Email link just opens the app, it doesn't allow users to pass sign-in wall

zjamshidi commented 1 year ago

Describe your environment

Android device: Advan Tablet Sketsa 2
Android OS version: Android 11
FirebaseUI version: 8.0.1
Android device: Realme GT2 Pro
Android OS version: Android 12
FirebaseUI version: 8.0.1

Step 3: Describe the problem:

We have recently replaced email/password auth with email link sign-in. A few users have reported that they receive the email to log in and the URL opens the app but they get stuck behind the sign-in wall.

Steps to reproduce:

Enter the email address
Open the received email
Click the link on the email
Then it takes me back again to the login page. It's an infinite loop

Relevant Code:

@Override
protected void onCreate(Bundle savedInstanceState) {
        ...
        handleDynamicLinks(getIntent());
}

@Override
protected void onNewIntent(Intent intent) {
        ...
        handleDynamicLinks(intent);
}

private Intent buildSignInIntent(boolean onlyGoogle) {
        List<AuthUI.IdpConfig> selectedProviders = new ArrayList<>();
            ActionCodeSettings actionCodeSettings = ActionCodeSettings.newBuilder()
                    .setIOSBundleId("XXX-ios")
                    .setAndroidPackageName(
                            /* yourPackageName= */ "XXX.android",
                            /* installIfNotAvailable= */ true,
                            /* minimumVersion= */ null)
                    .setHandleCodeInApp(true) // This must be set to true
                    .setUrl("AUTH_DOMAIN") // This URL needs to be whitelisted
                    .build();

            selectedProviders.addAll(Arrays.asList(
                    new AuthUI.IdpConfig.EmailBuilder()
                            .enableEmailLinkSignIn()
                            .setActionCodeSettings(actionCodeSettings).build(),
                    new AuthUI.IdpConfig.FacebookBuilder().build(),
                    new AuthUI.IdpConfig.GoogleBuilder().build()
            ));

            if (enableAppleSignin()) {
                selectedProviders.add(2, new AuthUI.IdpConfig.AppleBuilder().build());
            }
        }

        AuthMethodPickerLayout customLayout = new AuthMethodPickerLayout
                .Builder(R.layout.fragment_register)
                .setGoogleButtonId(R.id.custom_google_signin_button)
                .setEmailButtonId(R.id.custom_email_signin_button)
                .setFacebookButtonId(R.id.custom_facebook_signin_button)
                .setAppleButtonId(R.id.custom_apple_signin_button)
                .setTosAndPrivacyPolicyId(R.id.custom_tos)
                .build();

        return AuthUI.getInstance().createSignInIntentBuilder()
                .setIsSmartLockEnabled(onlyGoogle /* credentials */, true)
                .setLogo(AuthUI.NO_LOGO)
                .setTheme(R.style.AppTheme)
                .setAvailableProviders(selectedProviders)
                .setAuthMethodPickerLayout(customLayout)
                .setTosAndPrivacyPolicyUrls(Constants.TermsOfUseURL, Constants.PrivacyPolicyURL)
                .build();
}

    ....

private void handleDynamicLinks(Intent intent) {
        if (AuthUI.canHandleIntent(intent)) {
            if (intent.getExtras() == null) {
                return;
            }

            String link = intent.getData().toString();

            Intent signInIntent = AuthUI.getInstance()
                    .createSignInIntentBuilder()
                    .setEmailLink(link)
                    .setLogo(AuthUI.NO_LOGO)
                    .setTheme(R.style.AppTheme)
                    .setAvailableProviders(Collections.emptyList())
                    .build();

            signInLauncher.launch(signInIntent);
        }
}

AndroidManifest.xml

<activity
            android:name=".ui.BoardingActivity"
            android:configChanges="orientation|screenSize|keyboardHidden"
            android:launchMode="singleTask"
            android:screenOrientation="behind">
            <intent-filter>
                <action android:name="android.intent.action.VIEW" />

                <category android:name="android.intent.category.DEFAULT" />
                <category android:name="android.intent.category.BROWSABLE" />

                <data
                    android:host="DYNAMIC_LINK_DOMAIN1"
                    android:scheme="https" />
            </intent-filter>
            <intent-filter>
                <action android:name="android.intent.action.VIEW" />

                <category android:name="android.intent.category.DEFAULT" />
                <category android:name="android.intent.category.BROWSABLE" />

                <data
                    android:host="AUTH_DOMAIN"
                    android:scheme="https" />
            </intent-filter>
        </activity>

zjamshidi commented 1 year ago

Any update on this issue?

The implementation works fine on most of the devices but some users are facing this issue. It seems the dynamic link is handled differently on different devices.

zjamshidi commented 1 year ago

any update?

@thatfiredev could you help us with this?

stahlmagnat commented 9 months ago

Did you manage to fix this? I have the same issue...I get the deeplink but sending it with .setEmailLink(link) seems to have no effect.

zjamshidi commented 9 months ago

In my case, sometimes the splash screen (not the login screen) was capturing the link. So I checked AuthUI.canHandleIntent(intent) on the splash and if needed extracted the link and manually passed it to the login screen. I didn't get any report after this change.

firebase / FirebaseUI-Android