search

proyecto26 / react-native-inappbrowser

📱InAppBrowser for React Native (Android & iOS) 🤘
https://www.npmjs.com/package/react-native-inappbrowser-reborn
MIT License
1.31k stars 223 forks source link

Getting ERR_UNKNOWN_URL_SCHEME for Google when 2-Step Verification is enabled #350

Open JJSLIoT opened 2 years ago

JJSLIoT commented 2 years ago

Platform Details

Platform: Android 10, 11, 12 Device type: Physical device Issue appears in these Chrome browser versions: Stable: 101.0.4951.61 Beta: 102.0.5005.58 Canary: 104.0.5072.0

The issue does NOT appear in Chrome browser version: 87.0.4280.141

Package version: react-native-inappbrowser-reborn version: ^3.6.3 Also tried on expo-web-browser version: 9.2.0

To recreate

  1. You will need to enable 2-Step Verification in your Google account and use the same device to get the confirmation screen as the device you will be using the React Native app on.

    • See the screenshot of the 2-Step Verification confirmation page for reference that should appears after entering the password to reproduce this issue:

    • Then this screen appears and seems like app is navigated away:

  2. Clear browser cookies for all time to forcefully clean browser session and logout of all Google Accounts in Chrome. To do this: Chrome > Settings > Privacy and security > Clear browsing data > Advanced > Set time range to All Time > Select all checkboxes > Clear data

  3. Use inAppbrowser.openAuth(...) to sign in using Google as identity provider

  4. As the account is not signed into chrome browser already, it will ask for email id and password, enter the credentials

  5. Then the 2-Step Verification page appears like in the screenshot above.

  6. Shortly after that, "Are you trying to sign in?" screen is displayed like in the screenshot above. Press "Yes, it's me" button. Then this screen goes away.

  7. In the in-app browser show this error: <your_scheme>: links are blocked with error code = ERR_UNKNOWN_URL_SCHEME. See this screenshot:

In AndroidManifest.xml, this is how my deep linking URL (let's say "my_scheme") is configured: 

<intent-filter android:label="filter_react_native">
    <action android:name="android.intent.action.VIEW"/>
    <category android:name="android.intent.category.DEFAULT"/>
    <category android:name="android.intent.category.BROWSABLE"/>
    <data android:scheme="my_scheme"/>
</intent-filter>

This is how I call the openAuth function

const { type, url: newUrl } = await InAppBrowser.openAuth(
  url,
  redirectUrl,
  {
    showInRecents: true, // browser dismisses when set to false
    forceCloseOnRedirection: false, // same issue when set to true 
    showTitle: false,
    enableUrlBarHiding: true,
    enableDefaultShare: false,
    ephemeralWebSession: false,
  }
);

Also, if anyone wants the code for expo-web-browser module, here it is:

const { type, url: newUrl } = await WebBrowser.openAuthSessionAsync(
  url,
  redirectUrl,
  {
    showInRecents: true,
    toolbarColor: Colors.primaryVariant,
    createTask: false,
  },
);

I know this repository is only for react-native-inappbrowser-reborn but just wanted to let know anyone who comes across this, that the issue exists in other in-app browser modules as well and is not limited to this library only.

The issue does not appear when 2-Step Verification using the Device is already responded using Yes or it is not configured at all and the app signs in seamlessly.

jdnichollsc commented 2 years ago

Hello mate, thanks for reporting this issue

Can you share the oficial documentation to see if 2-Step verification of Google is supported by Chrome Custom Tabs?

JJSLIoT commented 2 years ago

@jdnichollsc Thank you for the reply.

I couldn't find any such documentation but I am pretty confident that the support should be there because an older version of chrome(87.0.4280.141) do not have this problem and after 2-Step verification using this chrome version for the in-app browser, the deep-linked URL works just fine. It shouldn't have happened that newer versions of chrome dropped the support for 2-Step Verification, that would be a weird move from Google.

gbmsimoes commented 2 years ago

@JairajJangleSLIOT I'm also getting this behaviour on 2-Step verification but not from Google. My use case is for a SSO authorization which requires a VPN certificate to be selected (accepted) before redirecting. When I have to select the certificate it fails and I get the same "links are blocked" error. When the certificate is already accepted the flow completes and there's no issues with the scheme which means, I'm redirected back to the app. It's as if the custom tab is losing context or isn't releasing/broadcasting the redirect_url and it's trying to open it inside Chrome.

This also only started happening on Chrome's version after 87.0.4280.141.

gbmsimoes commented 2 years ago

@JairajJangleSLIOT it seems as though this is indeed a problem with chrome and, apparently, they're aware of it. May I ask, when your login/redirect succeeds does it take less than 5 seconds and when it fails it takes longer?

(link to chromium issue: https://bugs.chromium.org/p/chromium/issues/detail?id=1320502)

JJSLIoT commented 2 years ago

@gbmsimoes For me, in both cases success/failure, it happens pretty instantly and I observed no such 5 seconds delay in either of the cases.

Thanks for sharing the chromium bug link.

Anis-Ghliss commented 2 months ago

Any updates regarding this issue ? I am facing the same problem also