react-native-webview : Microsoft login cookies not the same on Android and IOS. SSO KO on Android only

[JMTeamway]

Description

Hi all !

I am developping a react-native app that basically displays a Sharepoint site in a Webview.
The webview has thirdPartyCookiesEnabled and sharedCookiesEnabled properties.
The openning of the Sharepoint site redirects to Microsoft Anthentication page for user credentials.
The login process and openning of SharePoint site after is OK both on Android and IOS.
Then I try to open another site wich have SSO configured. It works on IOS but fails on Android, I have to login again.
If I do this on a chrome browser, the SSO works for both.

Having a look at the cookies I get , I noticed they are different on IOS and Android.
I am using CookieManager.get(company.webSite, true) for both.

Here is an example on the SharePoint cookie, but all the others are similar in their differences

• IOS
  "FedAuth": { "name": "FedAuth", "version": "1", "secure": true, "value": "77u/[...]PT08L1NQPg==", "expires": "2023-06-18T17:18:15.000+02:00", "path": "/", "httpOnly": true, "domain": "mytenant.sharepoint.com" },
• Android
  "FedAuth": { "httpOnly": false, "path": null, "value": "77u/[...]PT08L1NQPg==", "secure": false, "domain": null, "name": "FedAuth" },

You can notice that the cookies are not "secure" and "httponly" on Android, that both "domain" and "path" are null and that Andoid cookie do not have "expires".
Having a deeper look, ALL the cookies I have on Android have those fields null.

At the moment, I am not able to go further in investigating.
It seems to me that the Android cookie does not allow a correct scenario in SSO. Still it is working well to connect later to the SharePoint site.

Is there any configuration that would induce a different response from microsoft login depending if react-native-webview is running on IOS or Android ?
Is it the way I check the cookies content that may give me incorrect values and therefor incorrect conclusions ?
How could I go further in my analysis to identify why SSO wouldn't work on Android

Any help appreciated !

React Native Version

0.70.6

Output of npx react-native info

System:
OS: macOS 12.6
CPU: (8) x64 Apple M1
Memory: 22.70 MB / 16.00 GB
Shell: 5.8.1 - /bin/zsh
Binaries:
Node: 14.18.1 - ~/.nvm/versions/node/v14.18.1/bin/node
Yarn: 1.22.19 - /opt/homebrew/bin/yarn
npm: 9.1.2 - ~/.nvm/versions/node/v14.18.1/bin/npm
Watchman: 2022.12.12.00 - /opt/homebrew/bin/watchman
Managers:
CocoaPods: 1.11.3 - /opt/homebrew/bin/pod
SDKs:
iOS SDK:
Platforms: DriverKit 22.1, iOS 16.1, macOS 13.0, tvOS 16.1, watchOS 9.1
Android SDK: Not Found
IDEs:
Android Studio: Not Found
Xcode: 14.1/14B47b - /usr/bin/xcodebuild
Languages:
Java: 19.0.1 - /usr/bin/javac
npmPackages:
@react-native-community/cli: Not Found
react: Not Found
react-native: Not Found
react-native-macos: Not Found
npmGlobalPackages:
react-native: Not Found

Steps to reproduce

Create a react-native application.
Use a webview with thirdPartyCookiesEnabled and sharedCookiesEnabled.
Use CookieManager to display the cookies retrieved from the login proces on Android and IOS.
Open a SharePoint page and connect.

Snack, code example, screenshot, or link to a repository

I am not able to provide a sample for this scenario :-/

[github-actions]

⚠️

Newer Version of React Native is Available!

ℹ️

You are on a supported minor version, but it looks like there's a newer patch available - 0.70.10. Please upgrade to the highest patch for your minor or latest and verify if the issue persists (alternatively, create a new project and repro the issue in it). If it does not repro, please let us know so we can close out this issue. This helps us ensure we are looking at issues that still exist in the most recent releases.

[cortinico]

Are you using https://github.com/react-native-webview/react-native-webview?

[JMTeamway]

Yes, here is an extract from package.json :
"react-native-webview": "^11.26.0",

[cortinico]

Great thanks for the clarification,
Please open this issue against this other repository:

https://github.com/react-native-webview/react-native-webview/issues

I'll be closing this but feel free to reopen if the other repo points back to us as a issue in the core of React Native.

[JMTeamway]

Ok thanks for the procedure.

The issue is created here : @3008