The acquireToken method doesn't work if the app uses "withFragmemt" in MSAL library

[VolodaUa]

Describe the bug
We are going to make b2c authorization in our Android app and we faced with issue with "IMultipleAccountPublicClientApplication.acquireToken" method and fragment.

Smartphone (please complete the following information):

• Device: Samsun M51, Google Pixel 7 Pro
• Android Version: 12, 13, 14
• Browser [e.g. Chrome, Edge] - WebView
• MSAL Version 4.10.0

Stacktrace
If a crash occurs, include the stacktrace.
W/MSALLogger: AuthorizationFragment:onCreate | [2022-11-11 13:11:47 - thread_name: main, correlation_id: UNSET - Android 31] No stored state. Unable to handle response W/AuthorizationFragment:onCreate: [2022-11-11 13:11:47 - thread_name: main, correlation_id: UNSET - Android 31] No stored state. Unable to handle response E/MSALLogger: AuthorizationFragment#finish | [2022-11-11 13:11:47 - thread_name: main, correlation_id: UNSET - Android 31] Logged as error to capture 'cause'; Exception occurred when removing ourselves from provided FragmentManager java.lang.IllegalStateException: FragmentManager is already executing transactions at androidx.fragment.app.FragmentManager.ensureExecReady(FragmentManager.java:1636) at androidx.fragment.app.FragmentManager.execSingleAction(FragmentManager.java:1666) at androidx.fragment.app.BackStackRecord.commitNow(BackStackRecord.java:317) at com.microsoft.identity.common.internal.providers.oauth2.AuthorizationFragment.finish(AuthorizationFragment.java:136) at com.microsoft.identity.common.internal.providers.oauth2.AuthorizationFragment.onCreate(AuthorizationFragment.java:94) at com.microsoft.identity.common.internal.providers.oauth2.WebViewAuthorizationFragment.onCreate(WebViewAuthorizationFragment.java:104) at androidx.fragment.app.Fragment.performCreate(Fragment.java:2981) at androidx.fragment.app.FragmentStateManager.create(FragmentStateManager.java:474) at androidx.fragment.app.FragmentStateManager.moveToExpectedState(FragmentStateManager.java:257) at androidx.fragment.app.FragmentManager.executeOpsTogether(FragmentManager.java:1840) at androidx.fragment.app.FragmentManager.removeRedundantOperationsAndExecute(FragmentManager.java:1758) at androidx.fragment.app.FragmentManager.execPendingActions(FragmentManager.java:1701) at androidx.fragment.app.FragmentManager$4.run(FragmentManager.java:488) at android.os.Handler.handleCallback(Handler.java:938) at android.os.Handler.dispatchMessage(Handler.java:99) at android.os.Looper.loopOnce(Looper.java:226) at android.os.Looper.loop(Looper.java:313) at android.app.ActivityThread.main(ActivityThread.java:8663) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:567) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1135)

To Reproduce
Steps to reproduce the behavior:

1. Create the fragment where you would like to have the WebView.
   As example, in sample app. it can be "MultipleAccountModeFragment" from the sample app.

2. Set the WebView client for "authorization_user_agent" : "WEBVIEW",

3. Add the "withFragment" to
   val parameters: AcquireTokenParameters = AcquireTokenParameters.Builder() .withScopes(AzureUserAuthorizationApi.SCOPES) .startAuthorizationFromActivity(requireActivity())// we are inside fragment .withCallback(b2cAuthenticationCallback) .withFragment(this)// this equals MultipleAccountModeFragment .withPrompt(Prompt.LOGIN) .build()

4. Call IMultipleAccountPublicClientApplication.acquireToken(parameters)

If related to development, please provide relevant configuration details necessary to understand your problem including any relevant traces, logs, or otherwise.

Expected behavior
I would like to have the WebView with content inside the fragment/over MultipleAccountModeFragment.

Actual Behavior
The error log message is observed, the spinner is running.

Screenshots

Additional context
Closed issue without fix:
#1725

[VolodaUa]

Fix:
Class: com.microsoft.identity.common.internal.providers.oauth2.AndroidAuthorizationStrategy
Method: launchIntent

If extras are available(!=null)
final Fragment authFragment = AuthorizationActivityFactory.getAuthorizationFragmentFromStartIntentWithState(
intent,
intent.getExtras()
);
Otherwise,
final Fragment authFragment = AuthorizationActivityFactory.getAuthorizationFragmentFromStartIntent(intent);

Final code:

protected void launchIntent(@NonNull Intent intent) throws ClientException { 
 ...
 
 final Fragment authFragment = getAuthorizationFragment(intent);
 ...
 }
 
private static Fragment getAuthorizationFragment(Intent intent) {
        if (intent.getExtras() != null) {
            return AuthorizationActivityFactory.getAuthorizationFragmentFromStartIntentWithState(
                    intent,
                    intent.getExtras()
            );
        }

        return AuthorizationActivityFactory.getAuthorizationFragmentFromStartIntent(intent);
    }   
  

[negoe]

Tracked internally [PRODUCT BACKLOG ITEM 2884521]

[VolodaUa]

Hi @negoe

Could you please tell me if there are any updates regarding this ticket?

Thanks a lot!