Closed lcm98 closed 1 year ago
Thanks for reaching out.
It sounds like it could indeed be related to the Auth0 CA changes you linked.
We're internally working on what the solution for this would look like.
In the meantime, could you let us know what SSL settings you are using, more specifically, are you using Android and Native TLS 1.2+ as mentioned here? If not, does the problem persists when you ensure the application does use these settings?
Thanks.
The same problem happens for us. We are using Android and Native TLS settings. Reproducible on Auth0.OidcClient 2.3.1 and 3.2.6. Deactivating the expired DST Root CA X3 on my Android 13 smartphone "solves" this issue, but of course this isn't a solution for end users.
In the meantime, could you let us know what SSL settings you are using, more specifically, are you using Android and Native TLS 1.2+ as mentioned here? If not, does the problem persists when you ensure the application does use these settings?
We were using Default HttpClient implementation and Default (Native TLS 1.2+) settings
Changing to Android HttpClient implementation and explicitly choosing Native TLS 1.2+ fixed the issue for us! (I am unsure if the latter mattered between letting it default to Native TLS 1.2+ or picking it directly).
Thank you for the help.
Thanks for the feedback @lcm98, I think what fixed it is probably setting the Android HttpClient implementation.
@steffenh13 , would there be anything different from your setup that could still result in using the incorrect MessageHandler and/or TLS version?
I just hit this very same issue on a new machine, and was able to solve it by setting the Android HttpClient implementation.
Closing, but feel free to reach out if needed.
Describe the problem
In a XamarinForms Android App we use the
Auth0.OidcClient.Core
andAuth0.OidcClient.Android
Packages to control our login flow. Recently starting this week of December 5th, we started getting errors on many devices getting thrown when callingawait client.LoginAsync();
The error seems to be an SSL issue of some sort
What was the expected behavior?
The expected behavior is for the login flow to proceed and open up a window in which the User can log in via auth0.
Reproduction
I am unfortunately unable currently to cut the project down to a size where I can share it, however this does appear to be a consistent issue.
Environment
Auth0.OidcClient.Core
3.2.6 andAuth0.OidcClient.Android
3.2.6