Error java on Web3AuthFlutter.init() on Android devices

fabio.tadini · July 17, 2023, 10:59am

Hello everyone,

using Flutter SDK, only on Android devices, we face an exception on Web3AuthFlutter.init(), it seems related to sharedPreferences or something similar.
Calling the function, the error that rise is “Caused by: android.security.KeyStoreException: Signature/MAC verification failed”, all the stack trace in attached picture.
This error prevent the private key and other data to be saved in sharedPreferences, blocking any further actions on our app.

Trying to understand what it is happening, we also notice that the sharedPreferences are required on Web3AuthFlutter.init() function, but they are initialized only on Web3AuthFlutter.initialize() function. This situation seems to create a kind of short circuit.

We do’t know if it’s related to our problem, but we find this pull request for Android SDK (used under the hood by Flutter SDK), so others encountered troubles on this flow.

Please provide us a solution or any other suggestions to let our login flow work properly.

On iOS devices it works like a charm.

SDK Version: 2.0.0
Screenshots of error: i give you the exception stacktrace

5f6bd8a0-2272-40c6-ba6c-4a956696a4641600×978 263 KB
Init code:

import 'dart:collection';
import 'dart:io';
import 'package:Mine/environment/env_manager.dart';
import 'package:web3auth_flutter/enums.dart';
import 'package:web3auth_flutter/input.dart';

Web3AuthOptions get web3AuthOptions => _buildOptions();

Web3AuthOptions _buildOptions() {
  Uri redirectUrl = _getRedirectUrl();

  return Web3AuthOptions(
    //Web3Auth ClientId - preso dalla dashboard Web3Auth
    clientId: EnvManager.instance.get("WEB3_AUTH_CLIENT_ID"),

    //Blockchain
    network: EnvManager.instance.stage == EnvStage.dev
        ? Network.testnet
        : Network.mainnet,

    //Url a cui rimandare gli utenti una volta loggati - Deep link applicazione
    redirectUrl: redirectUrl,

    //Eventuale whitelabel per personalizzare login web3auth
    whiteLabel: _getWhiteLabelData(),

    //Oggetto di configurazione del login
    loginConfig: _getLoginConfig(),
  );
}

WhiteLabelData _getWhiteLabelData() {
  final themeMap = HashMap<String, String>();
  themeMap['primary'] = "#5603AD";

  return WhiteLabelData(
    dark: false,
    name: "Mine",
    logoDark: "https://xxx.github.io/prova-host-js/logo.png",
    logoLight: "https://xxx.github.io/prova-host-js/logo.png",
    theme: themeMap,
  );
}

Uri _getRedirectUrl() {
  String uri;
  if (Platform.isAndroid) {
    uri = 'it.xxx.mine://auth';
  } else if (Platform.isIOS) {
    uri = 'it.xxx.mine://openlogin';
  } else {
    throw UnKnownException('Unknown platform');
  }
  return Uri.parse(uri);
}

HashMap<String, LoginConfigItem> _getLoginConfig() {
  final HashMap<String, LoginConfigItem> _loginConfig =
      new HashMap<String, LoginConfigItem>();

  _loginConfig['jwt'] = LoginConfigItem(
    // Verifier Name - preso dalla dashboard Web3Auth
    verifier: EnvManager.instance.get("WEB3_AUTH_VERIFIER_NAME"),

    // Verifier Type - preso dalla configurazione del verifier nella dashboard Web3Auth
    typeOfLogin: TypeOfLogin.jwt,

    // Name - stabilito arbitrariamente
    name: "Custom auth0 Login",

    // Auth0 clientId
    clientId: EnvManager.instance.get("AUTH0_CLIENT_ID"),
  );

  return _loginConfig;
}

Login code:


Future<void> initWeb3Auth() async {
    await Web3AuthFlutter.init(web3AuthOptions);
    await Web3AuthFlutter.initialize();
  }

Future<bool> loginWeb3() async {
    try {
      await initWeb3Auth();
      String? privKey = await Web3AuthFlutter.getPrivKey();
      if (privKey.isEmpty) {
        Web3AuthResponse response = await Web3AuthFlutter.login(LoginParams(
          loginProvider: Provider.jwt,
          mfaLevel: MFALevel.NONE,
          extraLoginOptions: ExtraLoginOptions(
            id_token: _auth0IdToken,
            domain: EnvManager.instance.get("AUTH0_DOMAIN"),
          ),
        ));

        _web3Data.web3authUser = response;
        privKey = response.privKey;
      }

      var wallet = EthPrivateKey.fromHex(privKey!);
      _web3Data.privateKey = privKey;
      _web3Data.publicKey = wallet.address.hex;

      return true;
    } on Exception catch (e, s) {
      print(e);
      return false;
    }
  }

vjgee · July 17, 2023, 7:00pm

@fabio.tadini Thanks for reaching out.

Your issue has been forwarded to our team and we will get back with further updates once more information becomes available.

gaurav · July 18, 2023, 7:59am

@fabio.tadini Pls make sure that you are using latest flutter version. Also on which Android API level devices you are getting the issue?

fabio.tadini · July 19, 2023, 8:42am

Hi,
the issue was resolved in version 2.0.1 of web3auth-flutter-sdk, released yesterday, thank you.

Now we can proceed with login, but we are facing another one issue that rise only if we build Android app in release mode.

After the first login, it seems that the private key is no more available on following app accesses and user have to login again: the problem is that the following logins attempts fail with error “Error: Could not get result from torus nodes \n Duplicate token found\n”.

Flow description:

When we start the app, this code is executed:

await Web3AuthFlutter.initialize();
String? privKey = await Web3AuthFlutter.getPrivKey();
if (privKey.isEmpty) {
      Web3AuthResponse response = await Web3AuthFlutter.login(LoginParams(
        loginProvider: Provider.jwt,
        mfaLevel: MFALevel.NONE,
        extraLoginOptions: ExtraLoginOptions(
          id_token: _auth0IdToken, //this is the id_token obtained via auth0
          domain: EnvManager.instance.get("AUTH0_DOMAIN"),
        ),
      ));
......

We expect that after the first login, for the following accesses, the function “Web3AuthFlutter.getPrivKey()” return the key, and so no login will be executed.
This works well for iOS and for Android debug mode builds, but not for Android release mode build.
For Android release mode build, the function “Web3AuthFlutter.getPrivKey()” return nothing and the a new login starts, but the attempt fails with error “Error: Could not get result from torus nodes \n Duplicate token found\n”.
Here the full stack trace:

[{"errorMsg":"Could not get result from torus nodes \n Duplicate token found","errorStack":"Error: Could not get result from torus nodes \n Duplicate token found\n at _ (https://testing.openlogin.com/js/callback.323d735c.js:1:13049)\n at Proxy.created (https://testing.openlogin.com/js/callback.323d735c.js:1:33979)","title":"Mount Error","createdAt":"19/7/2023, 10:25:10","info":{"customAuthState":{"client":"BHqSpybvqgSV7l61huog1-qbuVYeX01YekNeZbsdbuOEtUWYIgZaUveSH5eEcqZSvBkRXScL3KCZOHTJnqSkIC0","currentLoginProvider":"jwt","popupWindow":"false","whiteLabel":"{\"logoDark\":\"https://llaminaz.github.io/prova-host-js/logo.png\",\"logoLight\":\"https://xxx.github.io/prova-host-js/logo.png\",\"name\":\"Mine\",\"theme\":{\"primary\":\"#5603AD\"}}","keyMode":"v1","isCustomVerifier":"true","socialFactorFlow":"","loginId":"2043ded62b42b5a8d75175249385930f9303331137be3be38eca64da57b8dc9a","sessionNamespace":"","version":"4","instanceId":"iuld4rjlhdo","verifier":"mine-auth0-custom-verifier","typeOfLogin":"jwt","redirectToOpener":false},"customAuthArgs":{"typeOfLogin":"jwt","verifier":"mine-auth0-custom-verifier","clientId":"M6SAscZUzfF3FhRiKab3zRPgOI2ahPP2","jwtParams":{"additionalParams":{},"domain":"dev-mfyz8fafu4bi85pm.eu.auth0.com","id_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Iml6cFBtMUNOb0c4MjNpOUR1VUhRNCJ9.eyJuaWNrbmFtZSI6ImZhYmlvLnRhZGluaSIsIm5hbWUiOiJmYWJpby50YWRpbmlAeW91dGhxdWFrZS5pdCIsInBpY3R1cmUiOiJodHRwczovL3MuZ3JhdmF0YXIuY29tL2F2YXRhci8wOGQxZDBiZWIzNDY5MTcwNmFlOGQwNDZlMTU3NjlkNT9zPTQ4MCZyPXBnJmQ9aHR0cHMlM0ElMkYlMkZjZG4uYXV0aDAuY29tJTJGYXZhdGFycyUyRmZhLnBuZyIsInVwZGF0ZWRfYXQiOiIyMDIzLTA3LTE4VDE1OjI0OjI2Ljg3MloiLCJlbWFpbCI6ImZhYmlvLnRhZGluaUB5b3V0aHF1YWtlLml0IiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImlzcyI6Imh0dHBzOi8vZGV2LW1meXo4ZmFmdTRiaTg1cG0uZXUuYXV0aDAuY29tLyIsImF1ZCI6Ik02U0FzY1pVemZGM0ZoUmlLYWIzelJQZ09JMmFoUFAyIiwiaWF0IjoxNjg5NzU1MDgyLCJleHAiOjE2ODk3OTEwODIsInN1YiI6ImF1dGgwfDY0M2MyZTljZmNhMTVjMzUxOGM2YTdhYiIsInNpZCI6IlF4WHVyc01hTVFEN3hnUlBCUXVfeTktSFRQZjlnbVJHIiwibm9uY2UiOiI1c2xwZ2lxMmY1cFBvN3dYMm1wcWlSR0NaXzlHcnl1U2M5MnZ6R2RYS1pjIn0.deUFqe0fD_xr5U3Fce5dkP2_pSwB814F3TiFMymfq4PEelndB0TW5XgqHqjqE74uqe7l3JLlTWiA7FK2APnlp6TAeayKsMDLlo9hDP4ntruTPxWVM5ORWcx3qu8CfYPbqzVZTj0Ld_huPxY00HYqXLKUtc5R6OitYeB4eNveXp6wTqhJEkkASBl_9rIdwWVM9ZGmevWYRqflhpl4hSIIWDKtCzyzT1JLTfrtKre92G4Gy_KnjHRvJnBCutL4sR8sCUzrtJmeSYRPw60NKY3tDMJNA3NOFWI8sOyjrfec1AIlxMCKV0NDL7mkTCm3O9-q7jnSo8yAA5PazQIIvcjjsg"},"customState":{"client":"BHqSpybvqgSV7l61huog1-qbuVYeX01YekNeZbsdbuOEtUWYIgZaUveSH5eEcqZSvBkRXScL3KCZOHTJnqSkIC0","currentLoginProvider":"jwt","popupWindow":"false","whiteLabel":"{\"logoDark\":\"https://llaminaz.github.io/prova-host-js/logo.png\",\"logoLight\":\"https://xxx.github.io/prova-host-js/logo.png\",\"name\":\"Mine\",\"theme\":{\"primary\":\"#5603AD\"}}","keyMode":"v1","isCustomVerifier":"true","socialFactorFlow":"","loginId":"2043ded62b42b5a8d75175249385930f9303331137be3be38eca64da57b8dc9a","sessionNamespace":"","version":"4"},"hash":"state=eyJjbGllbnQiOiJCSHFTcHlidnFnU1Y3bDYxaHVvZzEtcWJ1VlllWDAxWWVrTmVaYnNkYnVPRXRVV1lJZ1phVXZlU0g1ZUVjcVpTdkJrUlhTY0wzS0NaT0hUSm5xU2tJQzAiLCJjdXJyZW50TG9naW5Qcm92aWRlciI6Imp3dCIsInBvcHVwV2luZG93IjoiZmFsc2UiLCJ3aGl0ZUxhYmVsIjoie1wibG9nb0RhcmtcIjpcImh0dHBzOi8vbGxhbWluYXouZ2l0aHViLmlvL3Byb3ZhLWhvc3QtanMvbG9nby5wbmdcIixcImxvZ29MaWdodFwiOlwiaHR0cHM6Ly9sbGFtaW5hei5naXRodWIuaW8vcHJvdmEtaG9zdC1qcy9sb2dvLnBuZ1wiLFwibmFtZVwiOlwiTWluZVwiLFwidGhlbWVcIjp7XCJwcmltYXJ5XCI6XCIjNTYwM0FEXCJ9fSIsImtleU1vZGUiOiJ2MSIsImlzQ3VzdG9tVmVyaWZpZXIiOiJ0cnVlIiwic29jaWFsRmFjdG9yRmxvdyI6IiIsImxvZ2luSWQiOiIyMDQzZGVkNjJiNDJiNWE4ZDc1MTc1MjQ5Mzg1OTMwZjkzMDMzMzExMzdiZTNiZTM4ZWNhNjRkYTU3YjhkYzlhIiwic2Vzc2lvbk5hbWVzcGFjZSI6IiIsInZlcnNpb24iOiI0IiwiaW5zdGFuY2VJZCI6Iml1bGQ0cmpsaGRvIiwidmVyaWZpZXIiOiJtaW5lLWF1dGgwLWN1c3RvbS12ZXJpZmllciIsInR5cGVPZkxvZ2luIjoiand0IiwicmVkaXJlY3RUb09wZW5lciI6ZmFsc2V9&client_id=M6SAscZUzfF3FhRiKab3zRPgOI2ahPP2&nonce=iuld4rjlhdo&additionalParams=[object+Object]&id_token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Iml6cFBtMUNOb0c4MjNpOUR1VUhRNCJ9.eyJuaWNrbmFtZSI6ImZhYmlvLnRhZGluaSIsIm5hbWUiOiJmYWJpby50YWRpbmlAeW91dGhxdWFrZS5pdCIsInBpY3R1cmUiOiJodHRwczovL3MuZ3JhdmF0YXIuY29tL2F2YXRhci8wOGQxZDBiZWIzNDY5MTcwNmFlOGQwNDZlMTU3NjlkNT9zPTQ4MCZyPXBnJmQ9aHR0cHMlM0ElMkYlMkZjZG4uYXV0aDAuY29tJTJGYXZhdGFycyUyRmZhLnBuZyIsInVwZGF0ZWRfYXQiOiIyMDIzLTA3LTE4VDE1OjI0OjI2Ljg3MloiLCJlbWFpbCI6ImZhYmlvLnRhZGluaUB5b3V0aHF1YWtlLml0IiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImlzcyI6Imh0dHBzOi8vZGV2LW1meXo4ZmFmdTRiaTg1cG0uZXUuYXV0aDAuY29tLyIsImF1ZCI6Ik02U0FzY1pVemZGM0ZoUmlLYWIzelJQZ09JMmFoUFAyIiwiaWF0IjoxNjg5NzU1MDgyLCJleHAiOjE2ODk3OTEwODIsInN1YiI6ImF1dGgwfDY0M2MyZTljZmNhMTVjMzUxOGM2YTdhYiIsInNpZCI6IlF4WHVyc01hTVFEN3hnUlBCUXVfeTktSFRQZjlnbVJHIiwibm9uY2UiOiI1c2xwZ2lxMmY1cFBvN3dYMm1wcWlSR0NaXzlHcnl1U2M5MnZ6R2RYS1pjIn0.deUFqe0fD_xr5U3Fce5dkP2_pSwB814F3TiFMymfq4PEelndB0TW5XgqHqjqE74uqe7l3JLlTWiA7FK2APnlp6TAeayKsMDLlo9hDP4ntruTPxWVM5ORWcx3qu8CfYPbqzVZTj0Ld_huPxY00HYqXLKUtc5R6OitYeB4eNveXp6wTqhJEkkASBl_9rIdwWVM9ZGmevWYRqflhpl4hSIIWDKtCzyzT1JLTfrtKre92G4Gy_KnjHRvJnBCutL4sR8sCUzrtJmeSYRPw60NKY3tDMJNA3NOFWI8sOyjrfec1AIlxMCKV0NDL7mkTCm3O9-q7jnSo8yAA5PazQIIvcjjsg","queryParameters":{}},"customAuthError":"Could not get result from torus nodes \n Duplicate token found","customAuthHashParams":{"state":"eyJjbGllbnQiOiJCSHFTcHlidnFnU1Y3bDYxaHVvZzEtcWJ1VlllWDAxWWVrTmVaYnNkYnVPRXRVV1lJZ1phVXZlU0g1ZUVjcVpTdkJrUlhTY0wzS0NaT0hUSm5xU2tJQzAiLCJjdXJyZW50TG9naW5Qcm92aWRlciI6Imp3dCIsInBvcHVwV2luZG93IjoiZmFsc2UiLCJ3aGl0ZUxhYmVsIjoie1wibG9nb0RhcmtcIjpcImh0dHBzOi8vbGxhbWluYXouZ2l0aHViLmlvL3Byb3ZhLWhvc3QtanMvbG9nby5wbmdcIixcImxvZ29MaWdodFwiOlwiaHR0cHM6Ly9sbGFtaW5hei5naXRodWIuaW8vcHJvdmEtaG9zdC1qcy9sb2dvLnBuZ1wiLFwibmFtZVwiOlwiTWluZVwiLFwidGhlbWVcIjp7XCJwcmltYXJ5XCI6XCIjNTYwM0FEXCJ9fSIsImtleU1vZGUiOiJ2MSIsImlzQ3VzdG9tVmVyaWZpZXIiOiJ0cnVlIiwic29jaWFsRmFjdG9yRmxvdyI6IiIsImxvZ2luSWQiOiIyMDQzZGVkNjJiNDJiNWE4ZDc1MTc1MjQ5Mzg1OTMwZjkzMDMzMzExMzdiZTNiZTM4ZWNhNjRkYTU3YjhkYzlhIiwic2Vzc2lvbk5hbWVzcGFjZSI6IiIsInZlcnNpb24iOiI0IiwiaW5zdGFuY2VJZCI6Iml1bGQ0cmpsaGRvIiwidmVyaWZpZXIiOiJtaW5lLWF1dGgwLWN1c3RvbS12ZXJpZmllciIsInR5cGVPZkxvZ2luIjoiand0IiwicmVkaXJlY3RUb09wZW5lciI6ZmFsc2V9","client_id":"M6SAscZUzfF3FhRiKab3zRPgOI2ahPP2","nonce":"iuld4rjlhdo","additionalParams":"[object+Object]","id_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Iml6cFBtMUNOb0c4MjNpOUR1VUhRNCJ9.eyJuaWNrbmFtZSI6ImZhYmlvLnRhZGluaSIsIm5hbWUiOiJmYWJpby50YWRpbmlAeW91dGhxdWFrZS5pdCIsInBpY3R1cmUiOiJodHRwczovL3MuZ3JhdmF0YXIuY29tL2F2YXRhci8wOGQxZDBiZWIzNDY5MTcwNmFlOGQwNDZlMTU3NjlkNT9zPTQ4MCZyPXBnJmQ9aHR0cHMlM0ElMkYlMkZjZG4uYXV0aDAuY29tJTJGYXZhdGFycyUyRmZhLnBuZyIsInVwZGF0ZWRfYXQiOiIyMDIzLTA3LTE4VDE1OjI0OjI2Ljg3MloiLCJlbWFpbCI6ImZhYmlvLnRhZGluaUB5b3V0aHF1YWtlLml0IiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImlzcyI6Imh0dHBzOi8vZGV2LW1meXo4ZmFmdTRiaTg1cG0uZXUuYXV0aDAuY29tLyIsImF1ZCI6Ik02U0FzY1pVemZGM0ZoUmlLYWIzelJQZ09JMmFoUFAyIiwiaWF0IjoxNjg5NzU1MDgyLCJleHAiOjE2ODk3OTEwODIsInN1YiI6ImF1dGgwfDY0M2MyZTljZmNhMTVjMzUxOGM2YTdhYiIsInNpZCI6IlF4WHVyc01hTVFEN3hnUlBCUXVfeTktSFRQZjlnbVJHIiwibm9uY2UiOiI1c2xwZ2lxMmY1cFBvN3dYMm1wcWlSR0NaXzlHcnl1U2M5MnZ6R2RYS1pjIn0.deUFqe0fD_xr5U3Fce5dkP2_pSwB814F3TiFMymfq4PEelndB0TW5XgqHqjqE74uqe7l3JLlTWiA7FK2APnlp6TAeayKsMDLlo9hDP4ntruTPxWVM5ORWcx3qu8CfYPbqzVZTj0Ld_huPxY00HYqXLKUtc5R6OitYeB4eNveXp6wTqhJEkkASBl_9rIdwWVM9ZGmevWYRqflhpl4hSIIWDKtCzyzT1JLTfrtKre92G4Gy_KnjHRvJnBCutL4sR8sCUzrtJmeSYRPw60NKY3tDMJNA3NOFWI8sOyjrfec1AIlxMCKV0NDL7mkTCm3O9-q7jnSo8yAA5PazQIIvcjjsg"}}}]

Can you please help us another one time?

Thanks a lot
bests

gaurav · July 19, 2023, 9:26am

Hi Fabio, I have tried with Android release build. Its working.

gaurav · July 19, 2023, 12:54pm

Pls update to latest flutter version.

fabio.tadini · July 19, 2023, 3:41pm

we already use the last flutter version, 3.10.6

fabio.tadini · July 19, 2023, 3:53pm

ok sorry, we tested the last version 2.0.2 of web3auth_flutter sdk, released today, but we still face the same problem.

gaurav · July 19, 2023, 3:54pm

Pls share screenshots.

fabio.tadini · July 19, 2023, 4:08pm

here some screenshots of the app and of our flutter code

here you can see the code with print and after the print result, no privKey is returned

gaurav · July 20, 2023, 3:27am

It seems you are redirecting user again with same token. Please use fresh token for new login.

fabio.tadini · July 20, 2023, 8:00am

Hi Gaurav,
yes ok, we already tested the flow with auth0 token refreshed, and it’s ok. But this seems a workaround, everytime we have to force refresh auth0 token and do a new login to web3auth; the problem here is that the following code always return nothing for Android release build, there’s no need to login user to web3auth everytime he opens the app if this code worked as expected:

await Web3AuthFlutter.initialize();
String? privKey = await Web3AuthFlutter.getPrivKey();

On iOS or Android debug mode build everything work as expected.

Some more data about environment:
Flutter sdk - 3.10.6
web3auth_flutter sdk - 2.0.2
auth0_flutter - 1.2.1

thank you
bests

gaurav · July 24, 2023, 8:13am

Released new flutter sdk version(2.0.3). Plz update and check.

fabio.tadini · July 24, 2023, 8:40am

Hi Gaurav
it works! thank you very much to you and to all the team!

vjgee · July 24, 2023, 1:40pm