aws-amplify
Authenticator: Sign in with Google not working if Firefox is default browser
Before creating a new issue, please confirm:
- [X] I have searched for duplicate or closed issues and discussions.
- [X] I have tried disabling all browser extensions or using a different browser
- [X] I have tried deleting the node_modules folder and reinstalling my dependencies
- [X] I have read the guide for submitting bug reports.
On which framework/platform are you having an issue?
Flutter, Android
Which UI component?
Authenticator
How is your app built?
Flutter
What browsers are you seeing the problem on?
No response
Which region are you seeing the problem in?
No response
Please describe your bug.
I have set up Google OAuth sign-in for amplify using the flutter hosted Authenticator UI.
I have validated that the setup works correctly because it works fine on the flutter when built for the web.
However when built for android, the Google login page is loaded correctly, and after sign-in it redirects back to the app, but once my app opens again it just re-opens the Authenticator login screen.
(I have checked via breakpoint that my code is never hit i.e. the Authenticator library has the issue)
I have taken the documented steps to update the android manifest and am using the suggested myapp:// URI for both sign in and out in the amplify cli.
I have also set the minimum sdk version to 24 as noted in other issues.
No log messages are emitted either in flutter debug or directly on the device (I checked via bug report dump).
Please see below my AndroidManifest in case this helps:
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.jimmy_solutions.strength_assistant">
<queries>
<intent>
<action android:name=
"android.support.customtabs.action.CustomTabsService" />
</intent>
</queries>
<uses-permission android:name="android.permission.INTERNET"/>
<application
android:label="Strength Assistant"
android:name="${applicationName}"
android:icon="@mipmap/ic_launcher">
<activity
android:name=".MainActivity"
android:exported="true"
android:launchMode="singleTop"
android:theme="@style/LaunchTheme"
android:configChanges="orientation|keyboardHidden|keyboard|screenSize|smallestScreenSize|locale|layoutDirection|fontScale|screenLayout|density|uiMode"
android:hardwareAccelerated="true"
android:windowSoftInputMode="adjustResize">
<!-- Specifies an Android theme to apply to this Activity as soon as
the Android process has started. This theme is visible to the user
while the Flutter UI initializes. After that, this theme continues
to determine the Window background behind the Flutter UI. -->
<meta-data
android:name="io.flutter.embedding.android.NormalTheme"
android:resource="@style/NormalTheme"
/>
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data android:scheme="myapp" />
</intent-filter>
<intent-filter>
<action android:name="android.intent.action.MAIN"/>
<category android:name="android.intent.category.LAUNCHER"/>
</intent-filter>
</activity>
<!-- Don't delete the meta-data below.
This is used by the Flutter tool to generate GeneratedPluginRegistrant.java -->
<meta-data
android:name="flutterEmbedding"
android:value="2" />
</application>
</manifest>
What's the expected behaviour?
After Google sign-in completes, the Authenticator library should flow into the root of my project and actually complete the sign-in
Help us reproduce the bug!
Unfortunately I'm not sure how I can reproduce further given no error information is provided and it works fine on other platforms.
Please let me know if there's anything I can provide further!
Code Snippet
// Put your code below this line.
Console log output
No response
Additional information and screenshots
No response
Some further information, I noted that the Android manifest docs say that the <queries> tag was only introduced in API 30.
Therefore I tested my app also with the minimum SDK version set to 30 just in case there was some hard requirement on the CustomTabsService, however this did not change the behaviour.
I will now try downgrading the library just to see if it's a new issue or not.
I can confirm that this bug does not appear in version 1.0.0, but does occur in 1.1.0 and 1.2.1 - I can now revert to 1.0.0 as a workaround.
With further investigation, the problem can be narrowed down to if the Android user has their default browser set to Firefox i.e. no issues with chrome.
Pretty sure it's related to the upstream issue in the Android SDK where custom tabs view wasn't dismissing firefox correctly.
From what I'm aware the above was fixed but presumably just hasn't made it into the amplify flutter authenticator yet.
So this is "fixed" for now so long as you're willing to only support chrome (which in my situation I'll just do so, and close this issue)
Came back to this after the best part of a year as I was unhappy with not being able to support browsers other than chrome - found the solution!
The fix is very simple, by default in AndroidManifest.xml flutter puts the android:launchMode = "singleTop", whereas for the OAuth redirect to work with Amplify Authenticator for Firefox mobile you need to use android:launchMode="singleInstance".
I noticed this was the issue because when Firefox redirected back to the app, it opened an entirely fresh copy of the app which then wasn't ready to handle the auth code. Chrome must somehow know not to do this behind the scenes.
I'm not sure if anyone else will run into this but at least this comment may help someone. Ideally this would be added to the documentation to save others the effort!
Hi @rob-mur, glad you were able to resolve your issue.
Having a hard time following the original issue here. Sounds like there was an issue with the redirect, but its not clear how it happened.
Can you help us understand the original issue?
Hi, yes sure!
Essentially when using Google OAuth login with the flutter authenticator UI library, the default setup from the docs leads to an issue on Android if the user has their default browser set to Firefox.
In particular, when Firefox redirects back to the app via the myapp:// redirect, it seems to start a fresh copy of the app rather than the existing copy handling it.
Steps to reproduce:
- default flutter android app
- add amplify authenticator with Google social (although any would probably work)
- check that login works when chrome set to default browser
- change default browser to Firefox and see the login loop back to restarting the app
- perform the above mentioned fix in android manifest and see the login work
Hope this helps!
Hi @rob-mur, thanks for the extra context!
To confirm it sounds like this is related to Firefox supporting redirects and not something explicitly missing on our end, correct?
Was there something in particular that lead you astray in our documentation?
No worries. I think it's actually flutter/chrome not respecting the documentation - firefox seems to be doing exactly what the docs suggest.
In any case I don't see this as an issue with Amplify, but I would suggest including the relevant change in your example Android Manifest file so by default it works with firefox mobile - i.e. adding android:launchMode="singleInstance".
If it were me I would put it in the example manifest for social login here.
Hi @rob-mur, looking into it further, looks like adding android:launchMode="singleInstance" will limit the use of some 3rd party plugins such as the Flutter team's image picker.
We're investigating how to handle this internally to allow more flexibility. As such we're going to treat this like a bug and update you when its resolved. Thanks for bringing this to our attention.