search

okta / okta-mobile-kotlin

Okta's Android Authentication SDK
https://okta.github.io/okta-mobile-kotlin/
Apache License 2.0
35 stars 12 forks source link

Redirect is not happening after MFA verification(Push notification) #227

Open Karthik-hb opened 2 years ago

Karthik-hb commented 2 years ago

Describe the bug?

We are trying to login using okta with MFA. and we are using push notification to verify user.

After sending a push notification and accepting (Yes, it's me) instead of redirecting back to APP it's going to okta dashboard. and sometimes after accepting the pushing notification also show an error message on the login page Haven't received push notificaton yet? Try opening the okta app...

     signInRedirectUri=com.testingglobal.testingAPP:/callback

     defaultConfig {
            manifestPlaceholders = [
                    "webAuthenticationRedirectScheme": "com.testingglobal.testingAPP",
                    "appAuthRedirectScheme": "com.testingglobal.testingAPP"
            ]
        }

What is expected to happen?

After accepting push notification it should go back to Android app.

What is the actual behavior?

Redirect is not happening.

Reproduction Steps?

Step 1- Login Step 2- Click Push sent Step 3 -After getting push notification click Yes, it's me

Note -it should go back to android screen

Additional Information?

No response

SDK Version and Artifact(s) used.

compileSdkVersion 31

//OKTA
implementation 'com.okta.android:okta-oidc-android:1.3.2'
implementation('com.okta.kotlin:auth-foundation:1.1.0')
implementation('com.okta.kotlin:auth-foundation-bootstrap:1.1.0')
implementation('com.okta.kotlin:oauth2:1.1.0')
implementation('com.okta.kotlin:web-authentication-ui:1.1.0')
implementation 'androidx.lifecycle:lifecycle-extensions:2.2.0'

Build Information

No response

JayNewstrom commented 2 years ago

Hi @Karthik-hb it looks like you have both our legacy (com.okta.android:okta-oidc-android) as well as our new (com.okta.kotlin) SDKs. You should only need one (unless you're migrating from the old SDK).

You have 2 options to fix this:

  1. Remove the dependency on com.okta.android:okta-oidc-android
  2. Change appAuthRedirectScheme, for instance to com.testingglobal.testingAPP.legacy (it doesn't matter what you change it to, it just can't match webAuthenticationRedirectScheme.
Karthik-hb commented 2 years ago

Hi @JayNewstrom Thanks for your update. Now redirects back to the app after I changed the redirect URI with a specific format initially redirect format did not contain okta and org name.

Redirect URL format=com.okta.ORGNAME

But while Redirecting Back to Android APP from the browser it has showing the same App multiple times in App chooser to redirect back.

Karthik-hb commented 2 years ago

But while Redirecting Back to Android APP from the browser it has showing the same App multiple times in App chooser to redirect back.

JayNewstrom commented 2 years ago

Ensure you have a unique redirect scheme for each application you plan to install. This is expected Android behavior if you have multiple apps with the same redirect scheme.

Karthik-hb commented 1 year ago

I am getting below exception. com.okta.oauth2.AuthorizationCodeFlow$ResumeException: Policy evaluation failed for this request, please check the policy configurations.

Can you please help me to solve this issue?