 😄

+2
DevDema on Oct 4, 2023

@agologan after further investigation the root of the issue comes from a google issue, and to replicate it with AppAuth the activity that calls AppAuth needs to be a singleInstance

+2
Diogo00dev on Jul 12, 2023

These solutions solve the sign in issue for me, however they keep another browser activity with a login screen even after the login ended. Does anybody have an idea what can be done about it or even how can I limit this only to the Android 14 users?

We had that side effect as well, that there was a vestigial app instance remaining on that sign in screen. Though since we couldn’t cause any further issues with that stake instance, we considered it acceptable losses for the interim while we wait for the true fix in Android OS.

you can do it with setting int value in resources which you can latter use in AndroidManifest - just bare in mind that it’s not string then - it’s int - you can check values in Android source code

2 - LAUNCH_SINGLE_TASK - default 3 - LAUNCH_SINGLE_INSTANCE - fix for api 34

in AndroidManifest just add this:

        <activity
            android:name="net.openid.appauth.AuthorizationManagementActivity"
            android:launchMode="@integer/launch_mode_for_app_auth"
            tools:replace="android:launchMode" />

and

values/integers.xml

<?xml version="1.0" encoding="utf-8"?>
<resources>
    <!-- LAUNCH_SINGLE_TASK -> default value from library -->
    <integer name="launch_mode_for_app_auth">2</integer>
</resources>

and actual fix:

values-v34/integers.xml

<?xml version="1.0" encoding="utf-8"?>
<resources>
    <!-- LAUNCH_SINGLE_INSTANCE -> overrides library mode because of
     bug in Android 14 (34) which causes infinite loop
     should be fixed soon with version 14.1 -->
    <integer name="launch_mode_for_app_auth">3</integer>
</resources>
+1
filipkowicz on Oct 30, 2023

Fyi who ever it helps, we’ve been in communication with Google about this issue for our own app, and they’re now claiming that their fix for the launchType will be released during QPR1 (which is currently in beta). That means that there may be up to 2-3 months of time (guessing based on last years Android 13 release pattern) between the production release of Android 14 & the fix.

We have a simple workaround for it in the meantime, though it comes with it’s own set of possibly unique drawbacks.

Overriding openId’s launch mode this way in our own manifest at least let’s us log in again.

        <activity
            android:name="net.openid.appauth.AuthorizationManagementActivity"
            android:launchMode="3"
            tools:replace="android:launchMode" />

        <activity
            android:name="net.openid.appauth.RedirectUriReceiverActivity"
            android:excludeFromRecents="true"
            android:exported="true"
            tools:node="replace">
            
            ............

Thanks for this interim solution! You saved my bacon 😃

+1
ninehundreds on Oct 3, 2023

Fyi who ever it helps, we’ve been in communication with Google about this issue for our own app, and they’re now claiming that their fix for the launchType will be released during QPR1 (which is currently in beta). That means that there may be up to 2-3 months of time (guessing based on last years Android 13 release pattern) between the production release of Android 14 & the fix.

We have a simple workaround for it in the meantime, though it comes with it’s own set of possibly unique drawbacks.

Overriding openId’s launch mode this way in our own manifest at least let’s us log in again.

        <activity
            android:name="net.openid.appauth.AuthorizationManagementActivity"
            android:launchMode="3"
            tools:replace="android:launchMode" />

        <activity
            android:name="net.openid.appauth.RedirectUriReceiverActivity"
            android:excludeFromRecents="true"
            android:exported="true"
            tools:node="replace">
            
            ............
+1
troymolnar on Sep 28, 2023
Read more comments on GitHub
← ohpc: Problem and solution to issue when using EasyBuild with Xvfb eb files
AppAuth-Android: CustomTabs not working with AndroidX →