Revert to CustomTabsIntent when needed (#181)

StevenSorial · web-flow · commit 31fb1e6ee6b0 · 2025-10-12T19:40:02.000+02:00
* Revert to CustomTabsIntent when needed

* Update README

* Update Options

* Simplify intent wrapper
diff --git a/flutter_web_auth_2/README.md b/flutter_web_auth_2/README.md
@@ -82,7 +82,7 @@ final accessToken = jsonDecode(response.body)['access_token'] as String;
 
 **Note (Google multiple scopes):** To use multiple scopes with Google, you need to encode them as a single string, separated by spaces (`%20`). For example, `scope: 'email https://www.googleapis.com/auth/userinfo.profile'`. Here is [a list of all supported scopes](https://developers.google.com/identity/protocols/oauth2/scopes).
 
-**Note (ephemeral auth):** Due to a [knownw Chrome bug](https://issuetracker.google.com/issues/444173718), when setting `preferEphemeral: true` on Android, the webview will crash on older Chrome version (minimum version required is [Chrome 141](https://developer.chrome.com/release-notes/141?hl=en)).
+**Note (ephemeral auth):** Due to a [known Chrome bug](https://issuetracker.google.com/issues/444173718), when setting `preferEphemeral: true` on Android with Chrome < 141, the package will launch an auth session with older implementation to avoid crashes.
 
 ## Migration
 
@@ -327,7 +327,7 @@ When you use this package for the first time, you may experience some problems.
     +   android:exported="true"
     +   android:taskAffinity="">
     ```
-  
+
 - If you want to have a callback URL with `http` or `https` scheme, you also need to specify a host etc.
   See [c:geo](https://github.com/cgeo/cgeo/blob/d7ab67629ac4798adaae194e563afe7df134fcd0/main/AndroidManifest.xml#L164) as an example for this.
 - In older versions of this package, there was a known problem with task affinities and launch modes (see [#113](https://github.com/ThexXTURBOXx/flutter_web_auth_2/issues/113)). In order to ensure that `flutter_web_auth_2` works correctly on these versions (prior to `5.0.0-alpha.2`), set `android:launchMode="singleTop"` and remove any `android:taskAffinity` entries. This configuration is guaranteed to work. In newer versions, this should not cause problems!
diff --git a/flutter_web_auth_2/android/src/main/AndroidManifest.xml b/flutter_web_auth_2/android/src/main/AndroidManifest.xml
@@ -9,5 +9,9 @@
         <intent>
             <action android:name="android.support.customtabs.action.CustomTabsService" />
         </intent>
+        <intent>
+            <action android:name="android.intent.action.VIEW" />
+            <data android:scheme="https" />
+        </intent>
     </queries>
 </manifest>
diff --git a/flutter_web_auth_2/android/src/main/kotlin/com/linusu/flutter_web_auth_2/AuthenticationManagementActivity.kt b/flutter_web_auth_2/android/src/main/kotlin/com/linusu/flutter_web_auth_2/AuthenticationManagementActivity.kt
@@ -1,5 +1,6 @@
 package com.linusu.flutter_web_auth_2
 
+import android.annotation.SuppressLint
 import android.content.Context
 import android.content.Intent
 import android.net.Uri
@@ -10,7 +11,9 @@ import androidx.activity.ComponentActivity
 import androidx.activity.result.ActivityResultLauncher
 import androidx.browser.auth.AuthTabIntent
 import androidx.browser.auth.AuthTabIntent.AuthResult
+import androidx.browser.customtabs.CustomTabsIntent
 
+@SuppressLint("UnsafeOptInUsageError", "UnsafeOptInUsageWarning")
 class AuthenticationManagementActivity : ComponentActivity() {
     companion object {
         const val KEY_AUTH_STARTED: String = "authStarted"
@@ -32,7 +35,7 @@ class AuthenticationManagementActivity : ComponentActivity() {
     private var authStarted: Boolean = false
     private lateinit var authenticationUri: Uri
     private var intentFlags: Int = 0
-    private var targetPackage: String? = null
+    private lateinit var targetPackage: String
     private var preferEphemeral: Boolean = false
     private lateinit var callbackScheme: String
     private var callbackHost: String? = null
@@ -64,9 +67,11 @@ class AuthenticationManagementActivity : ComponentActivity() {
             AuthTabIntent.RESULT_OK -> {
                 callback.success(result.resultUri!!.toString())
             }
+
             AuthTabIntent.RESULT_CANCELED -> {
                 callback.error("CANCELED", "User canceled authentication", null)
             }
+
             else -> {
                 callback.error("FAILED", "Authentication failed with code: ${result.resultCode}", null)
             }
@@ -80,32 +85,36 @@ class AuthenticationManagementActivity : ComponentActivity() {
         super.onResume()
 
         if (!authStarted) {
-            val intentBuilder = AuthTabIntent.Builder()
+
+            val intentBuilder = if (shouldUseLegacySystem()) {
+                Log.d(LOG_TAG, "Using CustomTabsIntent")
+                CtBuilderWrapper(CustomTabsIntent.Builder())
+            } else {
+                Log.d(LOG_TAG, "Using AuthTabIntent")
+                AuthTabBuilderWrapper(AuthTabIntent.Builder())
+            }
 
             // Set ephemeral browsing if requested and supported
             if (preferEphemeral) {
                 try {
                     intentBuilder.setEphemeralBrowsingEnabled(true)
-                    Log.d("flutter_web_auth_2", "Ephemeral browsing enabled")
+                    Log.d(LOG_TAG, "Ephemeral browsing enabled")
                 } catch (e: Exception) {
-                    Log.w("flutter_web_auth_2", "Failed to enable ephemeral browsing: ${e.message}")
+                    Log.w(LOG_TAG, "Failed to enable ephemeral browsing: ${e.message}")
                 }
             }
 
             val intent = intentBuilder.build()
 
             intent.intent.addFlags(intentFlags)
-
-            if (targetPackage != null) {
-                intent.intent.setPackage(targetPackage)
-            }
+            intent.intent.setPackage(targetPackage)
 
             if (callbackScheme == "https" && callbackHost != null && callbackPath != null) {
-                Log.d("flutter_web_auth_2", "Using https host and path: $callbackHost, $callbackPath")
-                intent.launch(authLauncher, authenticationUri, callbackHost!!, callbackPath!!)
+                Log.d(LOG_TAG, "Using https host and path: $callbackHost, $callbackPath")
+                intent.launch(this, authLauncher, authenticationUri, callbackHost!!, callbackPath!!)
             } else {
-                Log.d("flutter_web_auth_2", "Using custom scheme: $callbackScheme")
-                intent.launch(authLauncher, authenticationUri, callbackScheme)
+                Log.d(LOG_TAG, "Using custom scheme: $callbackScheme")
+                intent.launch(this, authLauncher, authenticationUri, callbackScheme)
             }
 
             authStarted = true
@@ -118,6 +127,31 @@ class AuthenticationManagementActivity : ComponentActivity() {
         finish()
     }
 
+    fun shouldUseLegacySystem(): Boolean {
+
+        if (!preferEphemeral) return false
+        val packageMajorVersion = getInstalledVersion(targetPackage)?.substringBefore(".")?.toIntOrNull() ?: 0
+        Log.d(LOG_TAG, "Chosen package: $targetPackage with version: $packageMajorVersion")
+
+        val chromePackages = setOf(
+            PackageNames.CHROME_STABLE,
+            PackageNames.CHROME_BETA,
+            PackageNames.CHROME_DEV,
+        )
+
+        if (chromePackages.contains(targetPackage)) {
+            return packageMajorVersion < 141
+        } else if (targetPackage == PackageNames.MICROSOFT_EDGE) {
+            return packageMajorVersion < 141
+        } else if (targetPackage == PackageNames.SAMSUNG_INTERNET) {
+            return packageMajorVersion < 28
+        } else if (targetPackage == PackageNames.FIREFOX) {
+            return packageMajorVersion < 143
+        }
+
+        return false
+    }
+
     override fun onSaveInstanceState(outState: Bundle) {
         super.onSaveInstanceState(outState)
         outState.putBoolean(KEY_AUTH_STARTED, authStarted)
@@ -146,7 +180,7 @@ class AuthenticationManagementActivity : ComponentActivity() {
             state.getParcelable(KEY_AUTH_URI)
         } ?: throw IllegalStateException("Authentication URI is null")
         intentFlags = state.getInt(KEY_AUTH_OPTION_INTENT_FLAGS, 0)
-        targetPackage = state.getString(KEY_AUTH_OPTION_TARGET_PACKAGE)
+        targetPackage = state.getString(KEY_AUTH_OPTION_TARGET_PACKAGE)!!
         preferEphemeral = state.getBoolean(KEY_AUTH_OPTION_PREFER_EPHEMERAL, false)
         callbackScheme = state.getString(KEY_AUTH_CALLBACK_SCHEME)!!
         callbackHost = state.getString(KEY_AUTH_CALLBACK_HOST)
diff --git a/flutter_web_auth_2/android/src/main/kotlin/com/linusu/flutter_web_auth_2/FlutterWebAuth2Plugin.kt b/flutter_web_auth_2/android/src/main/kotlin/com/linusu/flutter_web_auth_2/FlutterWebAuth2Plugin.kt
@@ -3,9 +3,7 @@ package com.linusu.flutter_web_auth_2
 import android.app.Activity
 import android.content.Context
 import android.content.Intent
-import android.content.pm.PackageManager
 import android.net.Uri
-import android.os.Build
 import androidx.browser.customtabs.CustomTabsClient
 
 import io.flutter.embedding.engine.plugins.FlutterPlugin
@@ -49,8 +47,8 @@ class FlutterWebAuth2Plugin(
                 val options = call.argument<Map<String, Any>>("options")!!
 
                 callbacks[callbackUrlScheme] = resultCallback
-                activity?.startActivity(Intent(activity,AuthenticationManagementActivity::class.java).apply {
-                    putExtra(AuthenticationManagementActivity.KEY_AUTH_URI,url)
+                activity?.startActivity(Intent(activity, AuthenticationManagementActivity::class.java).apply {
+                    putExtra(AuthenticationManagementActivity.KEY_AUTH_URI, url)
                     putExtra(AuthenticationManagementActivity.KEY_AUTH_OPTION_INTENT_FLAGS, options["intentFlags"] as Int)
                     putExtra(AuthenticationManagementActivity.KEY_AUTH_OPTION_TARGET_PACKAGE, findTargetBrowserPackageName(options))
                     putExtra(AuthenticationManagementActivity.KEY_AUTH_CALLBACK_SCHEME, callbackUrlScheme)
@@ -92,66 +90,67 @@ class FlutterWebAuth2Plugin(
      * Find Support CustomTabs Browser.
      *
      * Priority:
-     * 1. Chrome
-     * 2. Custom Browser Order
-     * 3. default Browser
-     * 4. Installed Browser
+     * 1. Custom Browser Order (if supported)
+     * 2. default Browser
+     * 3. Installed Browsers (if supported)
+     * 4. Chrome (last fallback)
      */
-    private fun findTargetBrowserPackageName(options: Map<String, Any>): String? {
-        @Suppress("UNCHECKED_CAST")
-        val customTabsPackageOrder = (options["customTabsPackageOrder"] as Iterable<String>?) ?: emptyList()
-        // Check target browser
-        var targetPackage = customTabsPackageOrder.firstOrNull { isSupportCustomTabs(it) }
-        if (targetPackage != null) {
-            return targetPackage
+    private fun findTargetBrowserPackageName(options: Map<String, Any>): String {
+        val context = requireNotNull(context) { "Context is null" }
+
+        val selectedPackage = (options["customTabsPackageOrder"] as? Iterable<*>)
+            ?.mapNotNull { (it as? String)?.trim() }
+            ?.filter { it.isNotEmpty() }
+            ?.firstOrNull { isSupportCustomTabs(it) }
+
+        if (selectedPackage != null) {
+            return selectedPackage
         }
 
         // Check default browser
-        val defaultBrowserSupported = CustomTabsClient.getPackageName(context!!, emptyList<String>()) != null
-        if (defaultBrowserSupported) {
-            return null;
+        val defaultBrowserSupported = CustomTabsClient.getPackageName(context, emptyList<String>())
+        if (defaultBrowserSupported != null) {
+            return defaultBrowserSupported
         }
         // Check installed browser
-        val allBrowsers = getInstalledBrowsers()
-        targetPackage = allBrowsers.firstOrNull { isSupportCustomTabs(it) }
+        val matchedBrowser = getInstalledBrowsers().firstOrNull { isSupportCustomTabs(it) }
 
         // Safely fall back on Chrome just in case
-        val chromePackage = "com.android.chrome"
-        if (targetPackage == null && isSupportCustomTabs(chromePackage)) {
-            return chromePackage
-        }
-        return targetPackage
+        return matchedBrowser ?: PackageNames.CHROME_STABLE
     }
 
     private fun getInstalledBrowsers(): List<String> {
+        val context = requireNotNull(context) { "Context is null" }
+
         // Get all apps that can handle VIEW intents
-        val activityIntent = Intent(Intent.ACTION_VIEW, Uri.parse("http://"))
-        val packageManager = context!!.packageManager
-        val viewIntentHandlers = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-            packageManager.queryIntentActivities(activityIntent, PackageManager.MATCH_ALL)
-        } else {
-            packageManager.queryIntentActivities(activityIntent, 0)
-        }
+        val activityIntent = Intent(Intent.ACTION_VIEW, Uri.parse("https://"))
+        val viewIntentHandlers = context.getPackagesForIntent(activityIntent)
+
+        val preferredKnownBrowsers = listOf(
+            PackageNames.CHROME_STABLE,
+            PackageNames.CHROME_BETA,
+            PackageNames.SAMSUNG_INTERNET,
+            PackageNames.MICROSOFT_EDGE,
+            PackageNames.FIREFOX,
+            PackageNames.CHROME_DEV,
+        )
 
-        val allBrowser = viewIntentHandlers.map { it.activityInfo.packageName }.sortedWith(compareBy {
-            if (setOf(
-                    "com.android.chrome",
-                    "com.chrome.beta",
-                    "com.chrome.dev",
-                    "com.microsoft.emmx"
-                ).contains(it)
-            ) {
-                return@compareBy -1
-            }
+        val preferred = mutableListOf<String>()
+        val others = mutableListOf<String>()
+        val pushToEnd = mutableListOf<String>() // for the least-favorite apps
 
-            // Firefox default is not enabled, must enable in the browser settings.
-            if (setOf("org.mozilla.firefox").contains(it)) {
-                return@compareBy 1
-            }
-            return@compareBy 0
-        })
+        for (pkg in viewIntentHandlers) {
+            if (preferredKnownBrowsers.contains(pkg)) preferred += pkg
+            else others += pkg
+        }
 
-        return allBrowser
+        preferred.sortBy { preferredKnownBrowsers.indexOf(it) }
+
+        return buildList {
+            addAll(preferred)
+            addAll(others)
+            addAll(pushToEnd)
+        }
     }
 
     private fun isSupportCustomTabs(packageName: String): Boolean {
diff --git a/flutter_web_auth_2/android/src/main/kotlin/com/linusu/flutter_web_auth_2/TabBuilderWrapper.kt b/flutter_web_auth_2/android/src/main/kotlin/com/linusu/flutter_web_auth_2/TabBuilderWrapper.kt
@@ -0,0 +1,65 @@
+package com.linusu.flutter_web_auth_2
+
+import android.annotation.SuppressLint
+import android.app.Activity
+import android.content.Intent
+import android.net.Uri
+import androidx.activity.result.ActivityResultLauncher
+import androidx.browser.auth.AuthTabIntent
+import androidx.browser.customtabs.CustomTabsIntent
+
+interface TabBuilderWrapper {
+    fun setEphemeralBrowsingEnabled(enabled: Boolean): TabBuilderWrapper
+    fun build(): IntentWrapper
+}
+
+interface IntentWrapper {
+    val intent: Intent
+    fun launch(activity: Activity, launcher: ActivityResultLauncher<Intent>, url: Uri, redirectHost: String, redirectPath: String)
+    fun launch(activity: Activity, launcher: ActivityResultLauncher<Intent>, url: Uri, redirectScheme: String)
+}
+
+@SuppressLint("UnsafeOptInUsageError", "UnsafeOptInUsageWarning")
+class CtBuilderWrapper(private val b: CustomTabsIntent.Builder) : TabBuilderWrapper {
+    override fun setEphemeralBrowsingEnabled(enabled: Boolean) = apply { b.setEphemeralBrowsingEnabled(enabled) }
+
+    override fun build(): IntentWrapper {
+        val intent = b.build()
+        return object : IntentWrapper {
+
+            override val intent: Intent
+                get() = intent.intent
+
+            override fun launch(activity: Activity, launcher: ActivityResultLauncher<Intent>, url: Uri, redirectHost: String, redirectPath: String) {
+                intent.launchUrl(activity, url)
+            }
+
+            override fun launch(activity: Activity, launcher: ActivityResultLauncher<Intent>, url: Uri, redirectScheme: String) {
+                intent.launchUrl(activity, url)
+            }
+        }
+    }
+}
+
+@SuppressLint("UnsafeOptInUsageError", "UnsafeOptInUsageWarning")
+class AuthTabBuilderWrapper(private val b: AuthTabIntent.Builder) : TabBuilderWrapper {
+
+    override fun setEphemeralBrowsingEnabled(enabled: Boolean) = apply { b.setEphemeralBrowsingEnabled(enabled) }
+
+    override fun build(): IntentWrapper {
+        val intent = b.build()
+        return object : IntentWrapper {
+
+            override val intent: Intent
+                get() = intent.intent
+
+            override fun launch(activity: Activity, launcher: ActivityResultLauncher<Intent>, url: Uri, redirectHost: String, redirectPath: String) {
+                intent.launch(launcher, url, redirectHost, redirectPath)
+            }
+
+            override fun launch(activity: Activity, launcher: ActivityResultLauncher<Intent>, url: Uri, redirectScheme: String) {
+                intent.launch(launcher, url, redirectScheme)
+            }
+        }
+    }
+}
diff --git a/flutter_web_auth_2/android/src/main/kotlin/com/linusu/flutter_web_auth_2/Utils.kt b/flutter_web_auth_2/android/src/main/kotlin/com/linusu/flutter_web_auth_2/Utils.kt
diff --git a/flutter_web_auth_2/lib/src/options.dart b/flutter_web_auth_2/lib/src/options.dart
