search

okta / okta-oidc-android

OIDC SDK for Android
https://github.com/okta/okta-oidc-android
Other
60 stars 45 forks source link

SignIn via Web Auth fails in Android Emulator #284

Closed BenjYn closed 2 years ago

BenjYn commented 2 years ago

I am having almost identical issues with https://github.com/okta/okta-oidc-android/issues/192.

I'm running this on an Android emulator on both Mac OS X and Windows with no luck so far.

To quote that issue:

Background Note: I'm calling this lib via Okta's React Native lib. However, I'm pretty sure the issue is with this lib and not React Native or Okta's Lib for React Native.

Long story short, calling signIn() which in turn calls webClient.signIn(currentActivity, null) does nothing. I can see the call be made to the discovery endpoint, but nothing happens after that. No errors, no exceptions in logcat, nothing. Not sure if I'm doing something wrong or if something's broken.

The same operation with the same app works fine when running with an actual device.

JayNewstrom commented 2 years ago

Can you confirm you have configured requiredHardwareBackedKeyStore to false?

If so, could you provide us steps to reproduce? We're not able to reproduce this issue.

BenjYn commented 2 years ago

Can you confirm you have configured requiredHardwareBackedKeyStore to false?

If so, could you provide us steps to reproduce? We're not able to reproduce this issue.

I can confirm that requiredHardwareBackedKeyStore, using the sample app here: https://github.com/okta/samples-js-react-native/tree/master/browser-sign-in

Here's a recording (apologies for the flickering).

https://user-images.githubusercontent.com/16415858/137967645-78822265-c10c-4215-808e-5429610272f8.mp4

JayNewstrom commented 2 years ago

Do you have a stack trace we can look at?

BenjYn commented 2 years ago

I can try to find something, but nothing is showing up in the Metro bundler or anything. There were no errors or anything that came up.

In terms of setup, I pulled down https://github.com/okta/samples-js-react-native/tree/master/browser-sign-in, updated the samples.config.js there with our okta's application info, and then ran the app. The emulator is a fresh Pixel_5_API_30 image.

JayNewstrom commented 2 years ago

Can you run the following commands to see if a compatible browser is installed:

adb shell pm query-activities -a android.intent.action.VIEW -d "https://www.example.com"
adb shell pm query-services -a android.support.customtabs.action.CustomTabsService

If the query-services doesn't show any compatible custom tabs service then that device doesn't have a compatible browser.

BenjYn commented 2 years ago 
 adb shell pm query-activities -a android.intent.action.VIEW -d "https://www.example.com"
1 activities found:
  Activity #0:
    priority=0 preferredOrder=0 match=0x208000 specificIndex=-1 isDefault=true
    ActivityInfo:
      name=com.google.android.apps.chrome.IntentDispatcher
      packageName=com.android.chrome
      enabled=true exported=true directBootAware=false
      taskAffinity=null targetActivity=org.chromium.chrome.browser.document.ChromeLauncherActivity persistableMode=PERSIST_ROOT_ONLY
      launchMode=0 flags=0x301220 privateFlags=0x0 theme=0x7f14010f
      screenOrientation=-1 configChanges=0x1fb3 softInputMode=0x0
      lockTaskLaunchMode=LOCK_TASK_LAUNCH_MODE_DEFAULT
      resizeMode=RESIZE_MODE_RESIZEABLE_VIA_SDK_VERSION
      ApplicationInfo:
        name=org.chromium.chrome.browser.ChromeApplication
        packageName=com.android.chrome
        labelRes=0x7f130169 nonLocalizedLabel=null icon=0x7f080172 banner=0x0
        className=org.chromium.chrome.browser.ChromeApplication
        processName=com.android.chrome
        taskAffinity=com.android.chrome
        uid=10120 flags=0xa0cbbe45 privateFlags=0x84081110 theme=0x0
        requiresSmallestWidthDp=0 compatibleWidthLimitDp=0 largestWidthLimitDp=0
        sourceDir=/product/app/Chrome/Chrome.apk
        resourceDirs=[/product/overlay/DisplayCutoutEmulationEmu01/DisplayCutoutEmulationEmu01Overlay.apk]
        seinfo=default:targetSdkVersion=30
        seinfoUser=:complete
        dataDir=/data/user/0/com.android.chrome
        deviceProtectedDataDir=/data/user_de/0/com.android.chrome
        credentialProtectedDataDir=/data/user/0/com.android.chrome
        sharedLibraryFiles=[/product/app/TrichromeLibrary/TrichromeLibrary.apk]
        enabled=true minSdkVersion=29 targetSdkVersion=30 versionCode=410410681 targetSandboxVersion=1
        manageSpaceActivityName=org.chromium.chrome.browser.site_settings.ManageSpaceActivity
        supportsRtl=true
        fullBackupContent=true
        crossProfile=false
        networkSecurityConfigRes=0x7f170017
        category=7
        HiddenApiEnforcementPolicy=2
        usesNonSdkApi=false
        allowsPlaybackCapture=false
 adb shell pm query-services -a android.support.customtabs.action.CustomTabsService
1 services found:
  Service #0:
    priority=0 preferredOrder=0 match=0x108000 specificIndex=-1 isDefault=false
    ServiceInfo:
      name=org.chromium.chrome.browser.customtabs.CustomTabsConnectionService
      packageName=com.android.chrome
      enabled=true exported=true directBootAware=false
      permission=null
      flags=0x0
      ApplicationInfo:
        name=org.chromium.chrome.browser.ChromeApplication
        packageName=com.android.chrome
        labelRes=0x7f130169 nonLocalizedLabel=null icon=0x7f080172 banner=0x0
        className=org.chromium.chrome.browser.ChromeApplication
        processName=com.android.chrome
        taskAffinity=com.android.chrome
        uid=10120 flags=0xa0cbbe45 privateFlags=0x84081110 theme=0x0
        requiresSmallestWidthDp=0 compatibleWidthLimitDp=0 largestWidthLimitDp=0
        sourceDir=/product/app/Chrome/Chrome.apk
        resourceDirs=[/product/overlay/DisplayCutoutEmulationEmu01/DisplayCutoutEmulationEmu01Overlay.apk]
        seinfo=default:targetSdkVersion=30
        seinfoUser=:complete
        dataDir=/data/user/0/com.android.chrome
        deviceProtectedDataDir=/data/user_de/0/com.android.chrome
        credentialProtectedDataDir=/data/user/0/com.android.chrome
        sharedLibraryFiles=[/product/app/TrichromeLibrary/TrichromeLibrary.apk]
        enabled=true minSdkVersion=29 targetSdkVersion=30 versionCode=410410681 targetSandboxVersion=1
        manageSpaceActivityName=org.chromium.chrome.browser.site_settings.ManageSpaceActivity
        supportsRtl=true
        fullBackupContent=true
        crossProfile=false
        networkSecurityConfigRes=0x7f170017
        category=7
        HiddenApiEnforcementPolicy=2
        usesNonSdkApi=false
        allowsPlaybackCapture=false
JayNewstrom commented 2 years ago

Looks fine. Can you confirm your redirectUri is different than your endSessionRedirectUri? Can you also confirm you don't have any other apps installed with those redirect Uris, like other Okta sample apps.

BenjYn commented 2 years ago

There aren't any other sample Okta apps installed on this emulator, however the redirectUri and the endSessionRedirectUri are the same, as that's how it's set up in the okta application. I will double check with other engineers here to see if that's correct or not

JayNewstrom commented 2 years ago

This SDK will not function correctly if the redirect uris are the same. It might work on iOS, but not on Android. Please update those and report back.

BenjYn commented 2 years ago

Updating the endSessionRedirectUri to something different did not appear to have any effect unfortunately

JayNewstrom commented 2 years ago

Ok, next steps are definitely getting us able to reproduce this. If you can isolate an issue, and give us logs that would be great.

Otherwise you can reach out to our support team: https://support.okta.com/ They'll be able to provide more direct support.