Granted permission does not stick on mobile

ryan.p.farthing · December 30, 2021, 1:36am

My extension has a button that asks for identity access, using window.Twitch.ext.actions.requestIdShare(). It works as expected on desktop, but on mobile (Android for me), the user has to grant permission every time they view the extension panel. I have searched the documentation and haven’t found any clues. I have tried other extensions on mobile that remember my preference.
Is there something I am missing? The extension is active on Twitch.
Thank you for your help!

BarryCarlyon · December 30, 2021, 11:05am

I’ve not been able to repilicate this on my pixel6 (on my own Extensions)

And I’ve been doing a lot of testing the last couple of weeks (and on super bad internet)

There are two things that will reset a user Auth to an extesion

Revoking the auth on the extension
Revoking the auth on the connections page

A user password reset may trigger the second one.

But if it’s only doing it for your extension that is very very odd

it looks like (on desktop) the button flickers as “not shared” then realises I am actually authed.

So, when I hit you “allow id” button again (after checking I’m authed first) on Android I’m presented with the “you are about to revoke” which means I’m already shared, but your code didn’t order of operations correctly for mobile users, and thinks the user is not authorised. And showing the “Allow Identity” button in error.

So the probem is your code, not Twitch.

Note the difference in the wording saying “Revoke Permissions” instead of grant.

for completeness the “normal” Grant UI

TLDR: it is sticking but your code isn’t working correclty/reading status correctly.

ryan.p.farthing · December 30, 2021, 4:09pm

Barry, thanks for looking into this! I wish I had taken screenshots yesterday because the behavior was very different, but I am seeing the same thing you are describing now.

My onAuthorized callback fetches the user’s display name using their token and shows/hides the button according to their linked state. It relies on onAuthorized firing every time the panel loads. This seems like an incorrect assumption now, but it worked as expected on desktop so I didn’t notice this problem until testing mobile.

I will change my assumption and see if it resolves the issue. Thanks for your help! I’ll post my result here.

BarryCarlyon · December 30, 2021, 4:17pm

If you mean HelixToken. There is no Helix Token on mobile at the moment: see

github.com/twitchdev/issues

`helixToken` `undefined` in mobile apps

opened 11:37AM - 24 Jul 21 UTC

closed 05:56PM - 22 Aug 23 UTC

freaktechnik

product: extensions

**Brief description** Extensions now get a `helixToken` to make calls to the Tw…itch API from the front-end. However, this token is not passed in the Android app (yet). **How to reproduce** Output `helixToken` in the onAuthorized callback when the extension is loaded in the Android app. **Expected behavior** `helixToken` is documented without caveats of availability, so it should be available everywhere the extension is loaded. **Screenshots** **Additional context or questions** The Twitch app on Android I'm using is Version 11.1.0 and Google Play offers me no update. I have also had matching reports from users of the extension.

So if you are relying on the helixToken call/username lookup call to succeed that is your issue.

I just tested this on my iOS and Droid devices and can confirm no helixToken on either

ryan.p.farthing · December 30, 2021, 6:09pm

Ah yes, that is the issue. I am moving my API call to my backend to work around this missing helix token.