Jumping to 2FA app causes browser to stop waiting. about react-native-azure-auth HOT 23 CLOSED

Hi Ryan,

could you please test the new not merged branch /keep-connection (b846e22)
It should fix the issue.

from react-native-azure-auth.

@almercier Yes, I steel did not get a reliable feedback about keep-connection branch. It would be great if you could test it.

from react-native-azure-auth.

@almercier I have just rebased the branch on to master and also added one important ;) import
Try to pull and rebuild the project

from react-native-azure-auth.

@almercier PR created #111
Let me know about the main issue test results

from react-native-azure-auth.

At first sight it sounds like some unrelated issue. I suppose you are on iOS 13 - there are many issues reported related to the new life cycle.

Another possibility - if 2FA uses Safari Controller too - then it could lead to conflict...
Have you tried to debug?

from react-native-azure-auth.

I've been trying to debug it, but I've not gotten anywhere...but from what I've read, the Javascript engine is killed in most of the web containers used in iOS apps to save battery. There is a SFAuthenticationSession that is for OAuth-like flows, but they may have the same issue if you have to jump to an external 2FA app. I'm going to ask around with some other mobile teams here at work (Microsoft) to see if they've run into the same issue.

from react-native-azure-auth.

unfortunately I don't have much experience with iOS development and can't say how the chain "RN app" -> "Safari View" -> "2FA app" should/can behave.

Please post here your feedback if you will find out some useful clues

from react-native-azure-auth.

I tried switching to SFAuthenticationSession (as recommended by Apple), but it too has the same issue of the browser killing JS during the 2FA wait....plus it has this annoying pre-prompt before permitting the authentication.

Researching some other apps it looks like some MS apps (Teams specifically) that use MS Authenticator for 2FA and it host the web experience inside the Authenticator app...it's a weird experience but doesn't suffer from the JS stopping since you never put Authenticator in the background after the page loads.

from react-native-azure-auth.

Hi Ryan,

you are the first who reporting this problem. Could you please describe the user experience once more time step by step eventually with couple screenshots.
So - you are starting login process, browser window opens, then MS initiate 2FA and redirects to 2FA app ... or you start 2FA app on your own (it is not started from login window)?? - what exactly happens then, what you see in browser and in the app (screenshots)

Thank you in advance!

from react-native-azure-auth.

Here's I've created a video https://youtu.be/tp7fezyrUjI ...my credentials are already cached, so you won't see those entered, but essentially you enter user/pass, then it prompts how to sign in for 2FA (I'm using MS Authenticator), when I click sign in it goes to a page that has Javascript running in a loop (maybe SignalR or Socket.io) waiting for the other app to complete, I get a prompt to jump to the other app, I go there, verify the login and jump back.....when I jump back because of iOS's battery saver it stops that Javascript on the page, so nothing loads.

from react-native-azure-auth.

I'm curious - does the normal safari browser window (started from launcher and not from RN app) behave the same? So if you are logging in through normal browser on iOS, is it possible to finish the login process?

from react-native-azure-auth.

something went wrong =)

from react-native-azure-auth.

@Hirurgo I suppose you are using XCode 9 - you need XCode 10 to be able to build

from react-native-azure-auth.

@vmurin @rwrife We are also experiencing this issue, although in a slightly different scenario than the video.

Going directly back to the app by pressing the "back to app" button on old iphones < iphone X or swiping left on the bottom on newer iPhones works and the auth webivew successfully picks up the 2FA approval.

However, it does not pick up the approval on iPhone 11 (works on iphone 8?) when we approve in the 2FA app and then try to go back by app switching (double tapping home and selecting it from the app switcher for example).

EDIT: is the keep-connection branch still valid and able to be tested? If so I can try pulling it to see if that fixes our issue.

from react-native-azure-auth.

We are also experiencing the same issues as @almercier.

from react-native-azure-auth.

@vmurin I'm using latest xCode 12.4 (12D4e) and latest MacOS Big Sur but getting the same semantic errors that @Hirurgo was having...

Steps I took in case I missed a step...

1. Forked repo
2. checked out keep-connection branch
3. Merged master into branch
4. Installed my local fork's branch to node_modules through yarn
5. pod install
6. stopped metro and running app, did xclode clean project, then rebuilt.
7. Saw Errors and that ASWebAuthenticationSession is available ios 12+, so I upped min ios version supported to ios 12.3 and retried step 6

from react-native-azure-auth.

@vmurin

Still getting a significant number of semantic errors. Different ones from before though.

from react-native-azure-auth.

Fixed the errors by moving the A0Auth0 interface declaration to the AzureAuth.h and adding the same properties to the AzureAuth interface. However I get this error the moment I try to call authorize in my JS code.

It's due to the added argument usingEphemeralSession in the AzureAuth.showUrl method

from react-native-azure-auth.

@almercier Thanks! With "A0Auth0" was an editing error. I will fix it in my branch and check another error too 👌🏻

from react-native-azure-auth.

@almercier The branch is updated now with correct native code call. Could you take look please.

from react-native-azure-auth.

@vmurin Updated branch builds successfully now, but attempting to call authorize now gives me a nonce error from Microsoft, whereas I confirmed that switching back to the master branch does not get this error. Possible breaking change that requires me to modify my args, or something else?

...
const azureAuth = new AzureAuth({
    clientId: clientId,
    tenant: tenant,
});
let tokens = await azureAuth.webAuth.authorize({
    scope: 'openid profile email',
});

from react-native-azure-auth.

@vmurin Maybe it would be worth putting up a PR for that branch so we can continue discussing there instead of in the issue itself?

from react-native-azure-auth.

Adding the nonce back that was removed in the commit snippet below seems to have worked. Going to test on a device that isn't the sim to see if it fixes the root issue

from react-native-azure-auth.