AppAuth-Android: Redirect is not fetched by Activity per intent - for all subsequent starts of an application. The first time it works.

Configuration

  • Version: 0.8.1
  • Integration: Java on Android
  • Identity provider: our own

Description

Following the documentation I set up a small application doing the AuthGrant with our own IDP.

URI Receiver Activity configuration:

        <activity
            android:name="net.openid.appauth.RedirectUriReceiverActivity"
            tools:node="replace">
            <tools:validation testUrl="https://_host.domain.com_/oauth" />
            <intent-filter android:autoVerify="true">
                <action android:name="android.intent.action.VIEW"/>
                <category android:name="android.intent.category.DEFAULT"/>
                <category android:name="android.intent.category.BROWSABLE"/>
                <data android:scheme="https"
                android:host="_host.domain.com_"
                    android:path="/oauth"/>
            </intent-filter>
        </activity>

The java implementation is taken straight forward from the documentaion:

    protected void doit() {

        AuthorizationServiceConfiguration.fetchFromUrl(
                Uri.parse("https://_idp.somewhere.com_/.well-known/openid-configuration"),
                new AuthorizationServiceConfiguration.RetrieveConfigurationCallback() {
                    public void onFetchConfigurationCompleted(
                            @Nullable AuthorizationServiceConfiguration serviceConfiguration,
                            @Nullable AuthorizationException ex) {
                        if (ex != null) {
                            Log.e(TAG, "failed to fetch configuration",ex);
                            return;
                        }
                        else {
                            Log.i(TAG,"Obtaining AuthCode...");
                            obtainAuthCode(serviceConfiguration);
                        }
                        // use serviceConfiguration as needed
                    }
                });
    }

    protected void obtainAuthCode(AuthorizationServiceConfiguration serviceConfiguration) {
        AuthorizationRequest.Builder authRequestBuilder =
                new AuthorizationRequest.Builder(
                        serviceConfiguration, // the authorization service configuration
                        MY_CLIENT_ID, // the client ID, typically pre-registered and static
                        ResponseTypeValues.CODE, // the response_type value: we want a code
                        Uri.parse(MY_REDIRECT_URI)); // the redirect URI to which the auth response is sent

        AuthorizationRequest authRequest = authRequestBuilder
                .setScope("openid email profile")
                .setLoginHint("Password hint")
                .build();
        Log.i(TAG,"Starting AuthRequest...");
        doAuthorization(authRequest);
    }

    private void doAuthorization(AuthorizationRequest authRequest) {
        authService = new AuthorizationService(this);
        Intent authIntent = authService.getAuthorizationRequestIntent(authRequest);
        startActivityForResult(authIntent, RC_AUTH);
    }

    @SuppressLint("MissingSuperCall")
    @Override
    protected void onActivityResult(int requestCode, int resultCode, Intent data) {
        if (requestCode == RC_AUTH) {

            AuthorizationResponse resp = AuthorizationResponse.fromIntent(data);
            AuthorizationException ex = AuthorizationException.fromIntent(data);

            if (resp != null) {
                Log.i(TAG,"Got AuthCode: "+resp.authorizationCode);
                // authorization completed
                Log.i(TAG,"Obtaining AccessToken...");
                obtainToken(resp);
            } else {
                // authorization failed, check ex for more details
            }
        } else {
            // ...
        }
    }

First time - after booting the emulator completly everything works fine. If I stop all tasks on the emulator and restart the application the app link is not consumed by the Activity but Chrome is presenting the AuthCode Redirect inside the browser. The Digital Asset Links is available per https and all tests state everything is ok. It’s also working the first time.

I only struggle with starting my app a 2nd or 3rd (…) time. The Redirect ist not fetched by my app. What might the issue here?

About this issue

  • Original URL
  • State: closed
  • Created 3 years ago
  • Comments: 24

Most upvoted comments

@huynguyennovem there are other options like asking the user to login every time via prompt:login but it really depends on your product’s expectations.

@sundeepkmallick been meaning to reply to your issue. Yes I do believe it stems from the same limitation.

+1
agologan on May 31, 2021

Per my current understanding: https://github.com/openid/AppAuth-Android/issues/679#issuecomment-824091995 chrome will launch an external app only on user interaction. In an SSO scenario my recommendation it to ask the user the select the account he’s currently logging in even if there is an active session. Having an intermediary page can also resolve the issue of the user wanting to switch accounts if he’s already logged into something else.

+1
agologan on May 31, 2021

@sundeepkmallick the disambiguation dialog (the dialog to choose which app to use) is only shown if App Links are not configured/loaded. Ensure you have published the digital assets link (assetslinks.json) and that your intent filter is set to android:autoVerify="true". If both of these are configured, verify your config via the Google portal and verify your device actually loaded the values via dumpsys as explained above.

+1
agologan on May 11, 2021
Read more comments on GitHub
← AppAuth-Android: PostAuth activity not getting called.
AppAuth-Android: RedirectUriReceiverActivity not getting called →