Crash on Android : dataIntent must not be null

[shinekumar]

Thanks for the great component. It is working perfectly on iOS. But on Android, I am getting a crash.
I have given details below. Please let me know if you need additional details. Thanks!

Device Info
Samsung Galaxy S5
OS: 6.0.1

Package Info
"react-native-app-auth": "^2.6.0",

Issue

• Login Page Loads
• Enters Username and Password. Press Login
• App Crashes

Log

java.lang.RuntimeException: Failure delivering result ResultInfo{who=null, request=0, result=0, data=null} to activity {com.realsavvyv3/com.realsavvyv3.MainActivity-Main}: java.lang.NullPointerException: dataIntent must not be null
at android.app.ActivityThread.deliverResults(ActivityThread.java:4920)
at android.app.ActivityThread.handleSendResult(ActivityThread.java:4963)
at android.app.ActivityThread.access$1600(ActivityThread.java:221)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1848)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:158)
at android.app.ActivityThread.main(ActivityThread.java:7224)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120)
Caused by: java.lang.NullPointerException: dataIntent must not be null
at net.openid.appauth.Preconditions.checkNotNull(Preconditions.java:55)
at net.openid.appauth.AuthorizationResponse.fromIntent(AuthorizationResponse.java:565)
at com.reactlibrary.RNAppAuthModule.onActivityResult(RNAppAuthModule.java:213)
at com.facebook.react.bridge.ReactContext.onActivityResult(ReactContext.java:255)
at com.facebook.react.ReactInstanceManager.onActivityResult(ReactInstanceManager.java:730)
at com.facebook.react.ReactActivityDelegate.onActivityResult(ReactActivityDelegate.java:126)
at com.facebook.react.ReactActivity.onActivityResult(ReactActivity.java:77)
at android.app.Activity.dispatchActivityResult(Activity.java:7137)
at android.app.ActivityThread.deliverResults(ActivityThread.java:4916)
at android.app.ActivityThread.handleSendResult(ActivityThread.java:4963) 
at android.app.ActivityThread.access$1600(ActivityThread.java:221) 
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1848) 
at android.os.Handler.dispatchMessage(Handler.java:102) 
at android.os.Looper.loop(Looper.java:158) 
at android.app.ActivityThread.main(ActivityThread.java:7224) 
at java.lang.reflect.Method.invoke(Native Method)

[thestillheron]

I'm also experiencing this issue. Can I ask what kind of authorization server you're trying to integrate with?

I'm having exactly this issue while trying to integrate with Azure Active Directory B2C.

[shinekumar]

@finalgriever I don't think it has anything to do with the server. It is purely an issue with the module. Right now I am using browser for Android as it is still crashing.

[thestillheron]

I've continued my work on diagnosing this issue, and I've started to realise that this exact error message can occur on any number of problems.

In my case, I've been able to reproduce this error message by creating the following invalid states:

• Attempting to use a redirectUrl that has not been whitelisted on the auth server
• Not having my application listen on the given redirectUrl
• Not having my auth server be correctly listed with my social identity provider

Basically, this error message seems to be provoked by any failure in any part of the communication between the auth server, and the client. Which makes troubleshooting any problem in that area a bit of a nightmare.

I've since managed to resolve my issues, and now I'm getting "Failed exchange token". Good times :P

[kadikraman]

I appreciate it's a nightmare to debug. More informative error messaging is certainly on the roadmap. Are you using a mainstream auth provider or is it in house? Is there any way I could reproduce the error?

[jeff-halhead]

Hi @finalgriever did you find a solution? I'm getting the same "Failed exchance token" error message when trying to integrate with with B2C.

[shinekumar]

@kadikraman it is an in-house server. I don't know a way to recreate it. If you guide me through some steps to troubleshoot, I am happy to help

[thestillheron]

Sorry @jeff-halhead, I can't remember exactly what I did to resolve that issue.
There were a few problems that I had which I recall having to use the following fixes for:

• I had to specify the authorization and token endpoints explicitly with the service configuration property
• I had been setting up my intent filters wrong, so my app wasn't correctly listening for the callback
• I had been providing the policy get parameter (the p parameter) in the "additionalParameters" parameter. Instead, I should have been hard coding it into the urls provided for the auth and token endpoints.

[jeff-halhead]

@finalgriever Thanks for getting back to me. I also had a few problems with my configuration and now it is working. I was able to solve them by debugging RNAppAuthModule and looking at the exceptions that were happening.

For anyone else who is struggling, this is the config I used that is working for me. It is different from the Azure AD one in the main README file.

export const b2cConfig = {
    issuer: 'https://login.microsoftonline.com/<tenant name>/v2.0?p=<sign in/up policy name>',
    clientId: '<client id>',
    redirectUrl: '<appAuthRedirectScheme from build.gradle>://oauth2/redirect',
    scopes: [
        'openid',
        'offline_access',
        '<client id>',
    ],
    additionalParameters: {},
};

[kadikraman]

Interesting @jeff-halhead so the differences I see are

1. appending /v2.0?p=<sign in/up policy name> to your issuer
2. adding client id to scopes

Adding the client id to scopes seems very strange, is that definitely needed?

As for editing the url parameter, you can replace that with

additionalParameters: {
  p: <sign in/up policy name>
}

Which is equivalent.

[jeff-halhead]

@kadikraman adding the client id to scopes was actually not required. Please disregard that change.

I tried adding the sign in policy to additionalParameters but it does not work in my case.

[duro]

@kadikraman As I mentioned in closed ticket #101 we are experiencing this same crash when authing against Uber.

If you have any tips to nudge us in the right direction, we have some Java resources over here that can help do a deeper diagnosis.

Here is the stacktrace from the most recent crash:

# Crashlytics - plaintext stacktrace downloaded
# Platform: android
# OS Version: 8.0.0
# Device: SM-G950U1

#0. Crashed: main
       at android.app.ActivityThread.deliverResults(ActivityThread.java:4489)
       at android.app.ActivityThread.handleSendResult(ActivityThread.java:4532)
       at android.app.ActivityThread.-wrap20(Unknown Source)
       at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1752)
       at android.os.Handler.dispatchMessage(Handler.java:105)
       at android.os.Looper.loop(Looper.java:164)
       at android.app.ActivityThread.main(ActivityThread.java:6938)
       at java.lang.reflect.Method.invoke(Method.java)
       at com.android.internal.os.Zygote$MethodAndArgsCaller.run(Zygote.java:327)
       at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1374)

--

Fatal Exception: java.lang.RuntimeException: Failure delivering result ResultInfo{who=null, request=0, result=0, data=null} to activity {com.freebirdrides.android/com.freebirdrides.android.MainActivity}: java.lang.RuntimeException: java.lang.NullPointerException: dataIntent must not be null
       at android.app.ActivityThread.deliverResults(ActivityThread.java:4489)
       at android.app.ActivityThread.handleSendResult(ActivityThread.java:4532)
       at android.app.ActivityThread.-wrap20(Unknown Source)
       at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1752)
       at android.os.Handler.dispatchMessage(Handler.java:105)
       at android.os.Looper.loop(Looper.java:164)
       at android.app.ActivityThread.main(ActivityThread.java:6938)
       at java.lang.reflect.Method.invoke(Method.java)
       at com.android.internal.os.Zygote$MethodAndArgsCaller.run(Zygote.java:327)
       at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1374)

Caused by java.lang.RuntimeException: java.lang.NullPointerException: dataIntent must not be null
       at com.facebook.react.bridge.ReactContext.handleException(ReactContext.java:311)
       at com.facebook.react.bridge.ReactContext.onActivityResult(ReactContext.java:255)
       at com.facebook.react.ReactInstanceManager.onActivityResult(ReactInstanceManager.java:692)
       at com.facebook.react.ReactActivityDelegate.onActivityResult(ReactActivityDelegate.java:126)
       at com.facebook.react.ReactActivity.onActivityResult(ReactActivity.java:75)
       at com.freebirdrides.android.MainActivity.onActivityResult(MainActivity.java:13)
       at android.app.Activity.dispatchActivityResult(Activity.java:7548)
       at android.app.ActivityThread.deliverResults(ActivityThread.java:4485)
       at android.app.ActivityThread.handleSendResult(ActivityThread.java:4532)
       at android.app.ActivityThread.-wrap20(Unknown Source)
       at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1752)
       at android.os.Handler.dispatchMessage(Handler.java:105)
       at android.os.Looper.loop(Looper.java:164)
       at android.app.ActivityThread.main(ActivityThread.java:6938)
       at java.lang.reflect.Method.invoke(Method.java)
       at com.android.internal.os.Zygote$MethodAndArgsCaller.run(Zygote.java:327)
       at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1374)

Caused by java.lang.NullPointerException: dataIntent must not be null
       at net.openid.appauth.Preconditions.checkNotNull(Preconditions.java:55)
       at net.openid.appauth.AuthorizationResponse.fromIntent(AuthorizationResponse.java:565)
       at com.reactlibrary.RNAppAuthModule.onActivityResult(RNAppAuthModule.java:210)
       at com.facebook.react.bridge.ReactContext.onActivityResult(ReactContext.java:253)
       at com.facebook.react.ReactInstanceManager.onActivityResult(ReactInstanceManager.java:692)
       at com.facebook.react.ReactActivityDelegate.onActivityResult(ReactActivityDelegate.java:126)
       at com.facebook.react.ReactActivity.onActivityResult(ReactActivity.java:75)
       at com.freebirdrides.android.MainActivity.onActivityResult(MainActivity.java:13)
       at android.app.Activity.dispatchActivityResult(Activity.java:7548)
       at android.app.ActivityThread.deliverResults(ActivityThread.java:4485)
       at android.app.ActivityThread.handleSendResult(ActivityThread.java:4532)
       at android.app.ActivityThread.-wrap20(Unknown Source)
       at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1752)
       at android.os.Handler.dispatchMessage(Handler.java:105)
       at android.os.Looper.loop(Looper.java:164)
       at android.app.ActivityThread.main(ActivityThread.java:6938)
       at java.lang.reflect.Method.invoke(Method.java)
       at com.android.internal.os.Zygote$MethodAndArgsCaller.run(Zygote.java:327)
       at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1374)

[kadikraman]

@duro I'm confident it's not the same issue as the one you've linked to. The problem there was that the startActivityForResult API we used was not supported on older Android phones. However you've said your error is happening on newer versions.

Have you managed to reproduce it locally on an emulator or has it just been in logs?

[duro]

@kadikraman This has only been in Crashlytics / Play Store logs. We have tried repeatedly to reproduce locally, but to no avail. However, the crash volume in Crashlytics / Play Store is considerable. We have been getting 10-20 a day.

[kadikraman]

@duro this is going to be a blast to debug 😄

You've probably already figured this out, but the error is happening here which is when the user has authenticated in the browser, and we're deep linking back to the app. The Intent being passed in is null so the actual error being thrown is here in the AppAuth-Android library we're bridging.

I don't really know what's causing this, it could be

1. device specific
2. service provider specific
3. user spesific
4. combination of ^^
5. ??? something we haven't thought of yet

It would be ideal if we could reproduce the error locally. Do you have any more stats on your logs? Exactly which devices on which version of Android?

[duro]

@kadikraman Here is the info that Crashlytics gives us on this:

[duro]

@kadikraman And here is what Play Store is reporting:

[Petemir]

I am having this problem also... it was working OK, I would like to believe I didn't change anything, but suddenly it stopped working.

My flow is like this: from the app I connect to the OAuth issuer, this redirects me to a server, and the server redirects me back to my app. If I enter directly into the endpoint of my server (without going through the OAuth process), the deeplink works OK. But if I follow the previously mentioned steps, it crashes.

Edit: apparently, I had changed something. Removing android:launchMode="singleTop from the MainActivity in AndroidManifest.xml made the deeplinking working again.

Edit 2: no launch mode except standard works in my case, all the other ones give the dataIntent must not be nullcrash.

[sraka1]

We're also seeing this issue occur in Fabric/Crashlytics with some users (we're using Keycloak). However, we've been unable to replicate it locally.

@duro Did you find the root cause of the issue in your instance?

[dajaffe]

I'm seeing very similar crash stacks to this one, and was able to reproduce this using reproductions steps on the AppAuth Github here: openid/AppAuth-Android#318

My stack is a little different, but probably related:

java.lang.RuntimeException Unable to resume activity {com.knitci/net.openid.appauth.AuthorizationManagementActivity}: java.lang.NullPointerException: Attempt to invoke virtual method 'java.lang.String android.content.Intent.toString()' on a null object reference

[emusgrave]

I may have stumbled upon a possible cause/solution to this issue. In my case, I had added DeepLinking support to my app via an intent-filter that was using the same uri as my app-auth callback. The very first time I tried to log in I was presented with a choice of what filter to use to process the uri, and if I DIDN'T pick the app-auth one, then my app crashed all the time after that.

This was my bad config:
In app/build.gradle:

manifestPlaceholders = [
  appAuthRedirectScheme: 'my-app-uri'
]

In AndroidManifest.xml:

<intent-filter>
  <action android:name="android.intent.action.MAIN" />
  <category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
<intent-filter android:label="filter_react_native">
  <action android:name="android.intent.action.VIEW" />
  <category android:name="android.intent.category.DEFAULT" />
  <category android:name="android.intent.category.BROWSABLE" />
  <data android:scheme="my-app-uri" />
</intent-filter>

So I was presented with an option after logging in to open the redirect in either "filter_react_native" or "My App". If I chose "filter_react_native", then the app crashed with the DataIntent is null error. And of course the selection sticks, so I would ALWAYS crash after that.

But the documentation for AppAuth-android helped me figure out that the intent-filter is an alternative to the manifestPlaceholders entry. (i.e. so the two conflict)
https://github.com/openid/AppAuth-android#capturing-the-authorization-redirect

The solution is easy, for DeepLinking other content (not auth), just use a different uri. Now my auth uri is different than my intent-filter for DeepLinking to other parts of the app, and everything seems to be working great.

(One caveat... my app is not released yet so I am only confirming this with my own personal user experience)

[AlgirdasVZ]

Seeing this issue from a handful (3-4%) of our Android users as well. Steps to recreate the crash were:

1. Open the app
2. Open the idp web login screen in the app
3. Put the app in background
4. Start the app from the device launcher

Everything works fine in all other cases (i.e resuming the app from background works fine).

Update: looks like having android:launchMode="singleTask" in AndroidManifest.xml causes this behaviour. Removing it is not a solution for our app though as it alters quite a few things. I.e. using android:launchMode="singleTop" and following the steps i've mentioned ends up in having two activities within the app.

[janpieterz]

@kadikraman sounds like a reproducible case is found for this, but does this perhaps belong in https://github.com/openid/AppAuth-Android?

[mklekowski]

Hi, I have the similar exception but in different case:

1. Start authorizing - login page is displayed in chrome
2. Minimize the app
3. Open app again from applications menu.
4. App crashes

(PS. Should I create separate issue?)

[AlgirdasVZ]

Hi guys! I've played around with react-native-app-auth code and looks like there is an easy solution to this problem. So again, this is the scenario:

1. Open the app
2. Open the idp web login screen in the app
3. Put the app in background
4. Start the app from the device launcher

Prerequisites: android:launchMode="singleTask" in AndroidManifest.xml

So the app crashes after the step 4, and this is the place in the plugin code where it happens (in RNAppAuthModule.java):

@Override
public void onActivityResult(Activity activity, int requestCode, int resultCode, Intent data) {
        if (requestCode == 0) {
            final AuthorizationResponse response = AuthorizationResponse.fromIntent(data);
            ...

So this what happens - onActivityResult is called after step 4 and in that case data (intent) is null. A method from net.openid.appauth.AuthorizationResponse (AuthorizationResponse.fromIntent) is then called with null, and since it has a null checker, it simply throws a NullPointerException and crashes the app.

Simplest solution would be to add an if statement just before this method is called which would check if data intent is null and then reject the promise and return if it is.

Something like:

if (data == null) {
    promise.reject("Failed to authenticate", "Data intent is null" );
    return;
}

Are there any side effects which this approach could case? As far as I see it would only handle the case where dataIntent is null, which is basically an error scenario - that appauth method "AuthorizationResponse.fromIntent" will otherwise always crash the app if it receives null, so it should be ok, there is no point for the onActivityResult to continue. @kadikraman @janpieterz Should I create a pull request?

[mmailhos]

For anyone having the same issue, I resolved mine by removing the intent-filter activity from my AndroidManifest.xml (only keep the redirection scheme settings in gradle config).