Open Aaron-Ritter opened 1 month ago
@Aaron-Ritter does this happen on 1.49?
@alex-fusionauth this is only related to the new scope feature introduced in 1.50, all previous releases are working at least the ones we tested with 1.46 and up.
As we are providing the UserInfo feature with the SDK this started to fail with the FusionAuth 1.50 release for two reasons (Already addressed in https://github.com/FusionAuth/fusionauth-android-sdk/pull/63):
The already merged PR https://github.com/FusionAuth/fusionauth-android-sdk/pull/63 addressed this.
During further testing with the new implementation I was making sure that other scenarios with the new scope feature are working as expected, where i found this other issue. It looks at the moment as if the blank return page is a issue coming from FusionAuth itself but we need to dig in to this next week.
This might have been a Emulator issue, i was not able to reproduce it with a new setup.
it is now redirecting back with an error.
2024-05-21 16:01:23.382 5796-5822 EGL_emulation io.fusionauth.app D app_time_stats: avg=20.80ms min=8.09ms max=73.94ms count=43
2024-05-21 16:01:23.622 5796-5796 TokenActivity io.fusionauth.app I Checking for authorization response
2024-05-21 16:01:23.628 5796-5796 TokenActivity io.fusionauth.app E Failed to exchange authorization code
io.fusionauth.mobilesdk.exceptions.AuthorizationException: State mismatch
at io.fusionauth.mobilesdk.oauth.OAuthAuthorizationService$handleRedirect$2.invokeSuspend(OAuthAuthorizationService.kt:178)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:104)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:584)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:811)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:715)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:702)
2024-05-21 16:01:23.956 5796-5822 OpenGLRenderer io.fusionauth.app D endAllActiveAnimators on 0x7a21291fec10 (InsetDrawable) with handle 0x7a209961b8f0
2024-05-21 16:01:24.599 5796-5796 WindowOnBackDispatcher io.fusionauth.app W sendCancelIfRunning: isInProgress=falsecallback=android.view.ViewRootImpl$$ExternalSyntheticLambda17@656095f
2024-05-21 16:01:25.392 5796-5822 EGL_emulation io.fusionauth.app D app_time_stats: avg=187.52ms min=16.52ms max=1004.30ms count=8
The "State mismatch" is indicating that the actual error is not handled, and the redirect shown in the logs is pointing to a scope issue dat=io.fusionauth.app:/oauth2redirect?error=invalid_scope&error_reason=unknown_scope&error_description=Invalid+scope.+The+scopes+[profile]+are+unknown.&state=state-1716300975362
.
So in summary, the blank page and no redirect happening is more likely an emulator issue, even it was reproducible in that one emulator at the time, none of the tests cause the same issue now.
But the scope error is something we should handle in the SDK.
2024-05-21 16:16:24.572 513-580 ActivityTaskManager system_server I START u0 {act=android.intent.action.VIEW cat=[android.intent.category.BROWSABLE] dat=io.fusionauth.app:/oauth2redirect?error=invalid_scope&error_reason=unknown_scope&error_description=Invalid+scope.+The+scopes+[profile]+are+unknown.&state=state-1716300975362 flg=0x14000000 cmp=io.fusionauth.app/net.openid.appauth.RedirectUriReceiverActivity (has extras)} from uid 10116
2024-05-21 16:16:24.865 513-580 ActivityTaskManager system_server I START u0 {dat=io.fusionauth.app:/oauth2redirect?error=invalid_scope&error_reason=unknown_scope&error_description=Invalid+scope.+The+scopes+[profile]+are+unknown.&state=state-1716300975362 flg=0x24000000 cmp=io.fusionauth.app/net.openid.appauth.AuthorizationManagementActivity} from uid 10154
2024-05-21 16:16:24.872 513-580 ActivityTaskManager system_server W Duplicate finish request for r=ActivityRecord{d587f13 u0 io.fusionauth.app/net.openid.appauth.RedirectUriReceiverActivity t9 f}}
2024-05-21 16:16:24.967 513-816 ActivityTaskManager system_server I START u0 {dat=io.fusionauth.app:/oauth2redirect?error=invalid_scope&error_reason=unknown_scope&error_description=Invalid+scope.+The+scopes+[profile]+are+unknown.&state=state-1716300975362 cmp=io.fusionauth.app/io.fusionauth.sdk.TokenActivity (has extras)} from uid 10154
2024-05-21 16:16:24.968 513-816 ActivityTaskManager system_server W startActivity called from non-Activity context; forcing Intent.FLAG_ACTIVITY_NEW_TASK for: Intent { dat=io.fusionauth.app:/oauth2redirect?error=invalid_scope&error_reason=unknown_scope&error_description=Invalid+scope.+The+scopes+[profile]+are+unknown.&state=state-1716300975362 cmp=io.fusionauth.app/io.fusionauth.sdk.TokenActivity (has extras) }
2024-05-21 16:16:25.888 4061-4061 TokenActivity io.fusionauth.app I Checking for authorization response
2024-05-21 16:16:25.980 4061-4061 TokenActivity io.fusionauth.app E Failed to exchange authorization code
io.fusionauth.mobilesdk.exceptions.AuthorizationException: State mismatch
at io.fusionauth.mobilesdk.oauth.OAuthAuthorizationService$handleRedirect$2.invokeSuspend(OAuthAuthorizationService.kt:178)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:104)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:584)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:811)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:715)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:702)
2024-05-21 16:16:26.308 513-556 ActivityTaskManager system_server I Displayed io.fusionauth.app/io.fusionauth.sdk.TokenActivity: +1s257ms
Unknown scope policy - Reject does not cause a clear error handling
Description
Unknown scope policy - Reject.
Does not show / cause an error and is just stuck on a blank page:![image](https://github.com/FusionAuth/fusionauth-android-sdk/assets/12079732/ca7f962e-efaa-450d-9bc3-6cc47c209923)
Affects versions
FusionAuth 1.50.1 FusionAuth Android SDK 0.1.1
Steps to reproduce
Steps to reproduce the behavior:
Example Android App
Applicatoin > ScopeExpected behavior
Based on the Description of the Unknown scope policy definition
Reject
it should Reject it by failing the workflow and return an error.Platform
(Please complete the following information)
Community guidelines
All issues filed in this repository must abide by the FusionAuth community guidelines.