authorizeAndExchangeCode not returning on Android 14

MaikuB / flutter_appauth

A Flutter wrapper for AppAuth iOS and Android SDKs

269 stars 238 forks source link

authorizeAndExchangeCode not returning on Android 14 #458

Open guy-utila opened 8 months ago

guy-utila commented 8 months ago

We have an app that is working well with flutter_appauth for a while (iOS and Android). Recently I upgraded my Android device to Android 14 and now it seems like I can not login (using Google), I get to see the Google account selection but after selecting the account the screen redirects to itself and hangs on the loading state.

All I get in the debug are these messages:

W/AppAuth ( 586): No stored state - unable to handle response W/iour.app.name( 586): Cleared Reference was only reachable from finalizer (only reported once)

To be clear - same code base has no issues when running in either iOS or Android 11.

Is there a know issue with Android 14?

debasmitasarkar commented 8 months ago

is there any update regarding this? This is a major issue.

MaikuB commented 8 months ago

If you believe it's Android 14 related then you should be able to clone the repository and run the example app to confirm. I'm not in a position to check right now but have been running other apps using this library on Android 14 without issues. I suspect your issue is more to do with a change that Google brought about to authentication using their services https://developers.googleblog.com/2023/10/enhancing-oauth-app-impersonation-protections.html?m=1

guy-utila commented 8 months ago

It seems like our issue is related to this one: https://github.com/openid/AppAuth-Android/issues/977 It is a bug in Android 14 and should be fixed. Methods of resolving the issue are proposed in the link.

praharshbhatt commented 8 months ago

The interim solution mentioned in https://github.com/openid/AppAuth-Android/issues/977#issuecomment-1746881655 works for now:

        <activity
            android:name="net.openid.appauth.AuthorizationManagementActivity"
            android:configChanges="screenSize|smallestScreenSize|screenLayout|orientation|keyboard|keyboardHidden"
            android:exported="false"
            android:launchMode="singleInstance"
            android:theme="@style/Theme.AppCompat.Translucent.NoTitleBar"
            tools:node="replace"/>
        <activity
            android:name="net.openid.appauth.RedirectUriReceiverActivity"
            android:exported="true"
            tools:node="replace">
            <intent-filter>
                <action android:name="android.intent.action.VIEW" />

                <category android:name="android.intent.category.DEFAULT" />
                <category android:name="android.intent.category.BROWSABLE" />

                <data android:scheme="${appAuthRedirectScheme}" />
            </intent-filter>
        </activity>

gabrielmulyawan commented 6 months ago

@praharshbhatt its work, but if u back to app first and back to auth, will be get loop. and the app gone.

any update, without change the launch mode to singleInstance ?

snovak7 commented 1 month ago

Can confirm: Any subsequent request to the method returns null