Fix: Critical login state and authentication issues

Author: zerox80

opencloudApp/src/main/AndroidManifest.xml

@@ -236,7 +236,7 @@
             android:name=".presentation.authentication.LoginActivity"
             android:exported="true"
             android:label="@string/login_label"
-            android:launchMode="singleTask"
+            android:launchMode="singleTop"
             android:theme="@style/Theme.openCloud.Toolbar">
             <intent-filter>
                 <action android:name="android.intent.action.VIEW" />

opencloudApp/src/main/java/eu/opencloud/android/MainApp.kt

@@ -39,7 +39,7 @@ import android.widget.CheckBox
 import androidx.appcompat.app.AlertDialog
 import androidx.core.content.pm.PackageInfoCompat
 import eu.opencloud.android.data.providers.implementation.OCSharedPreferencesProvider
-import eu.opencloud.android.datamodel.ThumbnailsCacheManager
+
 import eu.opencloud.android.db.PreferenceManager
 import eu.opencloud.android.dependecyinjection.commonModule
 import eu.opencloud.android.dependecyinjection.localDataSourceModule
@@ -99,6 +99,15 @@ class MainApp : Application() {
 
         appContext = applicationContext
 
+        // Ensure Logcat shows Timber logs in debug builds
+        if (BuildConfig.DEBUG) {
+            try {
+                Timber.plant(Timber.DebugTree())
+            } catch (_: Throwable) {
+                // ignore if already planted
+            }
+        }
+
         startLogsIfEnabled()
 
         DebugInjector.injectDebugTools(appContext)
@@ -108,7 +117,9 @@ class MainApp : Application() {
         SingleSessionManager.setUserAgent(userAgent)
 
         // initialise thumbnails cache on background thread
-        ThumbnailsCacheManager.InitDiskCacheTask().execute()
+        // initialise thumbnails cache on background thread
+        
+
 
         initDependencyInjection()
 

opencloudApp/src/main/java/eu/opencloud/android/operations/SyncProfileOperation.kt

@@ -23,11 +23,10 @@ import android.accounts.Account
 import android.accounts.AccountManager
 import eu.opencloud.android.MainApp.Companion.appContext
 import eu.opencloud.android.domain.capabilities.usecases.GetStoredCapabilitiesUseCase
-import eu.opencloud.android.domain.user.usecases.GetUserAvatarAsyncUseCase
 import eu.opencloud.android.domain.user.usecases.GetUserInfoAsyncUseCase
 import eu.opencloud.android.domain.user.usecases.RefreshUserQuotaFromServerAsyncUseCase
 import eu.opencloud.android.lib.common.accounts.AccountUtils
-import eu.opencloud.android.presentation.avatar.AvatarManager
+
 import kotlinx.coroutines.CoroutineScope
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.launch
@@ -79,12 +78,8 @@ class SyncProfileOperation(
                     }
                     val shouldFetchAvatar = storedCapabilities?.isFetchingAvatarAllowed() ?: true
                     if (shouldFetchAvatar) {
-                        val getUserAvatarAsyncUseCase: GetUserAvatarAsyncUseCase by inject()
-                        val userAvatarResult = getUserAvatarAsyncUseCase(GetUserAvatarAsyncUseCase.Params(account.name))
-                        AvatarManager().handleAvatarUseCaseResult(account, userAvatarResult)
-                        if (userAvatarResult.isSuccess) {
-                            Timber.d("Avatar synchronized for account ${account.name}")
-                        }
+                         // Avatar fetching is now handled by Coil on demand
+                         Timber.d("Avatar sync handled by Coil for account ${account.name}")
                     } else {
                         Timber.d("Avatar for this account: ${account.name} won't be synced due to capabilities ")
                     }

opencloudApp/src/main/java/eu/opencloud/android/presentation/authentication/AuthenticationViewModel.kt

@@ -72,9 +72,9 @@ class AuthenticationViewModel(
     private val contextProvider: ContextProvider,
 ) : ViewModel() {
 
-    val codeVerifier: String = OAuthUtils().generateRandomCodeVerifier()
-    val codeChallenge: String = OAuthUtils().generateCodeChallenge(codeVerifier)
-    val oidcState: String = OAuthUtils().generateRandomState()
+    var codeVerifier: String = OAuthUtils().generateRandomCodeVerifier()
+    var codeChallenge: String = OAuthUtils().generateCodeChallenge(codeVerifier)
+    var oidcState: String = OAuthUtils().generateRandomState()
 
     private val _legacyWebfingerHost = MediatorLiveData<Event<UIResult<String>>>()
     val legacyWebfingerHost: LiveData<Event<UIResult<String>>> = _legacyWebfingerHost

opencloudApp/src/main/java/eu/opencloud/android/presentation/authentication/LoginActivity.kt

@@ -93,6 +93,13 @@ import org.koin.androidx.viewmodel.ext.android.viewModel
 import timber.log.Timber
 import java.io.File
 
+
+    private const val KEY_SERVER_BASE_URL = "KEY_SERVER_BASE_URL"
+    private const val KEY_OIDC_SUPPORTED = "KEY_OIDC_SUPPORTED"
+    private const val KEY_CODE_VERIFIER = "KEY_CODE_VERIFIER"
+    private const val KEY_CODE_CHALLENGE = "KEY_CODE_CHALLENGE"
+    private const val KEY_OIDC_STATE = "KEY_OIDC_STATE"
+
 class LoginActivity : AppCompatActivity(), SslUntrustedCertDialog.OnSslUntrustedCertListener, SecurityEnforced {
 
     private val authenticationViewModel by viewModel<AuthenticationViewModel>()
@@ -114,6 +121,16 @@ class LoginActivity : AppCompatActivity(), SslUntrustedCertDialog.OnSslUntrusted
     private var resultBundle: Bundle? = null
 
     override fun onCreate(savedInstanceState: Bundle?) {
+        if (intent.data != null && (intent.data?.getQueryParameter("code") != null || intent.data?.getQueryParameter("error") != null)) {
+            if (!isTaskRoot) {
+                val newIntent = Intent(this, LoginActivity::class.java)
+                newIntent.data = intent.data
+                newIntent.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP or Intent.FLAG_ACTIVITY_SINGLE_TOP)
+                startActivity(newIntent)
+                finish()
+                return
+            }
+        }
         super.onCreate(savedInstanceState)
 
         checkPasscodeEnforced(this)
@@ -136,6 +153,11 @@ class LoginActivity : AppCompatActivity(), SslUntrustedCertDialog.OnSslUntrusted
             }
         } else {
             authTokenType = savedInstanceState.getString(KEY_AUTH_TOKEN_TYPE)
+            savedInstanceState.getString(KEY_SERVER_BASE_URL)?.let { serverBaseUrl = it }
+            oidcSupported = savedInstanceState.getBoolean(KEY_OIDC_SUPPORTED)
+            savedInstanceState.getString(KEY_CODE_VERIFIER)?.let { authenticationViewModel.codeVerifier = it }
+            savedInstanceState.getString(KEY_CODE_CHALLENGE)?.let { authenticationViewModel.codeChallenge = it }
+            savedInstanceState.getString(KEY_OIDC_STATE)?.let { authenticationViewModel.oidcState = it }
         }
 
         // UI initialization
@@ -164,6 +186,17 @@ class LoginActivity : AppCompatActivity(), SslUntrustedCertDialog.OnSslUntrusted
                     binding.accountUsername.setText(username)
                 }
             }
+        } else {
+            // Restore UI state
+            if (::serverBaseUrl.isInitialized && serverBaseUrl.isNotEmpty()) {
+                binding.hostUrlInput.setText(serverBaseUrl)
+                
+                if (authTokenType == BASIC_TOKEN_TYPE) {
+                    showOrHideBasicAuthFields(shouldBeVisible = true)
+                } else if (authTokenType == OAUTH_TOKEN_TYPE) {
+                    showOrHideBasicAuthFields(shouldBeVisible = false)
+                }
+            }
         }
 
         binding.root.filterTouchesWhenObscured =
@@ -194,10 +227,17 @@ class LoginActivity : AppCompatActivity(), SslUntrustedCertDialog.OnSslUntrusted
         accountAuthenticatorResponse?.onRequestContinued()
 
         initLiveDataObservers()
+
+        if (intent.data != null && (intent.data?.getQueryParameter("code") != null || intent.data?.getQueryParameter("error") != null)) {
+            if (savedInstanceState == null) {
+                restoreAuthState()
+            }
+            handleGetAuthorizationCodeResponse(intent)
+        }
     }
 
     private fun handleDeepLink() {
-        if (intent.data != null) {
+        if (intent.data != null && intent.data?.getQueryParameter("code") == null && intent.data?.getQueryParameter("error") == null) {
             authenticationViewModel.launchedFromDeepLink = true
             if (getAccounts(baseContext).isNotEmpty()) {
                 launchFileDisplayActivity()
@@ -469,6 +509,7 @@ class LoginActivity : AppCompatActivity(), SslUntrustedCertDialog.OnSslUntrusted
         setResult(Activity.RESULT_OK, intent)
 
         authenticationViewModel.discoverAccount(accountName = accountName, discoveryNeeded = loginAction == ACTION_CREATE)
+        clearAuthState()
     }
 
     private fun loginIsLoading() {
@@ -498,6 +539,7 @@ class LoginActivity : AppCompatActivity(), SslUntrustedCertDialog.OnSslUntrusted
                 }
             }
         }
+        clearAuthState()
     }
 
     /**
@@ -553,6 +595,7 @@ class LoginActivity : AppCompatActivity(), SslUntrustedCertDialog.OnSslUntrusted
         )
 
         try {
+            saveAuthState()
             customTabsIntent.launchUrl(
                 this,
                 authorizationEndpointUri
@@ -853,6 +896,10 @@ class LoginActivity : AppCompatActivity(), SslUntrustedCertDialog.OnSslUntrusted
     override fun onSaveInstanceState(outState: Bundle) {
         super.onSaveInstanceState(outState)
         outState.putString(KEY_AUTH_TOKEN_TYPE, authTokenType)
+        if (::serverBaseUrl.isInitialized) {
+            outState.putString(KEY_SERVER_BASE_URL, serverBaseUrl)
+        }
+        outState.putBoolean(KEY_OIDC_SUPPORTED, oidcSupported)
     }
 
     override fun finish() {
@@ -873,4 +920,26 @@ class LoginActivity : AppCompatActivity(), SslUntrustedCertDialog.OnSslUntrusted
     override fun optionLockSelected(type: LockType) {
         manageOptionLockSelected(type)
     }
+
+    private fun saveAuthState() {
+        val prefs = getSharedPreferences("auth_state", android.content.Context.MODE_PRIVATE)
+        prefs.edit().apply {
+            putString(KEY_CODE_VERIFIER, authenticationViewModel.codeVerifier)
+            putString(KEY_CODE_CHALLENGE, authenticationViewModel.codeChallenge)
+            putString(KEY_OIDC_STATE, authenticationViewModel.oidcState)
+            apply()
+        }
+    }
+
+    private fun restoreAuthState() {
+        val prefs = getSharedPreferences("auth_state", android.content.Context.MODE_PRIVATE)
+        prefs.getString(KEY_CODE_VERIFIER, null)?.let { authenticationViewModel.codeVerifier = it }
+        prefs.getString(KEY_CODE_CHALLENGE, null)?.let { authenticationViewModel.codeChallenge = it }
+        prefs.getString(KEY_OIDC_STATE, null)?.let { authenticationViewModel.oidcState = it }
+    }
+
+    private fun clearAuthState() {
+        val prefs = getSharedPreferences("auth_state", android.content.Context.MODE_PRIVATE)
+        prefs.edit().clear().apply()
+    }
 }