Android for Work behavior when no browser is available in the work profile

[WilliamDenniss]

Need to validate what happens with AppAuth if you try and do an authorization request in a Work profile without a browser being present in the Work profile.

Generally speaking if you fire a browser intent in a Work profile with no browser, it will open the personal browser, and the OAuth flow will not complete successfully (intents from work->personal are one-way and can't be returned).

Ideally we would catch this condition before firing any intents.

[WilliamDenniss]

+@ve7jtb who ran into this when using Slack with an Android for Work profile. Slack use the system browser for auth. Not AppAuth specific, but hopefully something AppAuth can handle gracefully.

[iainmcgin]

I've been digging around for documentation on this. Our existing code should correctly handle the case where the work policy prevents work->personal intents (described here), but I've not found anything yet that would tell me from a package manager query whether a package is within the same profile or not. I'll keep digging.

[danieldobalian]

@iainmcgin did you ever find out more about the AFW cases and how to spot you're switching to a personal intent?

[iainmcgin]

I didn't; I'll try and ping my contacts to see what I can find out. I'm no longer at Google so it's harder now.