Closed syangatkonrad closed 2 years ago
@syangatkonrad Thank you for the report. I am going to pass this issue to our mobile engineering team for investigation and follow up.
Thank you for letting us know about this @syangatkonrad, we'll review this next week.
Hi @syangatkonrad could you provide us with a stack trace?
Hi @JayNewstrom unfortunately this was reported by an end user and we don't have access to the stack trace. Is there anything else I can provide?
It'll be hard to guess without a stack trace.
We've documented some error scenarios this might happen in the README: https://github.com/okta/okta-oidc-android#why-am-i-getting-invalid-key-errors
Thank you @JayNewstrom that's very helpful. Besides clearing app data, for scenario 1 where the key is invalidated by a change of security policy, what would be the solution?
If you're using the default config for storage/encryption, you can manually create the shared preferences instance, and clear it in code.
https://github.com/okta/okta-oidc-android/blob/7d2efb64d776c5b647f4f6951a86c92bb2d1382d/library/src/main/java/com/okta/oidc/storage/SharedPreferenceStorage.java#L55
Something like prefs.edit().clear().apply();
This is definitely a pain point to put this on the application developer (you). I'm taking this into account while designing the V2 of the SDK.
This has been implemented in the new SDK (currently in beta). See https://github.com/okta/okta-mobile-kotlin/pull/118
Describe the bug?
When attempting to call WebAuthClient.signIn(), the user is getting an onError callback with AuthorizationException.code of 5003.
By looking at your source code, this refers to an encryption error with invalid keys (the comment is "Error codes related to failed during read/write to storage" and specifically "Keys are invalid").
The user's device is an Android SM-G973W, Android 12.
Please advise.
What is expected to happen?
The widget should launch and allow the user to sign in.
What is the actual behavior?
The widget does not launch, instead will emit an error.
Reproduction Steps?
By calling WebAuthClient.signIn().
Additional Information?
No response
SDK Version
v1.2.2
Build Information
No response