Allow intent redirects

[AllanWang]

Eg 2FA should try launching the intent before loading the "link" via the browser

[AllanWang]

Fixed in 38e6622e2fd0fe2e0a541af7a52d3c9dc5fd29da

[Zenexer]

@AllanWang This doesn't seem to have worked for me. I wouldn't be surprised if the 2FA intent doesn't actually resolve. I'll give it a quick debug attempt, since I'm able to reproduce it consistently.

(I also sent you an email about this.)

[AllanWang]

@Zenexer I'll try 2FA on one of my accounts when I have time. It's likely an issue on n'y end I haven't addressed so there is no need to debug for now

[AllanWang]

@Zenexer one thing, can you verify that the authentication works on a browser like chrome?

[Zenexer]

@AllanWang Yes, it works fine in a browser; it never attempts to launch an intent. It just stays on the 2FA page. The 2FA page only appears for a split second in Frost before it navigates to the intent: URL.

[AllanWang]

@Zenexer okay that may be an easy fix. I've set it so that the browser redirects to Facebook if you exit their site during login. I'll remove that and you can try a test build

[Zenexer]

I'm pretty sure if you just blocked the redirect attempt, I'd be able to log in without issue. There's no need for that intent to be invoked, and on some devices the appropriate application won't even be installed. I'm a bit uneasy about Facebook being able to trigger arbitrary intents anyway.

[AllanWang]

@Zenexer try v380

[Zenexer]

@AllanWang Same thing.

[Zenexer]

Not sure if it's relevant, but as far as I can tell, shouldOverrideUrlLoading is never being called.

[AllanWang]

@Zenexer same thing as in it's blinking or it's still crashing from a NPE? I'll try 2FA myself then to resolve this

[AllanWang]

@Zenexer do you get to the page where you enter a code? I just tried it and it worked fine for me. I was using a debug build though so I'll verify the release version later

[Zenexer]

@AllanWang I tested that build on Android 8 and Android 7. The page where the code is entered appears very briefly, but it's not visible long enough for me to interact with it in any way or take a screenshot. I'd say under 100ms.

[AllanWang]

@Zenexer is it this page though? Ignore the theming issue

[Zenexer]

Yes, I think so. It doesn't appear long enough for me to read it, but it looks like that screen. With... y'know... different colors.

[AllanWang]

@Zenexer Just tested the release build on my other phone and it worked fine as well.

Can you try v381 but with a clean installation? Also keep in mind that the debug, test, and release build all have different package names. If you aren't opening the app immediately after installation, make sure you are opening the correct one. These builds are named "Frost Test"

[Zenexer]

Last time I did a clean install on Android 7; I hadn't run it on that device before. I've been making sure to run the right ones. I know it's a clean installation when it asks me to enter my email and password on different screens.

Testing now.

[Zenexer]

Same issue on both Android 7 and Android 8 with build v383.

[AllanWang]

@Zenexer are you running xposed or do you have any modules that may interfere with your network? Is your F2A via text or an app, and do you have that app installed on both your phones? I may need some more logs, given that I never reach a link involving an intent. Given that you are also a developer, it may be easier for you to run this through debug mode and let me know which urls are being loaded. All of those logs are verbose and are disabled in the release builds.

[Zenexer]

• Never rooted; vanilla Pixel and S6
• Nothing that would interfere with network
• 2FA is currently via text, but the intent is attempting to launch Google Authenticator
• Google Authenticator is installed on both phones, but I tried it in an emulator that didn't have Google Authenticator
• I tested it in debug mode. There was never any output corresponding to URLs. The app was named Frost Debug, so I know I ran the right one. I put a breakpoint on shouldOverrideUrlLoading and it never fired.

[AllanWang]

Did it work on the emulator? I see no reason why that one wouldn't. I've added the intent check in the next build to the login client as it wasn't there before, so that may resolve your problem.

If the log gave any output with intent, I'd like to see it, just to make sure I can resolve it.

[Zenexer]

Nope, didn't work in the emulator. No relevant log output of any kind; no URLs, no intents, nothing. Plenty of verbose output, but nothing interesting.

[AllanWang]

@Zenexer is your log filter set to verbose and is it filtered to accept the debug package name? There should be quite a bit of logging on that level

[Zenexer]

Yes, there are tons of verbose log entries, but none are interesting. I'll give you a full log in a moment.

[AllanWang]

@Zenexer that's a bit weird too since my main phone has the google authenticator but it never launched it. Maybe my 2FA is set up differently from yours

[Zenexer]

I believe I'm using legacy 2FA from before they supported Google Authenticator. I had intended to update it, but since a lot of people are still using it, I figured I'd keep it in that configuration until this is sorted out.

[AllanWang]

@Zenexer You can try v384 to see if it launches your authenticator. But even if it does, I don't see how that's going to help you log in given that it can't communicate with the app.

If you're using a legacy authenticator and don't mind setting it up again, your best bet may be to disable it and enable it again.

[Zenexer]

Testing momentarily.

Here's everything that occurs on Android 7 debug build as soon as I submit the login form. You can see that one Intercept Request, but the only other URL that ever appears along with that message is https://staticxx.facebook.com/common/referer_frame.php. No other URLs appear in the entire output. I've also attached the full log.

08-04 23:09:05.130 19768-19768/com.pitchedapps.frost.debug D/ViewRootImpl@6c87b0f[LoginActivity]: ViewPostImeInputStage processPointer 0
08-04 23:09:05.252 19768-19768/com.pitchedapps.frost.debug D/ViewRootImpl@6c87b0f[LoginActivity]: ViewPostImeInputStage processPointer 1
08-04 23:09:05.367 19768-19768/com.pitchedapps.frost.debug D/InputMethodManager: ISS - flag : 0Pid : 19768 view : com.pitchedapps.frost.debug
08-04 23:09:06.589 19768-19768/com.pitchedapps.frost.debug W/cr_BindingManager: Cannot call determinedVisibility() - never saw a connection for the pid: 19768
08-04 23:09:06.655 19768-19817/com.pitchedapps.frost.debug V/TimberLogger: Frost: Intercept Request pixel.facebook.com https://pixel.facebook.com/si/kappa/?Ko=p
08-04 23:09:06.794 19768-19768/com.pitchedapps.frost.debug D/InputMethodManager: HSI from window - flag : 0 Pid : 19768
08-04 23:09:06.870 19768-19857/com.pitchedapps.frost.debug V/InputMethodManager: Starting input: tba=android.view.inputmethod.EditorInfo@5fbc788 nm : com.pitchedapps.frost.debug ic=null
08-04 23:09:06.870 19768-19857/com.pitchedapps.frost.debug I/InputMethodManager: [IMM] startInputInner - mService.startInputOrWindowGainedFocus
08-04 23:09:06.876 19768-19857/com.pitchedapps.frost.debug D/InputTransport: Input channel constructed: fd=167
08-04 23:09:06.877 19768-19857/com.pitchedapps.frost.debug D/InputTransport: Input channel destroyed: fd=160
08-04 23:09:06.879 19768-19857/com.pitchedapps.frost.debug W/IInputConnectionWrapper: finishComposingText on inactive InputConnection
08-04 23:09:06.879 19768-19857/com.pitchedapps.frost.debug W/IInputConnectionWrapper: finishComposingText on inactive InputConnection
08-04 23:09:06.980 19768-19768/com.pitchedapps.frost.debug D/ViewRootImpl@6c87b0f[LoginActivity]: MSG_RESIZED: ci=Rect(0, 96 - 0, 0) vi=Rect(0, 96 - 0, 0) or=1
08-04 23:09:06.983 19768-19768/com.pitchedapps.frost.debug W/cr_BindingManager: Cannot call determinedVisibility() - never saw a connection for the pid: 19768
08-04 23:09:07.008 19768-19768/com.pitchedapps.frost.debug D/ViewRootImpl@6c87b0f[LoginActivity]: Relayout returned: oldFrame=[0,0][1440,2560] newFrame=[0,0][1440,2560] result=0x1 surface={isValid=true 543259486208} surfaceGenerationChanged=false
08-04 23:09:07.117 19768-19821/com.pitchedapps.frost.debug W/chromium: [WARNING:spdy_session.cc(2857)] Received WINDOW_UPDATE for invalid stream 3
08-04 23:09:07.223 19768-19768/com.pitchedapps.frost.debug W/cr_BindingManager: Cannot call determinedVisibility() - never saw a connection for the pid: 19768
08-04 23:09:35.155 19768-19857/com.pitchedapps.frost.debug V/InputMethodManager: Starting input: tba=android.view.inputmethod.EditorInfo@45f75cc nm : com.pitchedapps.frost.debug ic=null
08-04 23:09:35.156 19768-19857/com.pitchedapps.frost.debug I/InputMethodManager: [IMM] startInputInner - mService.startInputOrWindowGainedFocus
08-04 23:09:35.159 19768-19857/com.pitchedapps.frost.debug D/InputTransport: Input channel constructed: fd=116
08-04 23:09:35.159 19768-19857/com.pitchedapps.frost.debug D/InputTransport: Input channel destroyed: fd=167
08-04 23:09:40.796 19768-19768/com.pitchedapps.frost.debug D/ViewRootImpl@6c87b0f[LoginActivity]: MSG_WINDOW_FOCUS_CHANGED 0

[Zenexer]

Same issue with v343 on Android 7 with Google Authenticator installed.

[AllanWang]

@Zenexer checkout the fix/2FA branch and see if your resources differ from mine:

Frost: Loading resource https://touch.facebook.com/login
Frost: Loading resource https://touch.facebook.com/cookie/consent/?pv=1
Frost: Loading resource https://touch.facebook.com/login/async/?refsrc=https%3A%2F%2Ftouch.facebook.com%2Flogin&lwv=100
Frost: Loading resource https://touch.facebook.com/checkpoint/?__req=2
Frost: Loading resource https://pixel.facebook.com/si/kappa/?Ko=p
Frost: Loading resource https://touch.facebook.com/login/approvals/approved_machine_check

Ignore all css, png, js resources

(or add the resource override method seen here)

[Zenexer]

Testing shortly. I emailed you a video of the issue.

[Zenexer]

Same URLs up until the last. Instead of that, I get intent:#Intent;action=com.google.android.apps.authenticator.AUTHENTICATE;S.request=%7B%22type%22%3A%22u2f_sign_request%22%2C%22appId%22%3A%22https%3A%2F%2Fwww.facebook.com%2F...;end

Full list, with two URLs edited to remove sensitive info:

08.909 https://touch.facebook.com/login
10.781 https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/Ja4O53IXXnO.css
10.784 https://static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/oPxF6kzoxZ1.css
10.785 https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/7V4aoaiLvx9.css
10.786 https://static.xx.fbcdn.net/rsrc.php/v3iuD54/yn/l/en_US/-HeKDmX1Vqc.js
11.366 https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/kE0uWYRaeDq.png
11.371 https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/BdXc4LF_poc.png
11.376 https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/GPGyYijOozz.png
11.826 https://static.xx.fbcdn.net/rsrc.php/v3isCH4/yW/l/en_US/eEiSiDcVD_V.js
11.833 https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/JfKFSU8FXWj.js
11.840 https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/kg_G7qIsN6q.js
11.841 https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/FIDl-GfjDiR.js
12.127 https://staticxx.facebook.com/common/referer_frame.php
12.135 https://staticxx.facebook.com/common/referer_frame.php
12.481 https://touch.facebook.com/sem_campaigns/sem_pixel_test/?google_pixel_category=4&google_pixel_src=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fviewthroughconversion%2F<removed>
12.764 https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/O2aKM2iSbOw.png
22.441 https://touch.facebook.com/cookie/consent/?pv=1
22.471 https://touch.facebook.com/login/async/?refsrc=https%3A%2F%2Ftouch.facebook.com%2Flogin&lwv=100
23.004 https://touch.facebook.com/checkpoint/?__req=2
23.214 https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/Ja4O53IXXnO.css
23.216 https://static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/UjG6walLV65.css
23.224 https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/7V4aoaiLvx9.css
23.225 https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/uE4RhwSI-UV.css
23.240 https://static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/EMbS2dm5WfW.css
23.273 https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/5y_FShmKhqm.js
23.307 https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/Wu1TNVOYUWd.js
23.341 https://pixel.facebook.com/si/kappa/?Ko=p
23.497 https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/hlZZAPy7bhi.js
23.510 https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/bbpGibSziar.js
23.558 https://static.xx.fbcdn.net/rsrc.php/v3isCH4/yW/l/en_US/eEiSiDcVD_V.js
23.560 https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/JfKFSU8FXWj.js
23.567 https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/FIDl-GfjDiR.js
24.017 intent:#Intent;action=com.google.android.apps.authenticator.AUTHENTICATE;S.request=%7B%22type%22%3A%22u2f_sign_request%22%2C%22appId%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fu2f%2Fapp_id%2F%3F<removed>;end

[Zenexer]

It looks like I did enable TOTP at some point, so I can log in with Google Authenticator. I don't remember if that was before or after I installed Frost, but I experienced the issue the first time I tried Frost (and emailed you immediately).

Here are the 2FA methods I currently have enabled:

• ~SMS~ (disabled)
• FIDO U2F, with four keys (this is what YubiKey uses)
• TOTP (this is what Google Authenticator uses)

~I'm likely to disable SMS at some point in the near future; I wasn't aware they were even continuing to support it.~ I've disabled SMS, which is the legacy method to which I was referring.

[Zenexer]

Making some progress. Looks like that intent is for U2F, not TOTP as I originally thought. When I tested Facebook in my browser, I was using facebook.com (which redirects to m.facebook.com), not touch.facebook.com. At the time I tested, the former had a different appearance and didn't trigger the intent, though now they look identical and both trigger it.

In Chrome, when the intent is triggered, I see a U2F screen, which is expected with U2F enabled:

[AllanWang]

@Zenexer does the same thing happen with Frost now with the intent resolver?

[Zenexer]

Neither fix/2FA/HEAD nor v385 work. The browser still tries to load the intent. It's worth noting that the intent URL contains www.facebook.com, so the test on line 135 of FrostWebViewClient.kt isn't going to work as intended.

[AllanWang]

Okay I pushed another test. I'd like to continue the conversation at #115 so we can see the build status