Auth0 Home Blog Docs

Xamarin Android custom error description from rule is hidden

xamarin
android
oidc

#1

It is hard to understand how it is meant to sort out the custom error message from rules while creating app with Xamarin for Android.

Here is example of rule to be used to return custom error message:

function (user, context, callback) {
    var whitelist = 'example.com', 'example.org']; //authorized domains
    var userHasAccess = whitelist.some(
      function (domain) {
        var emailSplit = user.email.split('@');
        return emailSplit[emailSplit.length - 1].toLowerCase() === domain;
      });

    if (!userHasAccess) {
      return callback(new UnauthorizedError('This is custom error message. Please contact to something@something.com to get further help.'));
    }

    return callback(null, user, context);
} 

Now, when this rule is executed via Xamarin Android app:
https://auth0.com/docs/quickstart/native/xamarin/01-login

This is the code which handles the return/result:

protected override async void OnNewIntent(Intent intent)
{
	base.OnNewIntent(intent);

	var loginResult = await client.ProcessResponseAsync(intent.DataString, authorizeState);

	var sb = new StringBuilder();
	if (loginResult.IsError)
	{
		sb.AppendLine($"An error occurred during login: {loginResult.Error}");
	}
	else
	{
		sb.AppendLine($"ID Token: {loginResult.IdentityToken}");
		sb.AppendLine($"Access Token: {loginResult.AccessToken}");
		sb.AppendLine($"Refresh Token: {loginResult.RefreshToken}");

		sb.AppendLine();

		sb.AppendLine("-- Claims --");
		foreach (var claim in loginResult.User.Claims)
		{
			sb.AppendLine($"{claim.Type} = {claim.Value}");
		}
	}

	userDetailsTextView.Text = sb.ToString();
}

Now the custom error message (‘This is custom error message. Please contact to something@something.com to get further help.’) is inside the query of intent.DataString.

Like this:

com.auth0.quickstart://xxx.eu.auth0.com/android/com.auth0.quickstart/callback?error=unauthorized&error_description=This is custom error message. Please contact to something@something.com to get further help.&state=xyz#

However, the loginResult does not offer this information as easy readable property.

Is this really how it should be? Would be nice to offer the same information directly to the user of app. Or is this error_description more likely to be used in lock screen rather than user app? If that is the purpose, then this error_description is got by splitting intent.DataString sufficient way, correct?

Thanks in advance.


#2

The Xamarin Android uses the Auth0 OIDC Client which in turn is based on the IdentityModel OpenID Connect Client Library. The LoginResult object that you get from the ProcessResponseAsync method is defined in this IdentityModel and, as you can see here it only provides a simple error string. For this reason it was chosen to provide the error type (access_denied, unauthorized) and not the full description in that field. The workaround, as you’ve figured out by yourself, is to parse the intent.DataString to get the error description.


#3

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.