Android - OAuth Callback URL issue for a handful of devices

Hi there, community!

We have just started to experience an issue with our app in the last 2-3 weeks.

Our app is a ReactJS SPA PWA turned Capacitor Hybrid App.

The issue is as follows:

1. Open app and be automatically redirected to our log in page (OAuth 2.0 journey)
2. Log In with user details
3. Be automatically redirected back to the app.
4. Normally the user now has a valid session and can begin using the app.
5. However, in this bug, this does not happen. Instead, when the user is taken back to the app, they are not taken to the correct page and OAuth is not completed correctly.

Points to note:-

• We can only replicate the issue on 4 Android devices.
• So far, it is not an issue on iOS or Web.
• We cannot replicate it in an emulator (Android Studio).
• We have tested around a dozen physical devices and they can also not replicate the bug.
• All the Android devices we have tested are on the latest version (13 + any patches, etc.).
• All devices prefer Google Chrome as their browser and are on the latest version 117 (+ any patches, etc.).
• It makes no difference what account type or subscription type the user has.

The devices the bug occurs in are:-

• Samsung S20 FE
• Motorola Edge 30 Neo
• Motorola Moto 3 (although that had an older Android version installed)

It was working fine for these people a couple of weeks ago!

Other Info:-

• Capacitor 5
• Gradle 8
• Target SDK 33

Our AndroidManifest.xml file:-

<?xml version="1.0" encoding="utf-8" ?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="uk.co.app.mobile.my">
    <application
        android:allowBackup="true"
        android:icon="@mipmap/ic_launcher"
        android:label="@string/app_name"
        android:roundIcon="@mipmap/ic_launcher_round"
        android:supportsRtl="true"
        android:theme="@style/AppTheme">

        <activity
            android:configChanges="orientation|keyboardHidden|keyboard|screenSize|locale|smallestScreenSize|screenLayout|uiMode"
            android:name="uk.co.app.mobile.my.MainActivity"
            android:label="@string/title_activity_main"
            android:theme="@style/AppTheme.NoActionBarLaunch"
            android:launchMode="singleTask"
            android:exported="true">

 
            <intent-filter>
                <action android:name="android.intent.action.MAIN" />
                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>

            <intent-filter>
                <action android:name="android.intent.action.VIEW" />
                <category android:name="android.intent.category.DEFAULT" />
                <category android:name="android.intent.category.BROWSABLE" />
                <data android:scheme="@string/custom_url_scheme" />
            </intent-filter>

            <intent-filter>
                <action android:name="android.intent.action.VIEW" />
                <category android:name="android.intent.category.DEFAULT" />
                <category android:name="android.intent.category.BROWSABLE" />
                <data android:scheme="capacitor" />
                <data android:host="localhost" />
            </intent-filter>
 
        </activity>

        <provider
            android:name="androidx.core.content.FileProvider"
            android:authorities="${applicationId}.fileprovider"
            android:exported="false"
            android:grantUriPermissions="true">
            <meta-data
                android:name="android.support.FILE_PROVIDER_PATHS"
                android:resource="@xml/file_paths"></meta-data>
        </provider>

    </application>

    <!-- Permissions -->

    <uses-permission android:name="android.permission.INTERNET" />
    <!-- Camera, Photos, input file -->
    <uses-permission android:name="android.permission.READ_MEDIA_IMAGES" />
    <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
    <!-- Network API -->
    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
    <!-- Video -->
    <uses-permission android:name="android.permission.CAMERA" />
    <!-- Audio -->
    <uses-permission android:name="android.permission.RECORD_AUDIO" />
    <uses-permission android:name="android.permission.MODIFY_AUDIO_SETTINGS"/>


    <!-- Queries -->
    <queries>
        <package android:name="co.uk.another.app" />
    </queries>
</manifest>

Our variables.gradle file

ext {
    minSdkVersion = 22
    compileSdkVersion = 33
    targetSdkVersion = 33
    androidxActivityVersion = '1.7.0'
    androidxAppCompatVersion = '1.6.1'
    androidxCoordinatorLayoutVersion = '1.2.0'
    androidxCoreVersion = '1.10.0'
    androidxFragmentVersion = '1.5.6'
    coreSplashScreenVersion = '1.0.0'
    androidxWebkitVersion = '1.6.1'
    junitVersion = '4.13.2'
    androidxJunitVersion = '1.1.5'
    androidxEspressoCoreVersion = '3.5.1'
    cordovaAndroidVersion = '10.1.1'
}

If there is any more information I can provide that would be useful to know, just ask!

Many thanks in advance for your thoughts and idea everyone!

I have an update that may be worth recording.

We have connected one of the problematic devices to Android Studio for debugging.

I’ve provided the logs below. Noteworthy items include [object DOMException].

The number of Android devices experiencing blank screen is increase by the day. Eek!

2023-10-03 13:34:36.202 17853-17853 h.app.mobile.my         uk.co.app.mobile.my           W  Redefining intrinsic method java.lang.Thread java.lang.Thread.currentThread(). This may cause the unexpected use of the original definition of java.lang.Thread java.lang.Thread.currentThread()in methods that have already been compiled.
2023-10-03 13:34:36.202 17853-17853 h.app.mobile.my         uk.co.app.mobile.my           W  Redefining intrinsic method boolean java.lang.Thread.interrupted(). This may cause the unexpected use of the original definition of boolean java.lang.Thread.interrupted()in methods that have already been compiled.
2023-10-03 13:34:36.205 17853-17853 Compatibil...geReporter uk.co.app.mobile.my           D  Compat change id reported: 171979766; UID 10388; state: ENABLED
2023-10-03 13:34:36.220 17853-17853 nativeloader            uk.co.app.mobile.my           D  Configuring clns-4 for other apk /system/framework/org.apache.http.legacy.jar. target_sdk_version=33, uses_libraries=ALL, library_path=/data/app/~~P2aOK5utMNQRLZFh7fMnyg==/uk.co.app.mobile.my-YndmnQ8iKfFAoFlqDGKD4g==/lib/arm64, permitted_path=/data:/mnt/expand:/data/user/0/uk.co.app.mobile.my
2023-10-03 13:34:36.220 17853-17853 nativeloader            uk.co.app.mobile.my           D  Extending system_exposed_libraries: libbinauralrenderer_wrapper.qti.so:libhoaeffects.qti.so:libQOC.qti.so:libjni_helper.motocameradesktop.so:libupdateprof.qti.so:libQOC.qti.so:libdiag_system.qti.so:libqape.qti.so:libqesdk_ndk_platform.qti.so:liblistenjni.qti.so:libimgTuner_jni.motoimagetuner.so
2023-10-03 13:34:36.224 17853-17853 ziparchive              uk.co.app.mobile.my           W  Unable to open '/data/app/~~P2aOK5utMNQRLZFh7fMnyg==/uk.co.app.mobile.my-YndmnQ8iKfFAoFlqDGKD4g==/base.dm': No such file or directory
2023-10-03 13:34:36.225 17853-17853 ziparchive              uk.co.app.mobile.my           W  Unable to open '/data/app/~~P2aOK5utMNQRLZFh7fMnyg==/uk.co.app.mobile.my-YndmnQ8iKfFAoFlqDGKD4g==/base.dm': No such file or directory
2023-10-03 13:34:36.293 17853-17853 nativeloader            uk.co.app.mobile.my           D  Configuring clns-5 for other apk /data/app/~~P2aOK5utMNQRLZFh7fMnyg==/uk.co.app.mobile.my-YndmnQ8iKfFAoFlqDGKD4g==/base.apk. target_sdk_version=33, uses_libraries=, library_path=/data/app/~~P2aOK5utMNQRLZFh7fMnyg==/uk.co.app.mobile.my-YndmnQ8iKfFAoFlqDGKD4g==/lib/arm64, permitted_path=/data:/mnt/expand:/data/user/0/uk.co.app.mobile.my
2023-10-03 13:34:36.306 17853-17853 GraphicsEnvironment     uk.co.app.mobile.my           V  ANGLE Developer option for 'uk.co.app.mobile.my' set to: 'default'
2023-10-03 13:34:36.307 17853-17853 GraphicsEnvironment     uk.co.app.mobile.my           V  ANGLE GameManagerService for uk.co.app.mobile.my: false
2023-10-03 13:34:36.307 17853-17853 GraphicsEnvironment     uk.co.app.mobile.my           V  Neither updatable production driver nor prerelease driver is supported.
2023-10-03 13:34:36.312 17853-17853 NetworkSecurityConfig   uk.co.app.mobile.my           D  Using Network Security Config from resource network_security_config debugBuild: true
2023-10-03 13:34:36.314 17853-17853 NetworkSecurityConfig   uk.co.app.mobile.my           D  Using Network Security Config from resource network_security_config debugBuild: true
2023-10-03 13:34:36.329 17853-17853 Typeface                uk.co.app.mobile.my           I  updateThemeFont new=Rookery-Regular;old=sans-serif;new=Rookery-Stacked;old=
2023-10-03 13:34:36.362 17853-17853 AppCompatDelegate       uk.co.app.mobile.my           D  Checking for metadata for AppLocalesMetadataHolderService : Service not found
2023-10-03 13:34:36.404 17853-17853 h.app.mobile.my         uk.co.app.mobile.my           W  Accessing hidden method Landroid/view/View;->computeFitSystemWindows(Landroid/graphics/Rect;Landroid/graphics/Rect;)Z (unsupported, reflection, allowed)
2023-10-03 13:34:36.404 17853-17853 h.app.mobile.my         uk.co.app.mobile.my           W  Accessing hidden method Landroid/view/ViewGroup;->makeOptionalFitsSystemWindows()V (unsupported, reflection, allowed)
2023-10-03 13:34:36.420 17853-17853 ziparchive              uk.co.app.mobile.my           W  Unable to open '/data/app/~~HQaplYAwWDcssf45J4jt6A==/com.google.android.trichromelibrary_593806033-mzvSSbAtypTbzt1WKqyQnA==/base.dm': No such file or directory
2023-10-03 13:34:36.420 17853-17853 ziparchive              uk.co.app.mobile.my           W  Unable to open '/data/app/~~HQaplYAwWDcssf45J4jt6A==/com.google.android.trichromelibrary_593806033-mzvSSbAtypTbzt1WKqyQnA==/base.dm': No such file or directory
2023-10-03 13:34:36.420 17853-17853 h.app.mobile.my         uk.co.app.mobile.my           W  Entry not found
2023-10-03 13:34:36.422 17853-17853 nativeloader            uk.co.app.mobile.my           D  Configuring clns-6 for other apk /data/app/~~HQaplYAwWDcssf45J4jt6A==/com.google.android.trichromelibrary_593806033-mzvSSbAtypTbzt1WKqyQnA==/base.apk. target_sdk_version=34, uses_libraries=ALL, library_path=/data/app/~~qFKqXjfdoumf74i693wWtA==/com.google.android.webview-aj4DLA5LayEOAZm35TNBRQ==/lib/arm64:/data/app/~~qFKqXjfdoumf74i693wWtA==/com.google.android.webview-aj4DLA5LayEOAZm35TNBRQ==/base.apk!/lib/arm64-v8a:/data/app/~~HQaplYAwWDcssf45J4jt6A==/com.google.android.trichromelibrary_593806033-mzvSSbAtypTbzt1WKqyQnA==/base.apk!/lib/arm64-v8a, permitted_path=/data:/mnt/expand
2023-10-03 13:34:36.422 17853-17853 nativeloader            uk.co.app.mobile.my           D  Extending system_exposed_libraries: libbinauralrenderer_wrapper.qti.so:libhoaeffects.qti.so:libQOC.qti.so:libjni_helper.motocameradesktop.so:libupdateprof.qti.so:libQOC.qti.so:libdiag_system.qti.so:libqape.qti.so:libqesdk_ndk_platform.qti.so:liblistenjni.qti.so:libimgTuner_jni.motoimagetuner.so
2023-10-03 13:34:36.428 17853-17853 nativeloader            uk.co.app.mobile.my           D  Configuring clns-7 for other apk /data/app/~~qFKqXjfdoumf74i693wWtA==/com.google.android.webview-aj4DLA5LayEOAZm35TNBRQ==/base.apk. target_sdk_version=34, uses_libraries=, library_path=/data/app/~~qFKqXjfdoumf74i693wWtA==/com.google.android.webview-aj4DLA5LayEOAZm35TNBRQ==/lib/arm64:/data/app/~~qFKqXjfdoumf74i693wWtA==/com.google.android.webview-aj4DLA5LayEOAZm35TNBRQ==/base.apk!/lib/arm64-v8a:/data/app/~~HQaplYAwWDcssf45J4jt6A==/com.google.android.trichromelibrary_593806033-mzvSSbAtypTbzt1WKqyQnA==/base.apk!/lib/arm64-v8a, permitted_path=/data:/mnt/expand
2023-10-03 13:34:36.434 17853-17853 WebViewFactory          uk.co.app.mobile.my           I  Loading com.google.android.webview version 117.0.5938.60 (code 593806033)
2023-10-03 13:34:36.448 17853-17853 cr_WVCFactoryProvider   uk.co.app.mobile.my           I  Loaded version=117.0.5938.60 minSdkVersion=29 isBundle=true multiprocess=true packageId=2
2023-10-03 13:34:36.463 17853-17883 chromium                uk.co.app.mobile.my           E  [1003/133436.462760:ERROR:variations_seed_loader.cc(69)] Failed to open file for reading. Errno: 2
2023-10-03 13:34:36.477 17853-17853 cr_LibraryLoader        uk.co.app.mobile.my           I  Successfully loaded native library
2023-10-03 13:34:36.478 17853-17853 cr_CachingUmaRecorder   uk.co.app.mobile.my           I  Flushed 7 samples from 7 histograms, 0 samples were dropped.
2023-10-03 13:34:36.501 17853-17853 Compatibil...geReporter uk.co.app.mobile.my           D  Compat change id reported: 183155436; UID 10388; state: ENABLED
2023-10-03 13:34:36.523 17853-17893 chromium                uk.co.app.mobile.my           W  [WARNING:dns_config_service_android.cc(81)] Failed to read DnsConfig.
2023-10-03 13:34:36.555 17853-17853 Compatibil...geReporter uk.co.app.mobile.my           D  Compat change id reported: 214741472; UID 10388; state: ENABLED
2023-10-03 13:34:36.560 17853-17853 Compatibil...geReporter uk.co.app.mobile.my           D  Compat change id reported: 171228096; UID 10388; state: ENABLED
2023-10-03 13:34:36.592 17853-17853 Capacitor               uk.co.app.mobile.my           D  Starting BridgeActivity
2023-10-03 13:34:36.614 17853-17853 Capacitor               uk.co.app.mobile.my           D  Registering plugin instance: CapacitorCookies
2023-10-03 13:34:36.618 17853-17853 Capacitor               uk.co.app.mobile.my           D  Registering plugin instance: WebView
2023-10-03 13:34:36.621 17853-17853 Capacitor               uk.co.app.mobile.my           D  Registering plugin instance: CapacitorHttp
2023-10-03 13:34:36.625 17853-17853 Capacitor               uk.co.app.mobile.my           D  Registering plugin instance: App
2023-10-03 13:34:36.628 17853-17853 Capacitor               uk.co.app.mobile.my           D  Registering plugin instance: AppLauncher
2023-10-03 13:34:36.630 17853-17853 Capacitor               uk.co.app.mobile.my           D  Registering plugin instance: Browser
2023-10-03 13:34:36.633 17853-17853 Capacitor               uk.co.app.mobile.my           D  Registering plugin instance: Device
2023-10-03 13:34:36.688 17853-17853 Capacitor               uk.co.app.mobile.my           W  Unable to read file at path public/plugins
2023-10-03 13:34:36.690 17853-17853 Capacitor               uk.co.app.mobile.my           D  Loading app at capacitor://localhost/
2023-10-03 13:34:36.711 17853-17926 AdrenoGLES-0            uk.co.app.mobile.my           I  QUALCOMM build                   : eaa701cd06, I183f6321f0
                                                                                                    Build Date                       : 10/27/22
                                                                                                    OpenGL ES Shader Compiler Version: EV031.35.01.12
                                                                                                    Local Branch                     : 
                                                                                                    Remote Branch                    : 
                                                                                                    Remote Branch                    : 
                                                                                                    Reconstruct Branch               : 
2023-10-03 13:34:36.711 17853-17926 AdrenoGLES-0            uk.co.app.mobile.my           I  Build Config                     : S P 10.0.7 AArch64
2023-10-03 13:34:36.711 17853-17926 AdrenoGLES-0            uk.co.app.mobile.my           I  Driver Path                      : /vendor/lib64/egl/libGLESv2_adreno.so
2023-10-03 13:34:36.716 17853-17898 cr_media                uk.co.app.mobile.my           W  BLUETOOTH_CONNECT permission is missing.
2023-10-03 13:34:36.719 17853-17898 cr_media                uk.co.app.mobile.my           W  registerBluetoothIntentsIfNeeded: Requires BLUETOOTH permission
2023-10-03 13:34:36.719 17853-17926 AdrenoGLES-0            uk.co.app.mobile.my           I  PFP: 0x016ee201, ME: 0x00000000
2023-10-03 13:34:36.731 17853-17853 Capacitor               uk.co.app.mobile.my           D  App started
2023-10-03 13:34:36.734 17853-17853 Capacitor/AppPlugin     uk.co.app.mobile.my           D  Firing change: true
2023-10-03 13:34:36.734 17853-17853 Capacitor/AppPlugin     uk.co.app.mobile.my           V  Notifying listeners for event appStateChange
2023-10-03 13:34:36.734 17853-17853 Capacitor/AppPlugin     uk.co.app.mobile.my           D  No listeners found for event appStateChange
2023-10-03 13:34:36.740 17853-17853 Capacitor/BrowserPlugin uk.co.app.mobile.my           V  Notifying listeners for event browserFinished
2023-10-03 13:34:36.740 17853-17853 Capacitor/BrowserPlugin uk.co.app.mobile.my           D  No listeners found for event browserFinished
2023-10-03 13:34:36.741 17853-17853 Capacitor               uk.co.app.mobile.my           D  App resumed
2023-10-03 13:34:36.761 17853-17853 ViewRootImpl            uk.co.app.mobile.my           D  update {(0,0)(fillxfill) sim={forwardNavigation} layoutInDisplayCutoutMode=shortEdges ty=BASE_APPLICATION wanim=0x1030300
                                                                                                      fl=LAYOUT_IN_SCREEN LAYOUT_INSET_DECOR SPLIT_TOUCH HARDWARE_ACCELERATED DRAWS_SYSTEM_BAR_BACKGROUNDS
                                                                                                      pfl=NO_MOVE_ANIMATION FORCE_DRAW_STATUS_BAR_BACKGROUND FIT_INSETS_CONTROLLED
                                                                                                      bhv=DEFAULT
                                                                                                      fitSides=} by setView
2023-10-03 13:34:36.791 17853-17853 Choreographer           uk.co.app.mobile.my           I  Skipped 41 frames!  The application may be doing too much work on its main thread.
2023-10-03 13:34:36.797 17853-17853 Compatibil...geReporter uk.co.app.mobile.my           D  Compat change id reported: 193247900; UID 10388; state: ENABLED
2023-10-03 13:34:36.823 17853-17877 OpenGLRenderer          uk.co.app.mobile.my           I  setGrContext nullptr-->validptr
2023-10-03 13:34:36.867 17853-17877 Parcel                  uk.co.app.mobile.my           W  Expecting binder but got null!
2023-10-03 13:34:37.791 17853-17955 Capacitor/Plugin        uk.co.app.mobile.my           V  To native (Capacitor plugin): callbackId: 126964946, pluginId: App, methodName: addListener
2023-10-03 13:34:37.792 17853-17955 Capacitor               uk.co.app.mobile.my           V  callback: 126964946, pluginId: App, methodName: addListener, methodData: {"eventName":"appRestoredResult"}
2023-10-03 13:34:37.794 17853-17955 Capacitor/Plugin        uk.co.app.mobile.my           V  To native (Capacitor plugin): callbackId: 126964947, pluginId: App, methodName: addListener
2023-10-03 13:34:37.795 17853-17955 Capacitor               uk.co.app.mobile.my           V  callback: 126964947, pluginId: App, methodName: addListener, methodData: {"eventName":"appStateChange"}
2023-10-03 13:34:37.797 17853-17955 Capacitor/Plugin        uk.co.app.mobile.my           V  To native (Capacitor plugin): callbackId: 126964948, pluginId: App, methodName: addListener
2023-10-03 13:34:37.798 17853-17955 Capacitor               uk.co.app.mobile.my           V  callback: 126964948, pluginId: App, methodName: addListener, methodData: {"eventName":"resume"}
2023-10-03 13:34:37.799 17853-17955 Capacitor/Plugin        uk.co.app.mobile.my           V  To native (Capacitor plugin): callbackId: 126964949, pluginId: App, methodName: addListener
2023-10-03 13:34:37.800 17853-17955 Capacitor               uk.co.app.mobile.my           V  callback: 126964949, pluginId: App, methodName: addListener, methodData: {"eventName":"appUrlOpen"}
2023-10-03 13:34:37.860 17853-17853 Capacitor/AppPlugin     uk.co.app.mobile.my           V  Notifying listeners for event pause
2023-10-03 13:34:37.860 17853-17853 Capacitor/AppPlugin     uk.co.app.mobile.my           D  No listeners found for event pause
2023-10-03 13:34:37.874 17853-17853 Capacitor               uk.co.app.mobile.my           D  App paused
2023-10-03 13:34:38.551 17853-17877 Surface                 uk.co.app.mobile.my           D  Surface::disconnect
2023-10-03 13:34:38.551 17853-17877 BufferQueueProducer     uk.co.app.mobile.my           D  [VRI[MainActivity]#0(BLAST Consumer)0](id:45bd00000000,api:1,p:17853,c:17853) disconnect: api 1
2023-10-03 13:34:38.626 17853-17853 Capacitor/AppPlugin     uk.co.app.mobile.my           D  Firing change: false
2023-10-03 13:34:38.627 17853-17853 Capacitor/AppPlugin     uk.co.app.mobile.my           V  Notifying listeners for event appStateChange
2023-10-03 13:34:38.636 17853-17853 Capacitor               uk.co.app.mobile.my           D  App stopped
2023-10-03 13:34:38.642 17853-17853 Capacitor               uk.co.app.mobile.my           D  Saving instance state!
2023-10-03 13:34:42.304 17853-18141 ProfileInstaller        uk.co.app.mobile.my           D  Installing profile for uk.co.app.mobile.my
2023-10-03 13:34:42.741 17853-17853 Capacitor               uk.co.app.mobile.my           D  App restarted
2023-10-03 13:34:42.742 17853-17853 Capacitor               uk.co.app.mobile.my           D  App started
2023-10-03 13:34:42.746 17853-17853 Capacitor/AppPlugin     uk.co.app.mobile.my           V  Notifying listeners for event appUrlOpen
2023-10-03 13:34:42.748 17853-17853 Capacitor/AppPlugin     uk.co.app.mobile.my           D  Firing change: true
2023-10-03 13:34:42.748 17853-17853 Capacitor/AppPlugin     uk.co.app.mobile.my           V  Notifying listeners for event appStateChange
2023-10-03 13:34:42.749 17853-17853 Capacitor/AppPlugin     uk.co.app.mobile.my           V  Notifying listeners for event resume
2023-10-03 13:34:42.777 17853-17853 Capacitor               uk.co.app.mobile.my           D  App resumed
2023-10-03 13:34:42.785 17853-17853 VRI[MainActivity]       uk.co.app.mobile.my           D  update {(0,0)(fillxfill) sim={adjust=pan forwardNavigation} layoutInDisplayCutoutMode=shortEdges ty=BASE_APPLICATION wanim=0x1030300
                                                                                                      fl=LAYOUT_IN_SCREEN LAYOUT_INSET_DECOR SPLIT_TOUCH HARDWARE_ACCELERATED DRAWS_SYSTEM_BAR_BACKGROUNDS
                                                                                                      pfl=NO_MOVE_ANIMATION FORCE_DRAW_STATUS_BAR_BACKGROUND USE_BLAST FIT_INSETS_CONTROLLED
                                                                                                      bhv=DEFAULT
                                                                                                      fitSides=} by setLayoutParams
2023-10-03 13:34:42.814 17853-17853 Capacitor/Console       uk.co.app.mobile.my           E  File: capacitor://localhost/ - Line 947 - Msg: [object DOMException]
2023-10-03 13:34:42.815 17853-17853 Capacitor/Console       uk.co.app.mobile.my           I  File: capacitor://localhost/ - Line 325 - Msg: undefined
2023-10-03 13:34:42.816 17853-17853 Capacitor/Console       uk.co.app.mobile.my           I  File: capacitor://localhost/crunch-container-ui.bfd084.capacitor.bundle.min.js - Line 1 - Msg: undefined
2023-10-03 13:34:44.923 17853-17853 h.app.mobile.my         uk.co.app.mobile.my           W  Accessing hidden method Landroid/view/MotionEvent;->getEventTimeNano()J (unsupported, reflection, allowed)
2023-10-03 13:34:46.230 17853-17867 System                  uk.co.app.mobile.my           W  A resource failed to call close. 

Hello @benherbert,

I am also having problems with OAuth 2 on some Android Devices.
Some Android Users are always getting logged out after they close the app.
It seems like the Cookies aren’t stored correctly.

Do you also use cookies to store the Tokens?
Which OAuth Provider are you using?
Which OIDC Library do you use?

Kind Regards,
Marius

Our problems could be related - even though your symptoms are different from mine. I hope I can help!

After some debugging - it looks like our app is crashing when it “Resumes” after opening Chrome (Child Browser / Capacitor Browser API) to authenticate, due to an on-device memory issue.

I plan to provide a full update today once I have confirmed the above. I discovered this information on this specific issue in CapacitorJS docs here: App | Capacitor Documentation

We are using our own Public API (Crunch Accounting API https://developer.crunch.co.uk/). Which is OAuth 2.0 with PKCE, and HTTP Only Cookies.

Our app is ReactJS and we just “store” the tokens in the React-Query cache. It’s a very simple set up - no additional packages (apart from pkce-challenge).

Because I am not using client side cookies, I haven’t experienced the exact issue you are describing, but have you looked at the Capacitor Cookies API? Capacitor Cookies Plugin API | Capacitor Documentation

Thanks for reaching out, and good luck!

Hi @benherbert,

thank you for the prompt response!

I also noticed that my app crashes on some devices after Chrome was opened, and the app was paused. This could result in a loss of the stored keys.

Currently, I am using an OIDC Library for Angular with a Custom Storage Factory because the Library is using Session Storage which will always get lost after the app gets closed. I couldn’t use @capacitor/preferences or Secure Storage because it’s async and the OIDC Library only supports synchronous methods. So I used Cookie.js which gets patched by Capacitor. More Information here: Allow asynchronous custom OAuthStorage implementations · Issue #943 · manfredsteyer/angular-oauth2-oidc · GitHub

So in my case, it’s either a cookie problem or the crash of the app as soon as it enters background mode. I already updated the App to Capacitor 5, and I am currently trying to add a fallback if cookies aren’t working.

I also found out that the OneSignal Plugin crashes my app. Very strange.

Please keep me updated with your results!

Kind Regards,
Marius

Hi @mariusbolik !

Perhaps you can rule out “background crashing” with some code like this:-

Sorry that its in ReactJS and not Angular - I am not familiar with Angular component lifecycles - but interested to know!

import { Browser } from '@capacitor/browser'
import { App } from '@capacitor/app'
// and your other imports...

// And the rest of your app... 🤣
const [debugInfo, setDebugInfo] = useState('')

// Somewhere in the component...
useEffect(() => {
  setDebugInfo('I just swallowed my gum!')
}, [])

// One of these two listeners may help...
Browser.addListener('browserFinished', () => {
  console.log('Browser exited')
  setDebugInfo('browser exited')
})

App.addListener('appRestoredResult', (data) => {
  console.log('Restored state:', data)
  setDebugInfo('Restored state')
})

return (
  // Rest of the component...
  {debugInfo && <p>{debugInfo}</p>}
)

It should be nice to be able to rule this one out and then look at Cookies!

Good luck!

Solved the bug this week!

It was regarding the protocol / schema and hostname I had chosen for the app.

These are set in the capacitor.config.ts file and the documentation can be found here: Capacitor Configuration | Capacitor Documentation. The default hostname is localhost; and the default schema is capacitor on iOS and http on Android.

For simplicity, I customised these to capacitor://localhost for both iOS and Android. It has been that way since the app was launched in April 2023 and worked perfectly fine.

Approximately 4 weeks ago, Android was no longer cool with this! I am still looking into the facts of the matter, so if anyone knows the reason for this, please let me know.

I have now set the schema for Android to https which satisfies both Android and our Public API.

You cannot use https/http on iOS because it “Can’t be set to schemes that the WKWebView already handles” (Capacitor Configuration | Capacitor Documentation).

The error manifested in a Redux Saga performing a history push, reporting as DOM Exception, Failed to execute 'pushState' on 'History': A history state object with URL [...] cannot be created in a document with origin [...] and URL [...].

There was a knock on effect from making this change regarding Deep Links: Android preferred me to use the App ID (e.g. com.app.my) for linking from the browser to the app. With the former, Chrome kept asking how the user would prefer to open the URL (i.e. with the app or Chrome, and “just once” or “every time”).

Thus, I now use Capacitor Device API (Device Capacitor Plugin API | Capacitor Documentation) as needed in my app to handle the differences.

When I find out the root cause, I will update this thread.

Thanks and happy coding!