I'm in the process of implementing SSO on an Android app in which we're using Okta for the identity management while in development. We have Okta set up so that, after the a successful user/password authentication, the user only has to validate their password on subsequent logins.
I'm using Chrome Custom Tabs to open the browser url and have set up the correct intent-filter configuration in my AndroidManifest.
The issue that i'm having is that the initial auth screen does not redirect back into the app and I get the ERR_UNKOWN_URL_SCHEME error page. However, when authenticating from the password validation screen, the app scheme is recognized and the user is redirected back into the app.
Also note: from the ERR_UNKOWN_URL_SCHEME error page, if I select "Open in Chrome", the app picks up the redirect and I'm put back into the app. Which leads me to believe this may be a Custom Tabs issue.
The code to launch Chrome Custom Tabs looks like the following:
CustomTabsIntent customTabsIntent = new CustomTabsIntent.Builder(mCTSession)
.setToolbarColor(ContextCompat.getColor(mContext, R.color.colorPrimary))
.setStartAnimations(context, R.anim.slide_in_right, R.anim.slide_out_left)
.setExitAnimations(context, android.R.anim.slide_in_left, android.R.anim.slide_out_right)
.build();
customTabsIntent.intent.setFlags(Intent.FLAG_ACTIVITY_NO_HISTORY | Intent.FLAG_ACTIVITY_NEW_TASK);
if (android.os.Build.VERSION.SDK_INT >= android.os.Build.VERSION_CODES.LOLLIPOP_MR1) {
String referrer = Intent.URI_ANDROID_APP_SCHEME + "//" + packageNameToUse;
customTabsIntent.intent.putExtra(Intent.EXTRA_REFERRER, Uri.parse(referrer));
}
customTabsIntent.launchUrl(context, Uri.parse(fixedUrl));
I know that a similar issue was reported in an older version of CCT, but that issue seems to have been patched.
Has anyone else experienced this particular issue?
Adding images of the actual auth pages for reference ...
The initial user/password screen (Not Working):
Password validation only screen (WORKS!):