Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

AuthenticationCallback passed in acquireToken() can reference an invalid UI causing memory leaks and NullPointerExceptions

See original GitHub issue

Since the Activity/Fragment can be destroyed at anytime by Android there is a big risk of memory leaks and the app crashing when implementing AuthenticationCallback’s onSuccess() and onError() methods.

The easiest way to see this is by enabling the “Don’t keep actives” option on Android’s Developer options. After that methods like Fragment’s isAdded() and getActivity() would report an invalid state when used inside the AuthenticationCallback.

public void onCreate(Bundle savedInstanceState) {
  AuthenticationContext adalAuthContext = new AuthenticationContext(getActivity().getApplicationContext(), AUTHORITY_URL, true);

public void loginClick() {
  adalAuthContext.acquireToken(wrapFragment(this), RESOURCE_ID, CLIENT_ID, REDIRECT_URL, emailTextView.getText().toString(), PromptBehavior.Always, "", new AuthenticationCallback<AuthenticationResult>() { // <-- This callback holds a reference to the "original" fragment (the one used to call `startActivityForResult()`)
    public void onSuccess(AuthenticationResult authenticationResult) {
      String token = authenticationResult.getAccessToken(); // <-- Valid token is returned, but can't be used
      Boolean isFragmentInAValidState = isAdded() && getActivity() != null; // <— This is false, which means the callback is referencing an old fragment instance effectively leaking it, and also causing all kinds of NPEs

    public void onError(Exception e) {

public void onActivityResult(int requestCode, int resultCode, Intent data) {
  // At this point, this is a new Fragment that has been created by Android
  super.onActivityResult(requestCode, resultCode, data);
  adalAuthContext.onActivityResult(requestCode, resultCode, data);

This issue has been discussed with @weijjia and she is looking into it.

Issue Analytics

  • State:closed
  • Created 8 years ago
  • Reactions:1
  • Comments:8 (8 by maintainers)

github_iconTop GitHub Comments

piqiumscommented, Aug 23, 2017

Hi Miguel Thanks for reporting this, but I don’t think it is an issue. ‘AuthenticationCallback’ is an interface that ADAL tell the consumer app (i.e, outlook, onenote) about the ‘AuthenticationResult’. As long as the ‘AuthenticationResult’ is passed, then how to update the UI is beyond ADAL’s scope.Let’s make the border clear. The consumer apps should take care of the UI part.

  1. if you found any memory leak, please dump the .hprof file first then analyze it. To analyze the mem leak, please read . Though it’s written years ago, the method still works great. If you find it’s related with ‘AuthenticationCallback’ or any class in ADAL, please loop in us.
  2. for the NullPointerException, the consumer app should check the variable if necessary. Thanks
Read more comments on GitHub >

github_iconTop Results From Across the Web

Unable to generate AAD Token using java - Stack Overflow
I have tried to generate aad access token using Javascript also but could not do so. Please help. Find my code here. import...
Read more >
Memory Leaks are Memory Safe | Huon on the internet
Memory unsafety and memory leaks are distinct concepts, ... Invalid free - passing an invalid address to free can corrupt the heap.
Read more >
C++ Tutorial: Debugging Crash & Memory Leak - BogoToBogo
When we try to access a method of an object using a NULL pointer, our program crashes. Here is a typical example of...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found