search

aws-amplify / amplify-flutter

A declarative library with an easy-to-use interface for building Flutter applications on AWS.
https://docs.amplify.aws
Apache License 2.0
1.33k stars 247 forks source link

Authenticator: Sign in with Google not working if Firefox is default browser #3391

Open rob-mur opened 1 year ago

rob-mur commented 1 year ago

Before creating a new issue, please confirm:

On which framework/platform are you having an issue?

Flutter, Android

Which UI component?

Authenticator

How is your app built?

Flutter

What browsers are you seeing the problem on?

No response

Which region are you seeing the problem in?

No response

Please describe your bug.

I have set up Google OAuth sign-in for amplify using the flutter hosted Authenticator UI.

I have validated that the setup works correctly because it works fine on the flutter when built for the web.

However when built for android, the Google login page is loaded correctly, and after sign-in it redirects back to the app, but once my app opens again it just re-opens the Authenticator login screen.

(I have checked via breakpoint that my code is never hit i.e. the Authenticator library has the issue)

I have taken the documented steps to update the android manifest and am using the suggested myapp:// URI for both sign in and out in the amplify cli.

I have also set the minimum sdk version to 24 as noted in other issues.

No log messages are emitted either in flutter debug or directly on the device (I checked via bug report dump).

Please see below my AndroidManifest in case this helps:

<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.jimmy_solutions.strength_assistant">
    <queries>
    <intent>
        <action android:name=
            "android.support.customtabs.action.CustomTabsService" />
    </intent>
</queries>
    <uses-permission android:name="android.permission.INTERNET"/>
   <application
        android:label="Strength Assistant"
        android:name="${applicationName}"
        android:icon="@mipmap/ic_launcher">
        <activity
            android:name=".MainActivity"
            android:exported="true"
            android:launchMode="singleTop"
            android:theme="@style/LaunchTheme"
            android:configChanges="orientation|keyboardHidden|keyboard|screenSize|smallestScreenSize|locale|layoutDirection|fontScale|screenLayout|density|uiMode"
            android:hardwareAccelerated="true"
            android:windowSoftInputMode="adjustResize">
            <!-- Specifies an Android theme to apply to this Activity as soon as
                 the Android process has started. This theme is visible to the user
                 while the Flutter UI initializes. After that, this theme continues
                 to determine the Window background behind the Flutter UI. -->
            <meta-data
              android:name="io.flutter.embedding.android.NormalTheme"
              android:resource="@style/NormalTheme"
              />

            <intent-filter>
                <action android:name="android.intent.action.VIEW" />
                <category android:name="android.intent.category.DEFAULT" />
                <category android:name="android.intent.category.BROWSABLE" />
                <data android:scheme="myapp" />
            </intent-filter>

            <intent-filter>
                <action android:name="android.intent.action.MAIN"/>
                <category android:name="android.intent.category.LAUNCHER"/>
            </intent-filter>

        </activity>
        <!-- Don't delete the meta-data below.
             This is used by the Flutter tool to generate GeneratedPluginRegistrant.java -->
        <meta-data
            android:name="flutterEmbedding"
            android:value="2" />
    </application>
</manifest>

What's the expected behaviour?

After Google sign-in completes, the Authenticator library should flow into the root of my project and actually complete the sign-in

Help us reproduce the bug!

Unfortunately I'm not sure how I can reproduce further given no error information is provided and it works fine on other platforms.

Please let me know if there's anything I can provide further!

Code Snippet

// Put your code below this line.

Console log output

No response

Additional information and screenshots

No response

rob-mur commented 1 year ago

Some further information, I noted that the Android manifest docs say that the <queries> tag was only introduced in API 30.

Therefore I tested my app also with the minimum SDK version set to 30 just in case there was some hard requirement on the CustomTabsService, however this did not change the behaviour.

I will now try downgrading the library just to see if it's a new issue or not.

rob-mur commented 1 year ago

I can confirm that this bug does not appear in version 1.0.0, but does occur in 1.1.0 and 1.2.1 - I can now revert to 1.0.0 as a workaround.

calebpollman commented 1 year ago

Hi @rob-mur Going to transfer your issue to the Amplify Flutter github for triage

rob-mur commented 1 year ago

With further investigation, the problem can be narrowed down to if the Android user has their default browser set to Firefox i.e. no issues with chrome.

Pretty sure it's related to the upstream issue in the Android SDK where custom tabs view wasn't dismissing firefox correctly.

From what I'm aware the above was fixed but presumably just hasn't made it into the amplify flutter authenticator yet.

So this is "fixed" for now so long as you're willing to only support chrome (which in my situation I'll just do so, and close this issue)

rob-mur commented 8 months ago

Came back to this after the best part of a year as I was unhappy with not being able to support browsers other than chrome - found the solution!

The fix is very simple, by default in AndroidManifest.xml flutter puts the android:launchMode = "singleTop", whereas for the OAuth redirect to work with Amplify Authenticator for Firefox mobile you need to use android:launchMode="singleInstance".

I noticed this was the issue because when Firefox redirected back to the app, it opened an entirely fresh copy of the app which then wasn't ready to handle the auth code. Chrome must somehow know not to do this behind the scenes.

I'm not sure if anyone else will run into this but at least this comment may help someone. Ideally this would be added to the documentation to save others the effort!

Equartey commented 8 months ago

Hi @rob-mur, glad you were able to resolve your issue.

Having a hard time following the original issue here. Sounds like there was an issue with the redirect, but its not clear how it happened.

Can you help us understand the original issue?

rob-mur commented 8 months ago

Hi, yes sure!

Essentially when using Google OAuth login with the flutter authenticator UI library, the default setup from the docs leads to an issue on Android if the user has their default browser set to Firefox.

In particular, when Firefox redirects back to the app via the myapp:// redirect, it seems to start a fresh copy of the app rather than the existing copy handling it.

Steps to reproduce:

Hope this helps!

Equartey commented 8 months ago

Hi @rob-mur, thanks for the extra context!

To confirm it sounds like this is related to Firefox supporting redirects and not something explicitly missing on our end, correct?

Was there something in particular that lead you astray in our documentation?

rob-mur commented 8 months ago

No worries. I think it's actually flutter/chrome not respecting the documentation - firefox seems to be doing exactly what the docs suggest.

In any case I don't see this as an issue with Amplify, but I would suggest including the relevant change in your example Android Manifest file so by default it works with firefox mobile - i.e. adding android:launchMode="singleInstance".

If it were me I would put it in the example manifest for social login here.

Equartey commented 8 months ago

Hi @rob-mur, looking into it further, looks like adding android:launchMode="singleInstance" will limit the use of some 3rd party plugins such as the Flutter team's image picker.

We're investigating how to handle this internally to allow more flexibility. As such we're going to treat this like a bug and update you when its resolved. Thanks for bringing this to our attention.

robot-apocalypse commented 2 months ago

I also just ran into this, and have been pulling my hair out for a week. I set up a brand new flutter app, followed the amplify tutorial, and posted the code here: https://github.com/robot-apocalypse/amplify-test, in case anyone wants a minimal example. I can also confirm that changing the launch mode from "singleTop" to "singleInstance" allows it to work when the default browser is firefox. I really need my app to support firefox, so I am curious what 3rd party plugins will I be giving up? Or is there a timeline for fixing this bug?

Equartey commented 2 months ago

Hi @robot-apocalypse.

We do not have an exhaustive list of plugins this may collide with. Image picker is the only one I'm personally currently aware of. That being said, when using singleInstance in your app, you will need to manually validate 3rd party plugins are integrated as expected.

We also do not have a timeframe for addressing this yet.

ss1565 commented 2 months ago

Hey guys, We are having the same problem. I take it no reliable fix has been identified yet for this. Are we sure this is issue in flutter? And do you guys have problems with Opera too?

khatruong2009 commented 1 month ago

Hi @ss1565, there's still no update regarding this issue, we'll let you know when there is one.