Chrome blocks redirect to custom URI schema after Login form submit

[fwagner]

I am seeing this issue on our production app (not using AppAuth) but was able to reproduce it with this sample app as well: The app makes the initial authentication request to Okta and the user is not yet logged into Okta so that she is redirected to the Okta login form. When submitting the form, the redirect to the custom schema is not working, instead Chrome just shows the ERR_UNKNOWN_URL_SCHEME error. When the user now repeats this step while continuing to be signed in with Okta, the redirect works like expected. It also only happens with Chrome. When using the default "Internet" browser on a test Samsung device, it works as expected also after the initial login. Has anyone seen this issue as well?

[jmelberg-okta]

@fwagner: This looks similar to the issue reported the other day -- #1. This sounds like it would be an issue with Chrome, but I'm following up with a few internal teams to see what may be the underlying cause.

[fwagner]

@jmelberg-okta: That seems true. I thought it is separate because #1 explicitly mentioned setting the login hint. I did some more digging after your comment and it seems that it only happens when I had checked the box to remember the user data on the Login form (which I always had checked) previously. When there is no pre-filled user, the redirect and forward to the app works as expected - very odd...

[mwoollard]

We are seeing this issue too - we had a working sign in that appears to have broken recently without any client side changes. We are using OpenID's Android SDK for OAuth. Some recent change to the Okta login form and redirects ?

I've used browser blacklist to not allow OpenID's SDK to pick Chrome and sign-in redirects now work but less than ideal.

[wdawson]

Hi @mwoollard and @fwagner .

FYI we think we've narrowed down the issue to a Chromium bug. I've added a comment there to hopefully help them reproduce the issue faster :crossed_fingers: