Strange behaviour with Intent filters and Platforms\Android\AndroidManifest.xml #10568
Description
Description
I'm creating an Android app that needs to login with Microsoft, Google and Discord OAuth passing the token to a webview.
I'm using oauth2redirect as endpoint for Google, and other endpoints for Microsoft and Discord.
I've declared an Intent filter that matches the oauth2complete endpoint that is called when the server has generated the jwt token to let the app to catch the page and the token.
This mechanism works for the microsoft OAuth if and only if I declare a different endpoint in the android manifest.
As you can see, the intent filters are totally different, but if I don't declare the ones in the xml file, nothing works.
They need to be exactly that ones, pointing to oauth2redirect even if I don't use this endpoint in the Microsoft Oauth.
If I remove the Intent filters in the xml file, the filter doesn't capture the address oauth2complete anymore.
This is totally inconsistent and mad, I don't even know how I've discovered it.
Steps to Reproduce
Create a web app that allows the login with Microsoft Oauth.
Create a MAUI project with a webview and a login page to handle the Oauth login, and all the needed code to get the Oauth from Microsoft.
Create a WebAuthenticatorCallbackActivity as follows:
[Activity(NoHistory = true,LaunchMode = LaunchMode.SingleTop,Exported = true)]
[IntentFilter(
new[] { Intent.ActionView },
Categories = new[] { Intent.CategoryDefault,Intent.CategoryBrowsable },
DataScheme = "https",
DataHost = "mysite.euw.devtunnels.ms", // debug environment
DataPathPattern = "/oauth2complete.*")]
public class WebAuthenticatorCallbackActivity
:Microsoft.Maui.Authentication.WebAuthenticatorCallbackActivity
{
}
Modify the Platforms\Android\AndroidManifest.xml as follows:
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android">
<!-- Permessi -->
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.INTERNET" />
<application
android:allowBackup="true"
android:icon="@mipmap/appicon"
android:supportsRtl="true"
android:label="FMP"
android:debuggable="true">
<!-- Intent filter per OAuth redirect -->
<activity
android:name="microsoft.maui.authentication.WebAuthenticatorCallbackActivity"
android:exported="true"
android:noHistory="true"
android:launchMode="singleTop">
<intent-filter android:autoVerify="true">
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data
android:scheme="https"
android:host="mysite.euw.devtunnels.ms"
android:pathPattern="/oauth2redirect.*" />
</intent-filter>
</activity>
</application>
</manifest>
Just to be clear, if, in the xml file:
- I remove the whole activity section the oauth2complete is not catched anymore;
- I just change the
<data
android:scheme="https"
android:host="mysite.euw.devtunnels.ms"
android:pathPattern="/oauth2redirect.*" />
to a different endpoint, included oauth2complete.*, that it should be the correct value, it generates an Oauth error, saying that I should subclass the WebAuthenticatorCallbackActivity and create an IntentFilter for it which matches my "callbackUrl".
To note that in the call
var result = await WebAuthenticator.Default.AuthenticateAsync(
new WebAuthenticatorOptions
{
Url = new Uri(authUrl),
CallbackUrl = new Uri(redirectUri),
PrefersEphemeralWebBrowserSession = false // true per non salvare cookie (logout ogni volta)
}); // redirect HTTPS al backend
I always use as redirectUri the /Auth/oauth2complete endpoint.
Link to public reproduction project repository
No response
Version with bug
9.0.0 GA
Is this a regression from previous behavior?
Not sure, did not test other versions
Last version that worked well
No response
Affected platforms
Android
Affected platform versions
Android 14 with API34
Did you find any workaround?
The one described.