It looks like the page is (still) running in the InAppBrowser, which does not have access to the cordova / phonegap plugins. Do you see the "User redirected to app" log message when debugging the app? If so, the issue might be that when hitting the window.location.reload part, there is still a redirect somewhere. If not, you need to make sure that this part is triggered by detecting that Azure has redirected the user back to the app from the URL.
Do you know if this might be the case? In other words, is there still some kind of redirect in the index.html page which is triggered by reloading the window? If so, this will be automatically opened in an InAppBrowser window again, losing the cordova / phonegap context.
What we've done for one of our apps is to implement the same mechanism as described by Mendix for implementing SAML SSO on a hybrid app: https://docs.mendix.com/howto/mobile/implement-sso-on-a-hybrid-app-with-mendix-and-saml. The key here is in window.localStorage.setItem("mx-authtoken", token). This token reflects a token from a TokenInformation object (you can find this in the System module) that has been created by the SAML module. This token is detected by the hybrid app and used to create a valid session, without using redirects and/or manual login. One solution could be to change the OAuth implementation to create such a TokenInformation object, return the token to the mobile app some way (for example with a cookie mechanism, see the SAML example and the SAML code where the TokenInformation object is created in saml20\implementation\security\SessionManager.java). If you then set the mx-authtoken with this token, the hybrid app will automatically handle the session creation for you.
Hope this helps!
Hi Jos, I'm experiencing similar issues with ADFS + Barcode scanner and filed a ticket for that (76489). See also https://forum.mendix.com/link/questions/91908. Did you follow https://docs.mendix.com/howto/mobile/implement-sso-on-a-hybrid-app-with-mendix-and-saml ?
First a thank you to Allard and Axel for their elaborate answers. The cause of this issue took a while to find and without their advice it would have been a lot harder if not impossible.
The hardest part was remote/mobile debugging which isn't possible by default with Samsung phones. Even Google states it in the documentation. Ever heard of using ‘audio source’ as a setting for the USB-configuration? See: https://learntech.imsu.ox.ac.uk/blog/remote-debugging-samsung-galaxy-7-edge-with-chrome/
After I got this contraption of a debugging setup up and running finding out the cause of the Oauth2 issue was a breeze.
To all app/cloud administrators out there: please do not use capital letters in your URL's. Thank you.