AppAuth-Android icon indicating copy to clipboard operation
AppAuth-Android copied to clipboard

Published 20 hours ago verified publisher icon openid

After MFA call , redirection is not happening but with MFA sms redirection is happening

Open anandayyanar3450 opened this issue 3 years ago • 7 comments

I have implemented 'net.openid:appauth:0.10.0 ' in my app. Here a custom tab is opened after verifying the user credentials via Microsoft login , user gets an mfa call and after which the library is not getting redirected to the app and also app is in the background.

But instead of MFA call if verification is done via sms or the MFA call is received from a different device , it redirects back to the app. and if the MA call is done on the same device where the app is running then the custom tab is not redirecting to the app although the redirect uri is correct.

anandayyanar3450 avatar Dec 15 '21 12:12 anandayyanar3450

Guessing that by MFA call you mean, phone call verification. Let's trace it again: • user taps login in app • app opens custom tab with MS auth • user inputs credentials in custom tab and taps login in the custom tab • user has 2FA enabled so he choses phone call verification on this second step • he gets called by the phone service and answers What happens when the call ends? Do you return to the custom tab and wait for the service to confirm your auth?

agologan avatar Dec 16 '21 08:12 agologan

yes the custom tab is freezed ie wait for the service to confirm auth and also the app goes to the background. But when the phone call if attended from a different device, the custom tab redirects me back to the app and also mfa based sms authentication works well.

anandayyanar3450 avatar Dec 16 '21 09:12 anandayyanar3450

I am using the Microsoft Multifactor authentication(MFA). The library redirects me back to the app if i receive the call from another device but if I am performing MFA call authentication on the same device where the app is running, the custom tab is freeze. (might be the AuthorizationService mAuthService.performAuthorizationRequest ( mAuthRequest.get(), PendingIntent.getActivity(this, 0, completionIntent, 0), PendingIntent.getActivity(this, 0, cancelIntent, 0), mAuthIntent.get());

is not working )

But the Custom tab works well for MFA via sms authentication ie it redirects me back to the app.

anandayyanar3450 avatar Dec 16 '21 10:12 anandayyanar3450

I'm sorry I don't understand. When you come back from your phone call does it return you to the CustomTab? If yes what is the state of the website does it still wait for verification to complete? Do you mind breakpointing in AuthorizationManagementActivity.onNewIntent() does this get called at any time during your MFA verification? how about onResume() for that activity?

agologan avatar Dec 16 '21 14:12 agologan

After the phone call, it returns to the Custom Tab and stays there forever and doesn't redirect back to the app. The AuthorizationManagementActivity.onNewIntent() doesnt get called

anandayyanar3450 avatar Dec 17 '21 03:12 anandayyanar3450

any update, as how to resolve this, Kindly suggest

anandayyanar3450 avatar Dec 19 '21 12:12 anandayyanar3450

Unfortunately there isn't much we can do to help. The lib doesn't control either the IDP or the browser. It only picks up after the intent callback.

I see a similar report in Microsoft's own library https://github.com/AzureAD/microsoft-authentication-library-for-android/issues/758 and one of their members admitting there's was an issue in their webpage.

While I was going to recommend you reach out to MS developer support I see you already posted in that MSAL thread. You might not get an appropriate response there and may just be directed to use their library. Best bet would be to reach out to the AD team at MS via Azure support.

agologan avatar Dec 20 '21 08:12 agologan