Describe the Bug
After completing OIDC authorization in the browser, the app stays on "generating sign in code..." indefinitely. The success page fires an Android deep link via window.location.href = "intent://auth-success#Intent;scheme=pangolin;package=net.pangolin.Pangolin;end" — but Firefox on Android silently ignores intent:// URIs (this scheme is Chrome-only). The app never receives the callback and never polls for the session token.
Server side completes correctly: deviceWebAuthCodes shows verified=1 with the correct userId populated. Zero network traffic from the device after the OIDC redirect — the app is simply never signaled.
Environment
- Pangolin: 1.17.1
- Android app: latest (Play Store)
- Browser: Firefox for Android (reproduced); Chrome for Android (works)
To Reproduce
- Open the Pangolin Android app → tap Sign In
- When the browser opens, complete OIDC authorization (Authentik)
- Browser reaches the success page
- App remains on "generating sign in code..." spinner indefinitely
Expected Behavior
App receives the deep link callback, polls /api/v1/auth/device-web-auth/poll/, and completes login.
Describe the Bug
After completing OIDC authorization in the browser, the app stays on "generating sign in code..." indefinitely. The success page fires an Android deep link via window.location.href = "intent://auth-success#Intent;scheme=pangolin;package=net.pangolin.Pangolin;end" — but Firefox on Android silently ignores intent:// URIs (this scheme is Chrome-only). The app never receives the callback and never polls for the session token.
Server side completes correctly: deviceWebAuthCodes shows verified=1 with the correct userId populated. Zero network traffic from the device after the OIDC redirect — the app is simply never signaled.
Environment
To Reproduce
Expected Behavior
App receives the deep link callback, polls /api/v1/auth/device-web-auth/poll/
, and completes login.