IdentityModel.OidcClient icon indicating copy to clipboard operation
IdentityModel.OidcClient copied to clipboard

Published 20 hours ago verified publisher icon IdentityModel

Issues logging in with Android

Open acasciani opened this issue 2 years ago • 2 comments

We're encountering an issue within a Xamarin application using IdentityModel.OidcClient for one user/device on Android. If the user tries to login on Android device A, they are redirected from the IdentityServer back into the Xamarin application through the callback without issue. If they do the same steps on iOS device B, they also have no issue. If they repeat the steps on Android device C, then they receive an error. This is on a physical device with our application deployed to the Play store. At this time, we are not capturing the Error message or description from OidcClient.LoginAsync(LoginRequest, CancellationToken). We think the LoginResult.AccessToken is null or empty string, or LoginResult.IsError is true and we believe this may be an issue with only the one device (Android C).

Are there privacy settings on that device's browser that you are aware of that could cause an issue when IdentityModel.OidcClient returns to the Xamarin application that could be different from the other Android device (Android A)?

acasciani avatar Jun 23 '22 21:06 acasciani

This library is really only the orchestrator of the required front/back channel interactions.

Your IBrowser implementation is what communicates with the device. And I personally don't know anything about Android.

leastprivilege avatar Jun 24 '22 05:06 leastprivilege

Thanks @leastprivilege - you were correct, this was something in our IBrowser implementation. We are using ChromeCustomTabsBrowser. In there, we were setting the Intent's flags with ActivityFlags.NoHistory. What was happening was, if we initiated the OidcClient.LoginAsync(LoginRequest, CancellationToken) call, it opened the browser (as expected). If we left the app to go to a different app while that browser was opened, and then returned to the app where the browser was open, then it hid the browser. We commented out the code that added the ActivityFlags.NoHistory, and when we repeated the above steps the browser was still shown (success!).

I know you said you don't have experience with Android, but are you aware if setting the ActivityFlag for IBrowser's Intent to not set "NoHistory" will cause any issues with the OidcClient?

acasciani avatar Jun 29 '22 17:06 acasciani

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue.

github-actions[bot] avatar Nov 10 '22 00:11 github-actions[bot]