Fenix: [Bug] Firefox Preview fails to redirect to App-specific protocol (breaks OpenID auth workflow)
Context:
- I'm using an Android app called "Onleihe" to borrow e-books from my local library (V脰BB Berlin).
- Upon login, the app redirects me to
https://www.voebb.de/oidcp/authorize?prompt=login&client_id=divibib001&response_type=code&redirect_uri=onleihe://authredirect&state=01f7de25&scope=openid+adisbms(which opens in Firefox).
Problem:
- After logging in to my library account (in Firefox), I should get redirected to the app.
- Instead, I'm getting a Firefox error page titled "Unknown Protocol".
It looks like the website redirects to onleihe://authredirect, but Firefox doesn't recognize this, even though the Android app has registered this protocol (presumably, as it works in Chrome and worked in the old Firefox for Android).
st3fan
All 17 comments
This should be fixed on Nightly @rocketsroger
kbrosnan
on 4 Mar 2020
Yes, this is related to https://bugzilla.mozilla.org/show_bug.cgi?id=1619344.
Should be fixed on the next nightly with GV 75.0.20200303095030.
rocketsroger
on 4 Mar 2020
@kbrosnan @rocketsroger I have checked with 75.0.20200303095030 and it does not show the error message anymore, but it doesn't switch back to the app either.
PS: I'm the reporter of the original Bugzilla bug.
caugner
on 5 Mar 2020
@caugner debugging this issue I see some interesting behavior. (I had to test with hardcoded redirect to onleihe://authredirect since I don't have an account to test with)
I can see that this url causes A-C to open a app with the package name de.etecture.ekz.onleihe and the activity is de.etecture.ekz.onleihe.activity.RedirectUriReceiverActivity. But the app opens and closes instantly. Do you see a quick switch back to the app and back to the browser when you finished signing in?
rocketsroger
on 5 Mar 2020
@caugner one update. I noticed something very similar while testing it on my personal device with nightly from Google Play. Can you try something for me? Please uninstall and then reinstall Fenix nightly and see if it now works?
rocketsroger
on 5 Mar 2020
Do you see a quick switch back to the app and back to the browser when you finished signing in?
@rocketsroger Yes, I'm seeing exactly the same (i.e. it looks like it switches, but then it switches back).
After logging in on Desktop with the URL from the issue description, the website redirects me to this URL: onleihe://authredirect?code=xLM...&state=01f7de25
Could it be that Firefox omits the URL parameters?
caugner
on 5 Mar 2020
I see. so its unrelated to the uninstall/reinstall workaround.
You're correct, it could be. This will requires more investigation to see what happened. But it is good that we confirmed it's not an app link redirect issue but a URL issue.
rocketsroger
on 5 Mar 2020
Can you try something for me? Please uninstall and then reinstall Fenix nightly and see if it now works?
Just tried, experiencing the same faulty behavior (after having uninstalled and reinstalled Fenix).
But it is good that we confirmed it's not an app link redirect issue but a URL issue.
Note that I determined the redirect URL with Firefox Desktop. I'm not sure if I have provided clear confirmation that it's not an "app link redirect" vs. a URL issue.
caugner
on 5 Mar 2020
@rocketsroger Just noticed that Firefox Focus is also affected by this issue (currently showing the Unknown Protocol error). Does it make sense to file an issue in their repository as well?
caugner
on 5 Mar 2020
Just tried, experiencing the same faulty behavior (after having uninstalled and reinstalled Fenix).
Thanks for the update.
Note that I determined the redirect URL with Firefox Desktop. I'm not sure if I have provided clear confirmation that it's not an "app link redirect" vs. a URL issue.
Yes, only thing we can be sure is that "app link redirect" did work but the redirect did not work as expected.
rocketsroger
on 5 Mar 2020
@rocketsroger Just noticed that Firefox Focus is also affected by this issue (currently showing the
Unknown Protocolerror). Does it make sense to file an issue in their repository as well?
Focus also uses GeckoView as its engine. There were an recent fix but the release Focus is probably still using a older more stable GeckoView version.
rocketsroger
on 5 Mar 2020
With the latest fixes, this issue is not an app links issue anymore. The intent was redirected back into the library app but it did not behave as expected. This seems to point at a possibility that the app either did not like the data we embedded in the intent or was not expecting the way we redirect the intent. This will need more investigation with a test account.
rocketsroger
on 9 Mar 2020
@rocketsroger I don't mind sharing my login data with you via a secure channel, if that would help?
caugner
on 9 Mar 2020
@rocketsroger I don't mind sharing my login data with you via a secure channel, if that would help?
That will be great. Thanks!
rocketsroger
on 9 Mar 2020
@caugner This change should be in nightly now. Can you please confirm this is fixed? Thanks,
rocketsroger
on 12 Mar 2020
@rocketsroger Thanks a lot, I confirm it's fixed in Nightly.
caugner
on 12 Mar 2020
@rocketsroger Thanks a lot, I confirm it's fixed in Nightly.
Thanks, I'll close the issue
rocketsroger
on 12 Mar 2020
Related issues
csadilek
路
3Comments
Chris01277
路
3Comments
andreicristianpetcu
路
3Comments
AndiAJ
路
3Comments
bbinto
路
3Comments
Most helpful comment
Yes, this is related to https://bugzilla.mozilla.org/show_bug.cgi?id=1619344.
Should be fixed on the next nightly with GV 75.0.20200303095030.