search

dotnet / maui

.NET MAUI is the .NET Multi-platform App UI, a framework for building native device applications spanning mobile, tablet, and desktop.
https://dot.net/maui
MIT License
22.21k stars 1.74k forks source link

Migrating LegacySecureStorage on Android doesn't work #21688

Closed ssbssb-cmd closed 1 month ago

ssbssb-cmd commented 6 months ago

Description

Followed the steps here to migrate entries from Xamarin SecureStorage into MAUI SecureStorage, but it is always returning null

https://learn.microsoft.com/en-us/dotnet/maui/migration/secure-storage?view=net-maui-8.0

Steps to Reproduce

  1. Create new Xamarin App
  2. Add Xamarin.Essentials
  3. Save a token:
                await SecureStorage.SetAsync("oauth_token", "secret-oauth-token-value");

  1. Create a new MAUI app

  2. Copy paste the code from https://learn.microsoft.com/en-us/dotnet/maui/migration/secure-storage?view=net-maui-8.0, creating new classes for AndroidKeyStore, LegacySecureStorage, KeyChain

  3. Try and retrieve the token

        string token = await LegacySecureStorage.GetAsync("oauth_token");

On Android It is returning null

Link to public reproduction project repository

No response

Version with bug

8.0.6 SR1

Is this a regression from previous behavior?

Not sure, did not test other versions

Last version that worked well

Unknown/Other

Affected platforms

Android

Affected platform versions

No response

Did you find any workaround?

Not yet

Relevant log output

No response

sb111111111 commented 6 months ago

Hey - has anyone else experienced this? or found any workaround

ssbssb-cmd commented 6 months ago

Hi all - anyone else facing this? Am blocked with migrating from xamarin to MAUI at the moment and struggling to work out how to investigate this further or fix

IainS1986 commented 6 months ago

Seen a similar thing I think.

One thing that I'm not sure about, the example code for migration in the AndroidKeyStore code has a call to

LegacySecureStorage.RemoveAll(); This will fire in the first 'Get' call to get a single key (the first decrypt).

This seems - odd. Surely its going to clear all saved secure storage keys the moment you try and get 1, so only the first might work? 🤷

de-preut commented 6 months ago

I'm also currently working in the migration of old SecureStorage items to MAUI and see the same incorrect behaviour. I'm not sure if I missed an important step, but I followed the linked documentation and it's still not working.

de-preut commented 6 months ago

@ssbssb-cmd I think I found a solution! Based on a comment here (https://github.com/jfversluis/Plugin.Maui.FormsMigration/issues/1#issuecomment-1887524054) I created a signing key for my debug configuration (I followed https://learn.microsoft.com/en-us/dotnet/maui/android/deployment/publish-cli?view=net-maui-8.0) and signed the Xamarin.Forms based app as well as the MAUI based app with the same keystore...and it worked!

IainS1986 commented 6 months ago

If you're migrating an android app surely you need to be signing it with the same key, otherwise you're not going to be able to upload to the playstore or install and update over the top?

de-preut commented 5 months ago

If you're migrating an android app surely you need to be signing it with the same key, otherwise you're not going to be able to upload to the playstore or install and update over the top?

yeah, that's true. But (at least in my case) we had the issue in an unsigned debug build as a proof-of-concept if the migration is working. Therefore I was just not aware that even this build needs to be signed already

ssbssb-cmd commented 5 months ago

@ssbssb-cmd I think I found a solution! Based on a comment here (jfversluis/Plugin.Maui.FormsMigration#1 (comment)) I created a signing key for my debug configuration (I followed https://learn.microsoft.com/en-us/dotnet/maui/android/deployment/publish-cli?view=net-maui-8.0) and signed the Xamarin.Forms based app as well as the MAUI based app with the same keystore...and it worked!

OK great - i will give it a go! Did you have to do it via command line? Or is there someway within Visual Studio Mac to sign the debug package with the prod key?

ssbssb-cmd commented 3 months ago

Hey - just wanted to check-in on this, how would I be able sign the debug build with the release / production key?

IainS1986 commented 3 months ago

It's been a long time since I've done it but you should able to create a local signing key and upload it to the playstore to use as the signing key - so all builds can be signed the same

jfversluis commented 1 month ago

As pointed out, make sure all is the same. I'm pretty sure all will work as intended then. If something still doesn't seem right, please open a new issue, thanks!