Android: Unable to use Identity Provider
Home Assistant Android version:
3.0.2-full
Android version:
11
Phone model:
Pixel 4 XL
Home Assistant version:
0.118.2
Last working Home Assistant release (if known):
0.118.2
Description of problem:
Unable to access Home Assistant via the Android app when any sort of identity provider is placed in front of the Home Assistant server as also noted in issues #151, #45, #167. The reason for the problem is that no authentication cookies are passed back to the Android app.
I am currently using Cloudflare Access as my primary identity provider, but have the same problem with any other identity providers due to the same issue of cookies not being passed back to the app. So for now have to use work-arounds to identify and disable the provider prompt for trusted Android devices until this issue is resolved.
Traceback (if applicable):
Screenshot of problem:
Additional information:
The Android app should be using the Custom Tabs feature built into Android and the browser apps which would fix this and similar issues requiring cookies.
https://developers.google.com/web/android/custom-tabs
When should I use Custom Tabs vs WebView?
The WebView is good solution if you are hosting your own content inside your app. If your app directs people to URLs outside your domain, we recommend that you use Custom Tabs for these reasons:
- Support for the same web platform features and capabilities as the browsers. - Simple to implement. No need to build code to manage requests, permission grants or cookie stores. - Shared cookie jar and permissions model so users don't have to sign-in to sites they are already connected to, or re-grant permissions they have already granted.
AndrewDaws
All 4 comments
Duplicate of #151 #45 and #167 please do not create a new issue if you noticed that others were closed for the reasons given. There may be a solution but it was mentioned we do not want to add it to the app.
https://github.com/home-assistant/android/issues/151#issuecomment-565689890
https://github.com/home-assistant/android/issues/45#issuecomment-565689908
https://github.com/home-assistant/android/issues/167#issuecomment-566918860
dshokouhi
on 23 Nov 2020
@dshokouhi I apologize for opening a duplicate issue, I do not know exactly how to bring attention to older closed issues. Especially when the reasons provided by @balloob were related to WebView, not Custom Tabs.
Are there reasons for needing to use WebView specifically when Android and most major browsers have supported Custom Tabs for awhile at this point?
AndrewDaws
on 23 Nov 2020
@AndrewDaws The Custom Tabs don't give us enough control to intercept and handle the authentication in the application. We need the authentication in order to call the Home Assistant API from outside the webview for sensors and other features of the application. It also wouldn't allow us to inject the App Configuration item in the side bar of the app because we wouldn't have access to the JS on the page.
JBassett
on 23 Nov 2020
@JBassett Thank you for the explanation. I figured the side bar could be a potential issue, but did not know about the other authentication limitations. Hopefully this will provide answers for others since I had not seen this explanation anywhere else.
AndrewDaws
on 23 Nov 2020
Related issues
rradar
路
4Comments
kmlucy
路
3Comments
Hypfer
路
3Comments
acme-szala
路
3Comments
simbesh
路
3Comments
Most helpful comment
@AndrewDaws The Custom Tabs don't give us enough control to intercept and handle the authentication in the application. We need the authentication in order to call the Home Assistant API from outside the webview for sensors and other features of the application. It also wouldn't allow us to inject the
App Configurationitem in the side bar of the app because we wouldn't have access to the JS on the page.