question

FrancoBaz-5864 avatar image
0 Votes"
FrancoBaz-5864 asked AnTo edited

Google Login: after app verification on Android 11 devices appears: Error 403 disallowed_useragent

I made a Xamarin Forms app using Xamarin.Auth 1.7.0 which had no problems in Google authentication until it was waiting the verification of the consent screen. Since the consent screen has been successfully verificated, suddenly on some devices (not all!!!) the authentication produces
"Error 403 disallowed_useragent
Google can't sign you in safely inside this app. You can use Google sign-in by visiting this app's website in a browser like Safari or Chrome"
response_type=code
access_type=offline
scope=https://www.googleapis.com/aut/userinfo.email
Please note that I use
_auth = new OAuth2Authenticator(clientId, string.Empty, scope,
new Uri(AuthorizeUrl),
new Uri(redirectUrl),
new Uri(AccessTokenUrl),
null, true);
and it works perfectly on the Android 9 /10 devices we tried.
After lots of app uninstallations, removing Google accounts on the Android 11 devices, reset Chrome as default browser, exactly one time I managed to authenticate, so the consent screen appeared and the authentication worked, but then trying a counter-proof, after deleting the refresh token on the SecureStorage and trying a new authentication Error 403 always appears.

dotnet-xamarinformsdotnet-android
· 10
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @FrancoBaz-5864 , just as this issue mentioned,Xamarin.Auth has being replaced by authentication support in Xamarin.Essentials. So you can use Xamarin.Essentials: Web Authenticator instead.


0 Votes 0 ·

Thanks, but I would like to avoid an extra component on our Apache server. The fact is that our app manages to authenticate successfully on Google, OneDrive, and Dropbox, saving refresh tokens and secrets on secure storage, but in some devices with Android 11 the Google Web Authenticator gives Error 403 instead of the OAuth Consent Screen and choice of the username

0 Votes 0 ·

Is there any device with android 11 works as expected? if no, then it can be the reason that the lib didn't adapt into the new OS, if yes, then it can be other causes maybe we can start with the difference between the worked device and not working devices.

0 Votes 0 ·
Show more comments

1 Answer

AnTo avatar image
3 Votes"
AnTo answered AnTo edited

I had the same issue AND I FOUND HOW TO FIX IT!

I was so angry this was the only page 100% describing my problem without a fix, but I found it my self :)

For all of you having the same issue - Android 11 requires some lines in the app manifest in order to be able to read the browsers installed that supports custom tabs.

In order to do that you need to put the following in your AndroidManifest.xml file:

 <manifest ...>
             <queries>
                         ...
                         <intent>
                                     <action android:name="android.intent.action.VIEW" />
                                     <category android:name="android.intent.category.BROWSABLE" />
                                     <data android:scheme="https" />
                         </intent>
                         <intent>
                                     <action android:name="android.support.customtabs.action.CustomTabsService" />
                         </intent>
                         ...
             </queries>
             ...
 </manifest>

This can be see in this manifest file:
https://github.com/AzureAD/microsoft-authentication-library-common-for-android/blob/614c06eb8210069af6d089e6c97e79fb5c8cffb3/common/src/main/AndroidManifest.xml

Beers are more than welcome :)

Best regards,
Anton Polimenov

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

It worked for me too! Thanks Anton!
I uninstalled the app, installed it again on an Android 11 device, and the Google Drive/Photos authentication displayed the consent page that worked!
I suggest you write your solution as an ANSWER including the code to add to AndroidManifest.xml, so I can vote for you!!!

2 Votes 2 ·