AuthClient: launchCustomTabs issue, 1 line called twice.

aws-amplify / aws-sdk-android

AWS SDK for Android. For more information, see our web site:

https://docs.amplify.aws

Other

1.02k stars 548 forks source link

AuthClient: launchCustomTabs issue, 1 line called twice. #3597

Open lolucosmin opened 1 week ago

lolucosmin commented 1 week ago

State your question Why in AuthClient when we call launchCustomTabs the line 473 is called twice ( activity.startActivityForResult(CustomTabsManagerActivity.createStartIntent(this.context, this.mCustomTabsIntent.intent), 49281)), but only this line. The function is called 1 time. Because is called twice the webpage is failing to load the correct sign in session.

Which AWS Services are you utilizing? cognitoauth: version 2.75.2.

Provide code snippets (if applicable)

Environment(please complete the following information):

SDK Version: [e.g. 2.75.2]

Device Information (please complete the following information):

Device: [e.g. All devices]

If you need help with understanding how to implement something in particular then we suggest that you first look into our developer guide. You can also simplify your process of creating an application, as well as the associated backend setup by using the Amplify CLI.

vincetran commented 1 week ago

launchCustomTabs is a private method so can you share with us the public method you're calling? It would also be beneficial to see a code snippet of that too. Have you tried adding some breakpoints to see the code path?

lolucosmin commented 1 week ago

@vincetran Hi, the main idea is we are using AWSMobileClient sdk, so we are calling AWSMobileClient.getInstance().showSignIn(activity, signInUIOptions, new Callback() and we pass some parameters. If you follow the flow at the end there is a function private void launchCustomTabs(Uri uri, Activity activity, String browserPackage) ; So we are passing a sso url to sign in, but weird thing is line 473: activity.startActivityForResult(CustomTabsManagerActivity.createStartIntent(this.context, this.mCustomTabsIntent.intent), 49281); is called twice.

mhugot commented 1 week ago

@vincetran more details about that, i work with @lolucosmin :

we have integrated an external openid provider in cognito userpool (akamai sso)
the login/authorize webview of the provider is displayed correctly
we enter email/password to the webview, then submit
but while webview is working to redirect to scheme://signin, the webview load another time the login url

we added breakpoint to understand what is happening and we saw that startActivityForResult is called two times since akamai use crsf token in their url, it makes an error with aws ios sdk, we dont have this issue

vincetran commented 5 days ago

Thanks for the response @lolucosmin and @mhugot. As I investigate a little further, just wanted to first inquire if you're integrating auth using aws-sdk-android for the first time in your app. I ask because we suggest new integrations to use Amplify Android instead.

vincetran commented 5 days ago

Also, can you clarify this statement:

since akamai use crsf token in their url, it makes an error

What kind of error? (The exact stacktrace would be helpful)

mhugot commented 3 days ago

Hello, It's a white label app used by many customer, so we are working on migration, but extra steps are required before we can migrate to Amplify. For the error : basically we are calling the authorize url, then it redirect to a unique url with a token. If this url with token is called multiple times, it throw a 403 error.