Can't get id_token in access token.

[GinoLin980]

Is it a security issue?

No.

If you believe you have discovered a vulnerability or have an issue related to security, please DO NOT open a public issue. Instead, send us a mail to dl_oss_dev@linecorp.com.

What did you do?

Used official example on this repo and my own version but deleted requestCode in homepage.dart. Both of them didn't return a id_token, the scopes and permissions in developer console were set properly(region is set in Taiwan).

Please describe what you did before you encounter the issue.

What did you expect?

Expected to get an id_token. I want to use email and id_token to send them to my backend, then use id_token in my backend to retrieve email from LINE API(https://developers.line.biz/en/reference/line-login/#verify-id-token). Then compare the email user sent, and email stored in my database(if exists), and email from LINE API.

Please describe what you did expect to happen.

What happened actually?

Printed result:

I/flutter (18687): userId: U1527d........cbb300198857e3
I/flutter (18687): profilePic: https://profile.line-scdn.net/0ha5C........Qytx-w
I/flutter (18687): userName: Ki........hi
I/flutter (18687): email: pp........@gmail.com
I/flutter (18687): accessToken!.data: {access_token: eyJhbGciO........g9az-ObzS7C7pits8g, expires_in: 2592000, id_token: } // IDTOKEN IS BLANK!!
I/flutter (18687): idToken: null

Result in example app:

Please describe what happened actually.

Your environment?

Under android API 35 emulator with LineSDK 2.3.8. All the gradles and manifast remain the same as example app of this repo.

Some information of the environment in which the issue happened. Package version, Xcode version, iOS version, etc.

Sample project

Can be reproduced in official example of this repo.

It would be appreciated if you can provide a link to or update a sample project that we can download and reproduce the issue.

[taqi92]

i'm running this in iOS, found token successfully but in android i can't even run it. do you face any similar issue?

e: file:///Users/tanzil/.pub-cache/hosted/pub.dev/flutter_line_sdk-2.3.8/android/src/main/kotlin/com/linecorp/flutter_line_sdk/util/CommonKotlinExension.kt:3:38 Unresolved reference 'BuildConfig'.
e: file:///Users/tanzil/.pub-cache/hosted/pub.dev/flutter_line_sdk-2.3.8/android/src/main/kotlin/com/linecorp/flutter_line_sdk/util/CommonKotlinExension.kt:6:9 Unresolved reference 'BuildConfig'.

FAILURE: Build failed with an exception.

* What went wrong:
Execution failed for task ':flutter_line_sdk:compileDebugKotlin'.
> A failure occurred while executing org.jetbrains.kotlin.compilerRunner.GradleCompilerRunnerWithWorkers$GradleKotlinCompilerWorkAction
   > Compilation error. See log for more details

* Try:
> Run with --stacktrace option to get the stack trace.
> Run with --info or --debug option to get more log output.
> Run with --scan to get full insights.
> Get more help at https://help.gradle.org.

BUILD FAILED in 41s
Error: Gradle task assembleDebug failed with exit code 1
```
`

Here is my settings file

`pluginManagement {
    def flutterSdkPath = {
        def properties = new Properties()
        file("local.properties").withInputStream { properties.load(it) }
        def flutterSdkPath = properties.getProperty("flutter.sdk")
        assert flutterSdkPath != null, "flutter.sdk not set in local.properties"
        return flutterSdkPath
    }
    settings.ext.flutterSdkPath = flutterSdkPath()

    includeBuild("${settings.ext.flutterSdkPath}/packages/flutter_tools/gradle")

    repositories {
        google()
        mavenCentral()
        gradlePluginPortal()
    }
}

plugins {
    id "dev.flutter.flutter-plugin-loader" version "1.0.0"
    id "com.android.application" version "8.4.0" apply false
    // START: FlutterFire Configuration
    id "com.google.gms.google-services" version "4.3.15" apply false
    // END: FlutterFire Configuration
    id "org.jetbrains.kotlin.android" version "2.0.0" apply false
}

include ":app"`

[onevcat]

Hi,

@taqi92
For the BuildConfig, you may check this #107 and add the setting to your gradle property file.

@GinoLin980
You mentioned you have these information in the output:

I/flutter (18687): userId: U1527d........cbb300198857e3
I/flutter (18687): profilePic: https://profile.line-scdn.net/0ha5C........Qytx-w
I/flutter (18687): userName: Ki........hi
I/flutter (18687): email: pp........@gmail.com
I/flutter (18687): accessToken!.data: {access_token: eyJhbGciO........g9az-ObzS7C7pits8g, expires_in: 2592000, id_token: > } // IDTOKEN IS BLANK!!
I/flutter (18687): idToken: null

Could you share your Log.i code and the exact values and properties it prints? I believe some information, such as email, is only present in the ID token. Therefore, the issue might be in the Java/Kotlin to Flutter conversion for the ID token raw string.

@YkSix

Hi, could you try reproducing the issue and checking for potential causes? Although the conversion code appears to be correct here, I would guess something is happening to prevent the ID token string being passed to Flutter side:

https://github.com/line/flutter_line_sdk/blob/master/android/src/main/kotlin/com/linecorp/flutter_line_sdk/model/AccessToken.kt#L17-L25

[GinoLin980]

@GinoLin980 You mentioned you have these information in the output:

I/flutter (18687): userId: U1527d........cbb300198857e3
I/flutter (18687): profilePic: https://profile.line-scdn.net/0ha5C........Qytx-w
I/flutter (18687): userName: Ki........hi
I/flutter (18687): email: pp........@gmail.com
I/flutter (18687): accessToken!.data: {access_token: eyJhbGciO........g9az-ObzS7C7pits8g, expires_in: 2592000, id_token: > } // IDTOKEN IS BLANK!!
I/flutter (18687): idToken: null

Could you share your Log.i code and the exact values and properties it prints? I believe some information, such as email, is only present in the ID token. Therefore, the issue might be in the Java/Kotlin to Flutter conversion for the ID token raw string.

final loginOption = LoginOption(false, 'normal'); // 設定登入選項
final result = await LineSDK.instance.login(scopes: ['profile', 'openid', 'email'], option: loginOption); // 執行登入
final accessToken = await LineSDK.instance.currentAccessToken; // 獲取當前的存取權杖
final profile = await LineSDK.instance.getProfile(); // 獲取用戶個人資料

setState(() {
  _userEmail = result.accessToken.email; // PRINTED
  _userProfile = result.userProfile; // UNUSED
  _accessToken = accessToken;
  _idToken = result.accessToken.idToken; // PRINTED
  _userID = profile.userId; // PRINTED
  _name = profile.displayName; // PRINTED
  _profilePic = profile.pictureUrl; // PRINTED
});

--------

ElevatedButton(
            onPressed: () => {
                  print(_userID),
                  print(_profilePic),
                  print(_name),
                  print(_userEmail),
                  print(_accessToken!.data),
                  print(_idToken)
                },
            child: Text('print') // 點擊按鈕時打印用戶資訊到控制台
            )

@onevcat
Sorry, the code may be messy, I'm not familiar with Flutter. Thanks for your quick response. Also, what does the the Log.l code mean you mentioned and how can I get it.

[onevcat]

@GinoLin980 Never mind! The code snippet you pasted is enough!

[onevcat]

@GinoLin980

After some initial investigation, it appears this issue only occurs when trying to access the “current token” on Android. You should still be able to retrieve a valid ID token string immediately after the login process:

  final result = await LineSDK.instance.login(scopes: _selectedScopes.toList(), option: loginOption);
  final accessToken = await LineSDK.instance.currentAccessToken;
  print("id token: " + (result.accessToken.idTokenRaw ?? "null"));

> I/flutter ( 8806): id token: eyJraWQiOiI3ZjMx...

For now, if you need the raw ID token value (for verification purposes) or require the email, please retrieve it directly from the result immediately after login.

We will investigate the missing ID token issue when using the currentAccessToken property further and determine if a fix is necessary.

[GinoLin980]

@GinoLin980

After some initial investigation, it appears this issue only occurs when trying to access the “current token” on Android. You should still be able to retrieve a valid ID token string immediately after the login process:

  final result = await LineSDK.instance.login(scopes: _selectedScopes.toList(), option: loginOption);
  final accessToken = await LineSDK.instance.currentAccessToken;
  print("id token: " + (result.accessToken.idTokenRaw ?? "null"));

> I/flutter ( 8806): id token: eyJraWQiOiI3ZjMx...

For now, if you need the raw ID token value (for verification purposes) or require the email, please retrieve it directly from the result immediately after login.

We will investigate the missing ID token issue when using the currentAccessToken property further and determine if a fix is necessary.

@onevcat
Thanks a lot! I'll try it later.
Also, the documentation(README.md) talks less about this part. It would be great if it is being laid out.