Re: Authorization web page not redirecting back to my app in Android

TimB-Dev · ‎10-11-2017

In our Android app, I am having an issue where the dropbox.com authorize web page does not redirect back to our app when the user clicks the Allow button. I wrote a sample app and the OAuth2 flow works fine with that app on the same device\environment.

The first time you click the Allow button once the page displays, the page seems to refresh in Chrome. It seems like it's redirecting back to itself. The app does show up as connected to the account when I look in Settings for the user on dropbox.com. So that part of the auth flow is working - it's just not redirecting to the app.

I added the AuthActivity to the manifest...

<activity
    android:name="com.dropbox.core.android.AuthActivity"
    android:configChanges="orientation|keyboard"
    android:launchMode="singleTask">
    <intent-filter>
        <!-- Insert your app key after “db-  ...” -->
        <data android:scheme="db-xxxxxxx" />

        <action android:name="android.intent.action.VIEW" />

        <category android:name="android.intent.category.BROWSABLE" />
        <category android:name="android.intent.category.DEFAULT" />
    </intent-filter>
</activity>

And I am calling Auth.startOAuth2Authentication() here...

public void authenticateNewDropbox(Activity con)   //++ Added con param
{
   // Set bool so we know on Resume that we're logging into Dropbox
   mIsDropboxLogin = true;
   //Kick off auth2 flow: this launches the browser, and then back to us in OnResume() in the Activity
   Auth.startOAuth2Authentication(con, con.getResources().getString(R.string.APP_KEY));
}

The app was previously doing OAuth2 with the v1 SDK and it worked fine. I've tried a new AppID as well. I don't see any relevant messages in the Android Monitor in Android Studio.

Been stuck on this for a couple days and I can't understand what I'm doing wrong. Thanks for any help.

Greg-DB · ‎10-11-2017

Thanks for the report! I'm not aware of anything that should cause this, so we'll have to investigate.

It will be difficult since this doesn't reproduce in a sample app, so to begin, some additional information would be helpful:
- what version number of the SDK do you have installed?
- what Android version(s) are you seeing this with?
- have you tested this on multiple devices or emulators? Do they all display the same issue?

TimB-Dev · ‎10-11-2017

Dropbox sdk 3.0.3. Same behavior on both a 7.1.1 and a 6.0.1 device.

Greg-DB · ‎10-12-2017

Thanks! Unfortunately I don't see anything out of the ordinary here. A few ideas next:

- It might be useful to see if there are any errors coming up in the JavaScript console, e.g., using Chrome remote debugging: https://developers.google.com/web/tools/chrome-devtools/remote-debugging/
- Also, can you try it in a non-Chrome browser?
- If you want, share a build that produces the issue with us and we'll try to troubleshoot it here: https://www.dropbox.com/developers/contact

TimB-Dev · ‎10-18-2017

Just getting back into this... I will follow the other suggestions, but thought I'd report this. With Chrome Remote debugging, I see one warning when the page is first opened:

conversion.js:27 Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

One other thing is that the url does not seem to include a "redirect" parameter. Should it?

Greg-DB · ‎10-18-2017

Thanks! We'll look into that error.

And no, (as long as the authorization page URL starts with https://www.dropbox.com/1/connect as expected) that page should not have a redirect parameter. It's a special page for apps using the official SDK and knows about the db-<APP_KEY> URL schemes by default.

Speaking of the URL, can you share a sample one from a case where this issue occurs? That would be good to verify. Additionally, the specific version number(s) for the version(s) of Chrome where you're seeing this may be useful, in case we're using different versions.

TimB-Dev · ‎10-19-2017

Chrome version is 61.0.3163.98 on both the Android 7.1.1 and 6.0.1 devices.

URL is... (with "xxx" being my app id)...

https://www.dropbox.com/1/connect?locale=en_US&k=xxx&n=0&api=1&state=oauth2%3A595c00345793da5d6c881d...

Greg-DB · ‎10-19-2017

Thanks. That's actually the same version I've been testing on (albeit on Android 7.0.0). Your URL also looks correct, so we'll have to keep investigating.

Some remaining things that would be useful:
- whether or not this occurs with a non-Chrome browser
- a sample build that reproduces the issue that we can try

TimB-Dev · ‎10-19-2017

I tried with Firefox and it doesn't redirect back to my app either. The only difference is that after clicking the Allow button the url in the browser shows as https://www.dropbox.com/1/connect_submit and the page is blank. In Chrome the url and page didn't change.

I will share a build. Thanks.

Greg-DB · ‎10-20-2017

Thanks! We'll work on debugging this with the build.