Auth: Fix incomplete silent sign in for games (#2582)

Co-authored-by: Marvin W <[email protected]>

play-services-core/src/main/AndroidManifest.xml

@@ -572,6 +572,7 @@
             android:name="org.microg.gms.auth.consent.ConsentSignInActivity"
             android:process=":ui"
             android:exported="false"
+            android:excludeFromRecents="true"
             android:configChanges="keyboardHidden|keyboard|orientation|screenSize"
             android:theme="@style/Theme.AppCompat.DayNight.Dialog"/>
 

play-services-core/src/main/kotlin/org/microg/gms/auth/consent/ConsentSignInActivity.kt

@@ -19,6 +19,7 @@ import android.webkit.JavascriptInterface
 import android.webkit.WebView
 import android.webkit.WebViewClient
 import android.widget.ProgressBar
+import androidx.core.os.bundleOf
 import com.google.android.gms.R
 import org.microg.gms.profile.Build.generateWebViewUserAgentString
 import org.microg.gms.profile.ProfileManager
@@ -119,12 +120,11 @@ class ConsentSignInActivity : Activity() {
         try {
             Log.d(TAG, "sendReplay result -> $result")
             val obtain = Message.obtain()
-            obtain.what = 1
-            obtain.obj = result
+            obtain.data = bundleOf(Pair(CONSENT_RESULT, result))
             messenger?.send(obtain)
             sendSuccessResult = true
         } catch (e: Exception) {
-            Log.d(TAG, "sendReplay Exception -> " + e.message)
+            Log.w(TAG, "sendReplay Exception -> ", e)
         }
     }
 

play-services-core/src/main/kotlin/org/microg/gms/auth/signin/AuthSignInService.kt

@@ -16,6 +16,7 @@
 package org.microg.gms.auth.signin
 
 import android.accounts.Account
+import android.accounts.AccountManager
 import android.content.Context
 import android.os.Bundle
 import android.os.Parcel
@@ -37,6 +38,7 @@ import com.google.android.gms.common.internal.ConnectionInfo
 import com.google.android.gms.common.internal.GetServiceRequest
 import com.google.android.gms.common.internal.IGmsCallbacks
 import org.microg.gms.BaseService
+import org.microg.gms.auth.AuthConstants
 import org.microg.gms.auth.AuthPrefs
 import org.microg.gms.common.GmsService
 import org.microg.gms.common.PackageUtils
@@ -77,8 +79,12 @@ class AuthSignInServiceImpl(
         }
         lifecycleScope.launchWhenStarted {
             try {
-                val account = account ?: options?.account ?: SignInConfigurationService.getDefaultAccount(context, packageName)
-                if (account != null && options?.isForceCodeForRefreshToken != true && options?.includeUnacceptableScope != true) {
+                val account = account 
+                    ?: options?.account 
+                    ?: SignInConfigurationService.getDefaultAccount(context, packageName) 
+                    ?: AccountManager.get(context).getAccountsByType(AuthConstants.DEFAULT_ACCOUNT_TYPE).firstOrNull()
+                Log.d(TAG, "silentSignIn: account -> ${account?.name}")
+                if (account != null && options?.isForceCodeForRefreshToken != true) {
                     if (getOAuthManager(context, packageName, options, account).isPermitted || AuthPrefs.isTrustGooglePermitted(context)) {
                         val googleSignInAccount = performSignIn(context, packageName, options, account)
                         if (googleSignInAccount != null) {

play-services-core/src/main/kotlin/org/microg/gms/auth/signin/extensions.kt

@@ -104,7 +104,7 @@ suspend fun checkAccountAuthStatus(context: Context, packageName: String, scopeL
 suspend fun performSignIn(context: Context, packageName: String, options: GoogleSignInOptions?, account: Account, permitted: Boolean = false): GoogleSignInAccount? {
     val authManager = getOAuthManager(context, packageName, options, account)
     val authResponse = withContext(Dispatchers.IO) {
-        if (options?.includeUnacceptableScope == true) {
+        if (options?.includeUnacceptableScope == true || !permitted) {
             authManager.setTokenRequestOptions(consentRequestOptions)
         }
         if (permitted) authManager.isPermitted = true
@@ -134,7 +134,8 @@ suspend fun performSignIn(context: Context, packageName: String, options: Google
     val serverAuthCode: String? = if (options?.isServerAuthCodeRequested == true) serverAuthTokenResponse?.auth else null
     val expirationTime = min(authResponse.expiry.orMaxIfNegative(), idTokenResponse?.expiry.orMaxIfNegative())
     val obfuscatedIdentifier: String = MessageDigest.getInstance("MD5").digest("$googleUserId:$packageName".encodeToByteArray()).toHexString().uppercase()
-    val grantedScopes = authResponse.grantedScopes?.split(" ").orEmpty().map { Scope(it) }.toSet()
+    val grantedScopeList = authResponse.grantedScopes ?: idTokenResponse?.grantedScopes ?: serverAuthTokenResponse?.grantedScopes
+    val grantedScopes = grantedScopeList?.split(" ").orEmpty().map { Scope(it) }.toSet()
     val (givenName, familyName, displayName, photoUrl) = if (options?.includeProfile == true) {
         val databaseHelper = DatabaseHelper(context)
         val cursor = databaseHelper.getOwner(account.name)
@@ -184,12 +185,13 @@ suspend fun performConsentView(context: Context, packageName: String, account: A
     return withContext(Dispatchers.IO) {
         val deferred = CompletableDeferred<String?>()
         val intent = Intent(context, ConsentSignInActivity::class.java).apply {
+            flags = Intent.FLAG_ACTIVITY_NEW_TASK
             putExtra(CONSENT_URL, consentResponse.consentUrl)
             putExtra(CONSENT_MESSENGER, Messenger(object : Handler(Looper.getMainLooper()) {
                 override fun handleMessage(msg: Message) {
-                    val content = msg.obj
-                    Log.d(TAG, "performConsentView: ConsentSignInActivity deferred ")
-                    deferred.complete(content?.toString())
+                    val content = msg.data.getString(CONSENT_RESULT)
+                    Log.d(TAG, "performConsentView: ConsentSignInActivity deferred content: $content")
+                    deferred.complete(content)
                 }
             }))
             cookies.forEachIndexed { index, cookie ->