Re: Redirection after login with a google account do not work.

frixos · ‎10-19-2021

I have a problem with the login on DropBox in my app. (Login process with chrome mobile browser, App in Xamarin for Android)

It works with google accounts I login one time before, therefore i think my code is generally ok.

The problem:

If i login the first time with a Google account with the Button “Sign in with Google” i get the Page “yourApp would like to ….” from DropBox and I click on “Allow” and nothing happens. The page does not redirect to 127.0.0.1:52475 and my app wait for a response on this port.

The redirection Page on the DropBox API “Redirect URIs” is defined.

On this page it hangs and nothing happens if I click on Allow. (the chrome browser on Android 10 hangs and the progressbar stay in the middle.

https://www.dropbox.com/oauth2/authorize

My app waits here for an answer:

await HandleOAuth2Redirect(this.HttpAuthListener);

Greg-DB · ‎10-19-2021

To clarify, is "https://www.dropbox.com/oauth2/authorize" the full URL of the page where this stops, or are there also more parameters on that? Please share the full URL if there is more to it. If you can also share the URL before processing the Google Sign in flow that may be helpful. Feel free to open an API ticket here if you'd prefer to share privately. Thanks!

frixos · ‎10-19-2021

if i login with Google and the password is saved on Chrome (Android), the following url will on the page

“yourApp would like to ….” from DropBox appears

https://www.dropbox.com/oauth2/authorize?client_id=xxxxxxxxxxxxxxx&redirect_uri=http%3A%2F%2F127.0.0...

and it works.

If i enter a unknown, but existing google account and the password, a page appears first to connenct the DropBox account with Google and then the “yourApp would like to ….” page from DropBox . In this case the address is

https://www.dropbox.com/oauth2/authorize

The name of the app and the permissions are correct on this page.

Greg-DB · ‎10-19-2021

Thanks for following up. I can't seem to reproduce this issue though.

In the broken case, is "https://www.dropbox.com/oauth2/authorize" definitely the full URL of the page? The browser may be hiding the rest of it. I wouldn't expect the app name and permissions to be shown there if there is no client_id parameter set.

In any case, would you be able to share a screen recording of the issue? That would be helpful since this doesn't reproduce for me. Please make sure the full address bar is showing for reference. Apologies for the bother and thanks in advance!

frixos · ‎10-19-2021

Yes, i think the url was in both cases the same.

The issue also appears if i create a new DropBox account.

I made a screen video.

Greg-DB · ‎10-20-2021

Thanks, your API support ticket has been received. We'll look into it.

frixos · ‎10-25-2021

i found now a solution with the httpListener:

The security behaviour changed since Android 8. All devices higher than this version, will not work correct with the redirection.

The problem is, the httpListener blocks all incoming messages, after some time, if the app is in the background.

We can handel this by register the app as a forground service.

You need for this some code and one new android Permission "Forground".

The httpListener runs in a Android Service.

Are there a newer working example with the Xamarin WebAuthenticator? It would get a better user experience.

Greg-DB · ‎10-26-2021

Thanks for sharing your solution! We don't have any sample code for Xamarin unfortunately.