search

customerio / customerio-ios

Official Customer.io SDK for iOS. Track customers and send messages to your iOS app.
https://customer.io/docs/sdk/ios/
MIT License
28 stars 20 forks source link

clearIdentify does not remove device from dashboard on iOS #818

Open AristideVB opened 1 month ago

AristideVB commented 1 month ago

SDK version:
Version: ~> 2.14.1

Environment:
Production - Debug

Are logs available?
Yes, logs are available and have been sanitized for sensitive information. 

(siteid:******) ℹ️ clearing identified profile  
(siteid:******) delete device token from *******@*******.com to stop sending push to a profile that is no longer identified  
(siteid:******) ℹ️ deleting device token request made  
(siteid:******) ℹ️ adding queue task deletePushToken  
(siteid:******) added queue task data {"device_token":"**************","profile_identifier":"*******@*******.com"}  
(siteid:******) processing queue status QueueStatus(queueId: "********************", numTasksInQueue: 20).  
(siteid:******) ℹ️ queue met criteria to run automatically  
(siteid:******) running hooks: profile stopped being identified *******@*******.com  
(siteid:******) queue querying next task. criteria: QueueQueryCriteria(excludeGroups: Set([]))  
(siteid:******) 🛑 Tried to get queue task with storage id: ********************, but storage couldn't find it.  
(siteid:******) queue querying next task. criteria: QueueQueryCriteria(excludeGroups: Set(["registered_push_token************"]))  
(siteid:******) removing profile for in-app  
User token cleared  
(siteid:******) 🛑 Tried to get queue task with storage id: ********************, but storage couldn't find it.  
(siteid:******) deleting profile info from device storage  
(siteid:******) queue querying next task. criteria: QueueQueryCriteria(excludeGroups: Set(["registered_push_token************"]))  
(siteid:******) 🛑 Tried to get queue task with storage id: ********************, but storage couldn't find it.  
(siteid:******) ℹ️ clearing identified profile

Describe the bug
When calling customerio.clearIdentify on iOS, the logs suggest that the profile is successfully cleared, and the device token is deleted. However, despite this, the device is not removed from the Customer.IO dashboard, and push notifications continue to be sent to the old account. Additionally, when I identify with a new account, the device remains associated with the previous account, which results in the device potentially receiving unwanted notifications.

To Reproduce

  1. Call CustomerIO.clearIdentity on an iOS device from Flutter SDK
  2. Observe the logs to verify that the profile has been cleared and the device token is deleted.
  3. Check the Customer.IO dashboard after several hours to see if the device is still associated with the old profile.
  4. Identify with a new account and verify that the device is still linked to the previous account.

Expected behavior
The device should be removed from the old account on the Customer.IO dashboard after customerio.clearIdentity is called, and no push notifications should be sent to the old account. The device should be correctly associated with the new account after re-identifying.

Screenshots
N/A

Additional context
This issue occurs in a Flutter app using the Flutter SDK. The method channels seem to be called correctly, but the device is not removed from the previous account on the Customer.IO dashboard.

ami-aman commented 1 month ago

Hi @AristideVB Sorry to hear that you are experiencing this issue.

Our team tried to reproduce the issue using the steps you provided, but unfortunately, we were not able to replicate it on our end. Could you please provide more detailed steps to help us reproduce the issue or share if there is a specific scenario in which the tokens are not removed from a profile on calling clearIdentify method ?

AristideVB commented 1 month ago

I will try to provide a min reproductible sample in a couple of days, please note I'm using the 2.14.1 version (since it's the latest version working with the flutter Customer.io SDK)

Note that I'm calling identify & clearIdentify back to back -> could help you reproduce the issue

region: Region.eu,

ami-aman commented 1 month ago

Thanks, @AristideVB, for providing additional details to help reproduce the issue. We'll attempt to reproduce it using the information you have shared. In the meantime, we would appreciate it if you could share a minimum reproducible app with us to help us debug the issue more effectively.

AristideVB commented 1 month ago

Hello @ami-aman thank you for your follow up,

I’ve been working on reproducing a bug using your iOS SDK and have created a minimal reproducible example, which you can find here:

GitHub Repository - v2-clear-identify-bug

In the attemptToReproduceBug method, I perform the following steps:

1.  Identify a new user account
2.  Wait one second.
3.  Clear the device token using clearIdentify().
4.  Identify an existing user account.

I’ve observed inconsistent results with this process, so I'm not sure you will be able to reproduce it.

Sometimes, the device token is correctly removed from the first logged-in account during step 3. Other times, it isn’t removed, and the first account remains associated with the device token in the Customer.io dashboard. Even if step 4 has successfully identified another existing user. I’m unsure why this inconsistency occurs.

Additionally, I noticed that the iOS SDK assumes we don’t want two accounts connected to the same device token, as indicated by this log message:

“Deleting token from previously identified profile to prevent sending messages to it. It’s assumed that for privacy and messaging relevance, you only want to send messages to devices that a profile is currently identified with.”

I agree with this rule, However, this rule doesn’t seem to be enforced on the backend, as I’m able to see multiple accounts with the same device token on the Customer.io dashboard.

ami-aman commented 1 month ago

Hey there !

Thank you for taking the time to share the sample app with us. I wanted to let you know that our team will review the app and attempt to reproduce the issue. We’ll keep you updated and get back to you with an update as soon as possible.

AristideVB commented 3 weeks ago

Ok thank you @ami-aman 

“Deleting token from previously identified profile to prevent sending messages to it. It’s assumed that for privacy and messaging relevance, you only want to send messages to devices that a profile is currently identified with.”

I really think you should renforce this SDK rule on your backend, multiple accounts should not be able to have the same device token (I see it happening in our users who switch accounts thought)

ami-aman commented 2 weeks ago

Hi @AristideVB , Thank you for your patience.

I wanted to let you know that our team has identified the issue and is actively working on a fix. While we don’t have a specific timeline to share just yet, I assure you that we are on it and will provide an update here as soon as possible.

scotttwittrockcio commented 1 day ago

I wanted to provide a quick update here. While we identified the issue, the effort to resolve this is a bit larger than initially anticipated. We are reviewing what options we have to resolve this issue, but don't have an updated timeline.

AristideVB commented 20 hours ago

Thank you for the update @scotttwittrockcio 🙂

We hope it gets resolved as it's quite problematic, is there workaround to avoid it in the mean time ? (using the Customer.io - flutter SDK)