iOS-FaceID Popup prevents In-App browser from opening
Opened this issue · 0 comments
Hello, we have come across a pretty rare bug, which I was able to reproduce in this repo: https://github.com/g-feil/flutterappauthbug
We are using flutter_appauth in combination with local_auth for biometric authentification. In a very specific case (which by design should not occur in our app, but it did), the FaceID Popup prevents the correct execution of authorizeAndExchangeCode
. This is also shown in the attached video. We are using Ephemeral Session, the error occurs only on iOS.
LoginApp.mov
Reproduction as provided in code:
- Authenticate with biometrics using local_auth
- Confirm Biometrics (FaceID in our case)
- A small popup is seen for a few seconds, then the login page closes. (Tr: "App wants to use ... to sign in")
Why does this happen?
The callback of the local_auth authenticate
gets called as soon as the user confirms. However iOS still plays an animation, that shows the confirmation (the face converts into a tick). The flutter code reaches authorizeAndExchangeCode
while the animation is playing, and therefore this weird behavior occurs.
We were able to fix this issue by hardcoding a delay of 1.5 seconds, which is not optimal.
I don't think the local_auth package can fix this, because I have read in some forums, that this callback also gets executed early in native, but I'm not a pro in this area. The small popup in Step 3 leads me to think, that this case is interesting for the app_auth package.
Thanks for looking into this!