fix: sso flow fails after using a deep link [WPB-23906] (#4628)

MohamadJaara · MohamadJaara · commit ddc93635f63e · 2026-03-09T14:39:20.000+01:00
(cherry picked from commit 735e9a6)
diff --git a/app/src/main/kotlin/com/wire/android/navigation/MainNavHost.kt b/app/src/main/kotlin/com/wire/android/navigation/MainNavHost.kt
@@ -26,13 +26,9 @@ import androidx.compose.ui.Modifier
 import androidx.hilt.navigation.compose.hiltViewModel
 import com.ramcosta.composedestinations.DestinationsNavHost
 import com.ramcosta.composedestinations.generated.app.destinations.ConversationScreenDestination
-import com.ramcosta.composedestinations.generated.app.destinations.LoginScreenDestination
 import com.ramcosta.composedestinations.generated.app.destinations.NewLoginPasswordScreenDestination
-import com.ramcosta.composedestinations.generated.app.destinations.NewLoginScreenDestination
 import com.ramcosta.composedestinations.generated.app.destinations.NewLoginVerificationCodeScreenDestination
-import com.ramcosta.composedestinations.generated.app.navgraphs.LoginGraph
 import com.ramcosta.composedestinations.generated.app.navgraphs.NewConversationGraph
-import com.ramcosta.composedestinations.generated.app.navgraphs.NewLoginGraph
 import com.ramcosta.composedestinations.generated.app.navgraphs.PersonalToTeamMigrationGraph
 import com.ramcosta.composedestinations.generated.app.navgraphs.WireRootGraph
 import com.ramcosta.composedestinations.generated.app.navtype.groupConversationDetailsNavBackArgsNavType
@@ -49,8 +45,6 @@ import com.ramcosta.composedestinations.scope.resultRecipient
 import com.ramcosta.composedestinations.spec.Direction
 import com.wire.android.feature.sketch.model.DrawingCanvasNavBackArgs
 import com.wire.android.ui.authentication.login.email.LoginEmailViewModel
-import com.wire.android.ui.authentication.login.sso.SSOUrlConfigHolder
-import com.wire.android.ui.authentication.login.sso.SSOUrlConfigHolderImpl
 import com.wire.android.ui.home.conversations.ConversationScreen
 import com.wire.android.ui.home.newconversation.NewConversationViewModel
 import com.wire.android.ui.userprofile.teammigration.TeamMigrationViewModel
@@ -75,14 +69,6 @@ fun MainNavHost(
             // 👇 To make Navigator available to all destinations as a non-navigation parameter
             dependency(navigator)
 
-            // Always provide a default SSO holder at root scope so destinations can resolve it
-            // even when navigated directly without going through the expected nested graph route.
-            val rootEntry = remember(navBackStackEntry) {
-                navController.getBackStackEntry(WireRootGraph.route)
-            }
-            val rootSSOHolder: SSOUrlConfigHolder = SSOUrlConfigHolderImpl(rootEntry.savedStateHandle)
-            dependency(rootSSOHolder)
-
             // 👇 To make LoginTypeSelector available to all destinations as a non-navigation parameter if provided
             if (loginTypeSelector != null) dependency(loginTypeSelector)
 
@@ -102,35 +88,6 @@ fun MainNavHost(
                 dependency(hiltViewModel<LoginEmailViewModel>(loginPasswordEntry))
             }
 
-            // 👇 To tie SSOUrlConfigHolder to nested LoginNavGraph, making it shared between all screens that belong to it
-            navGraph(LoginGraph) {
-                val parentEntry = remember(navBackStackEntry) {
-                    navController.getBackStackEntry(LoginGraph.route)
-                }
-                val holder: SSOUrlConfigHolder = SSOUrlConfigHolderImpl(parentEntry.savedStateHandle)
-                dependency(holder)
-            }
-
-            // 👇 To tie SSOUrlConfigHolder to nested NewLoginNavGraph, making it shared between all screens that belong to it
-            navGraph(NewLoginGraph) {
-                val parentEntry = remember(navBackStackEntry) {
-                    navController.getBackStackEntry(NewLoginGraph.route)
-                }
-                val holder: SSOUrlConfigHolder = SSOUrlConfigHolderImpl(parentEntry.savedStateHandle)
-                dependency(holder)
-            }
-
-            // Some flows navigate directly to screen destinations instead of the nav graph route.
-            // Provide the dependency at destination scope as a safe fallback.
-            destination(LoginScreenDestination) {
-                val holder: SSOUrlConfigHolder = SSOUrlConfigHolderImpl(navBackStackEntry.savedStateHandle)
-                dependency(holder)
-            }
-            destination(NewLoginScreenDestination) {
-                val holder: SSOUrlConfigHolder = SSOUrlConfigHolderImpl(navBackStackEntry.savedStateHandle)
-                dependency(holder)
-            }
-
             // 👇 To tie TeamMigrationViewModel to PersonalToTeamMigrationNavGraph, making it shared between all screens that belong to it
             navGraph(PersonalToTeamMigrationGraph) {
                 val parentEntry = remember(navBackStackEntry) {
diff --git a/app/src/main/kotlin/com/wire/android/ui/authentication/login/LoginScreen.kt b/app/src/main/kotlin/com/wire/android/ui/authentication/login/LoginScreen.kt
@@ -18,7 +18,6 @@
 
 package com.wire.android.ui.authentication.login
 
-import com.wire.android.navigation.annotation.app.WireLoginDestination
 import androidx.annotation.StringRes
 import androidx.compose.animation.AnimatedContent
 import androidx.compose.animation.togetherWith
@@ -46,18 +45,21 @@ import androidx.compose.ui.platform.LocalFocusManager
 import androidx.compose.ui.platform.LocalSoftwareKeyboardController
 import androidx.compose.ui.res.stringResource
 import androidx.hilt.navigation.compose.hiltViewModel
+import com.ramcosta.composedestinations.generated.app.destinations.E2EIEnrollmentScreenDestination
+import com.ramcosta.composedestinations.generated.app.destinations.HomeScreenDestination
+import com.ramcosta.composedestinations.generated.app.destinations.InitialSyncScreenDestination
+import com.ramcosta.composedestinations.generated.app.destinations.RemoveDeviceScreenDestination
 import com.wire.android.R
 import com.wire.android.navigation.BackStackMode
 import com.wire.android.navigation.NavigationCommand
 import com.wire.android.navigation.Navigator
+import com.wire.android.navigation.annotation.app.WireLoginDestination
 import com.wire.android.navigation.style.TransitionAnimationType
 import com.wire.android.ui.authentication.create.common.ServerTitle
 import com.wire.android.ui.authentication.login.email.LoginEmailScreen
 import com.wire.android.ui.authentication.login.email.LoginEmailVerificationCodeScreen
 import com.wire.android.ui.authentication.login.email.LoginEmailViewModel
 import com.wire.android.ui.authentication.login.sso.LoginSSOScreen
-import com.wire.android.ui.authentication.login.sso.SSOUrlConfigHolder
-import com.wire.android.ui.authentication.login.sso.SSOUrlConfigHolderPreview
 import com.wire.android.ui.common.TabItem
 import com.wire.android.ui.common.WireTabRow
 import com.wire.android.ui.common.calculateCurrentTab
@@ -68,10 +70,6 @@ import com.wire.android.ui.common.scaffold.WireScaffold
 import com.wire.android.ui.common.topappbar.NavigationIconType
 import com.wire.android.ui.common.topappbar.WireCenterAlignedTopAppBar
 import com.wire.android.ui.common.visbility.rememberVisibilityState
-import com.ramcosta.composedestinations.generated.app.destinations.E2EIEnrollmentScreenDestination
-import com.ramcosta.composedestinations.generated.app.destinations.HomeScreenDestination
-import com.ramcosta.composedestinations.generated.app.destinations.InitialSyncScreenDestination
-import com.ramcosta.composedestinations.generated.app.destinations.RemoveDeviceScreenDestination
 import com.wire.android.ui.theme.WireTheme
 import com.wire.android.ui.theme.wireDimensions
 import com.wire.android.ui.theme.wireTypography
@@ -88,7 +86,6 @@ import kotlinx.coroutines.launch
 fun LoginScreen(
     navigator: Navigator,
     loginNavArgs: LoginNavArgs,
-    ssoUrlConfigHolder: SSOUrlConfigHolder,
     loginEmailViewModel: LoginEmailViewModel = hiltViewModel()
 ) {
 
@@ -110,7 +107,7 @@ fun LoginScreen(
         },
         loginEmailViewModel = loginEmailViewModel,
         ssoLoginResult = loginNavArgs.ssoLoginResult,
-        ssoUrlConfigHolder = ssoUrlConfigHolder,
+//        ssoUrlConfigHolder = ssoUrlConfigHolder,
     )
 }
 
@@ -121,7 +118,6 @@ private fun LoginContent(
     onRemoveDeviceNeeded: () -> Unit,
     loginEmailViewModel: LoginEmailViewModel,
     ssoLoginResult: DeepLinkResult.SSOLogin?,
-    ssoUrlConfigHolder: SSOUrlConfigHolder,
 ) {
     Column(modifier = Modifier.fillMaxSize()) {
         /*
@@ -144,7 +140,7 @@ private fun LoginContent(
                     onRemoveDeviceNeeded = onRemoveDeviceNeeded,
                     loginEmailViewModel = loginEmailViewModel,
                     ssoLoginResult = ssoLoginResult,
-                    ssoUrlConfigHolder = ssoUrlConfigHolder
+//                    ssoUrlConfigHolder = ssoUrlConfigHolder
                 )
             }
         }
@@ -159,7 +155,6 @@ private fun MainLoginContent(
     onRemoveDeviceNeeded: () -> Unit,
     loginEmailViewModel: LoginEmailViewModel,
     ssoLoginResult: DeepLinkResult.SSOLogin?,
-    ssoUrlConfigHolder: SSOUrlConfigHolder,
 ) {
 
     val scope = rememberCoroutineScope()
@@ -228,7 +223,12 @@ private fun MainLoginContent(
             ) { pageIndex ->
                 when (LoginTabItem.values()[pageIndex]) {
                     LoginTabItem.EMAIL -> LoginEmailScreen(onSuccess, onRemoveDeviceNeeded, loginEmailViewModel, scrollState)
-                    LoginTabItem.SSO -> LoginSSOScreen(onSuccess, onRemoveDeviceNeeded, ssoLoginResult, ssoUrlConfigHolder)
+                    LoginTabItem.SSO -> LoginSSOScreen(
+                        onSuccess,
+                        onRemoveDeviceNeeded,
+                        ssoLoginResult,
+//                        ssoUrlConfigHolder
+                    )
                 }
             }
             if (!pagerState.isScrollInProgress && focusedTabIndex != pagerState.currentPage) {
@@ -245,6 +245,7 @@ private fun MainLoginContent(
 enum class LoginTabItem(@StringRes val titleResId: Int) : TabItem {
     EMAIL(R.string.login_tab_email),
     SSO(R.string.login_tab_sso);
+
     override val title: UIText = UIText.StringResource(titleResId)
 }
 
@@ -258,7 +259,7 @@ private fun PreviewLoginScreen() = WireTheme {
             onRemoveDeviceNeeded = {},
             loginEmailViewModel = hiltViewModel(),
             ssoLoginResult = null,
-            ssoUrlConfigHolder = SSOUrlConfigHolderPreview,
+//            ssoUrlConfigHolder = SSOUrlConfigHolderPreview,
         )
     }
 }
diff --git a/app/src/main/kotlin/com/wire/android/ui/authentication/login/sso/LoginSSOScreen.kt b/app/src/main/kotlin/com/wire/android/ui/authentication/login/sso/LoginSSOScreen.kt
@@ -64,15 +64,16 @@ fun LoginSSOScreen(
     onSuccess: (initialSyncCompleted: Boolean, isE2EIRequired: Boolean) -> Unit,
     onRemoveDeviceNeeded: () -> Unit,
     ssoLoginResult: DeepLinkResult.SSOLogin?,
-    ssoUrlConfigHolder: SSOUrlConfigHolder,
     loginSSOViewModel: LoginSSOViewModel = hiltViewModel(),
     scrollState: ScrollState = rememberScrollState()
 ) {
     val scope = rememberCoroutineScope()
     val context = LocalContext.current
 
     LaunchedEffect(ssoLoginResult) {
-        loginSSOViewModel.handleSSOResult(ssoLoginResult, ssoUrlConfigHolder.get()?.serverConfig)
+        loginSSOViewModel.handleSSOResult(
+            ssoLoginResult,
+        )
     }
     LoginSSOContent(
         scrollState = scrollState,
@@ -85,12 +86,11 @@ fun LoginSSOScreen(
         },
         onLoginButtonClick = loginSSOViewModel::login,
         onCustomServerDialogDismiss = loginSSOViewModel::onCustomServerDialogDismiss,
-         onCustomServerDialogConfirm = loginSSOViewModel::onCustomServerDialogConfirm
+        onCustomServerDialogConfirm = loginSSOViewModel::onCustomServerDialogConfirm
     )
 
     LaunchedEffect(loginSSOViewModel) {
         loginSSOViewModel.openWebUrl.onEach { (url, serverConfig) ->
-            ssoUrlConfigHolder.set(SSOUrlConfig(serverConfig))
             CustomTabsHelper.launchUrl(context, url)
         }.launchIn(scope)
     }
diff --git a/app/src/main/kotlin/com/wire/android/ui/authentication/login/sso/LoginSSOViewModel.kt b/app/src/main/kotlin/com/wire/android/ui/authentication/login/sso/LoginSSOViewModel.kt
@@ -156,7 +156,7 @@ class LoginSSOViewModel(
                                 ssoCode = defaultSSOCode,
                                 onAuthScopeFailure = { updateSSOFlowState(it.toLoginError()) },
                                 onSSOInitiateFailure = { updateSSOFlowState(it.toLoginSSOError()) },
-                                onSuccess = { requestUrl, _ -> openWebUrl(requestUrl, state.serverLinks) }
+                                onSuccess = { requestUrl -> openWebUrl(requestUrl, state.serverLinks) }
                             )
                         }
                     }
@@ -208,7 +208,7 @@ class LoginSSOViewModel(
                 ssoCode = ssoTextState.text.toString(),
                 onAuthScopeFailure = { updateSSOFlowState(it.toLoginError()) },
                 onSSOInitiateFailure = { updateSSOFlowState(it.toLoginSSOError()) },
-                onSuccess = { requestUrl, _ -> openWebUrl(requestUrl, serverConfig) }
+                onSuccess = { requestUrl -> openWebUrl(requestUrl, serverConfig) }
             )
         }
     }
@@ -218,14 +218,12 @@ class LoginSSOViewModel(
     fun establishSSOSession(
         cookie: String,
         serverConfigId: String,
-        serverConfig: ServerConfig.Links? = null,
     ) {
         updateSSOFlowState(LoginState.Loading)
         viewModelScope.launch {
             ssoExtension.establishSSOSession(
                 cookie = cookie,
                 serverConfigId = serverConfigId,
-                serverConfig = serverConfig ?: this@LoginSSOViewModel.serverConfig,
                 onAuthScopeFailure = { updateSSOFlowState(it.toLoginError()) },
                 onSSOLoginFailure = { updateSSOFlowState(it.toLoginError()) },
                 onAddAuthenticatedUserFailure = { updateSSOFlowState(it.toLoginError()) },
@@ -247,10 +245,15 @@ class LoginSSOViewModel(
         }
     }
 
-    fun handleSSOResult(ssoLoginResult: DeepLinkResult.SSOLogin?, serverConfig: ServerConfig.Links? = null) {
+    fun handleSSOResult(
+        ssoLoginResult: DeepLinkResult.SSOLogin?,
+    ) {
         when (ssoLoginResult) {
             is DeepLinkResult.SSOLogin.Success -> {
-                establishSSOSession(ssoLoginResult.cookie, ssoLoginResult.serverConfigId, serverConfig)
+                establishSSOSession(
+                    ssoLoginResult.cookie,
+                    ssoLoginResult.serverConfigId,
+                )
             }
 
             is DeepLinkResult.SSOLogin.Failure ->
diff --git a/app/src/main/kotlin/com/wire/android/ui/authentication/login/sso/LoginSSOViewModelExtension.kt b/app/src/main/kotlin/com/wire/android/ui/authentication/login/sso/LoginSSOViewModelExtension.kt
@@ -17,6 +17,7 @@
  */
 package com.wire.android.ui.authentication.login.sso
 
+import com.wire.android.appLogger
 import com.wire.kalium.logic.CoreLogic
 import com.wire.kalium.logic.configuration.server.ServerConfig
 import com.wire.kalium.logic.data.user.UserId
@@ -52,13 +53,13 @@ class LoginSSOViewModelExtension(
         ssoCode: String,
         onAuthScopeFailure: (AutoVersionAuthScopeUseCase.Result.Failure) -> Unit,
         onSSOInitiateFailure: (SSOInitiateLoginResult.Failure) -> Unit,
-        onSuccess: suspend (redirectUrl: String, serverConfig: ServerConfig.Links) -> Unit,
+        onSuccess: suspend (redirectUrl: String) -> Unit,
     ) {
         withAuthenticationScope(serverConfig, onAuthScopeFailure) { authScope ->
             authScope.ssoLoginScope.initiate(SSOInitiateLoginUseCase.Param.WithRedirect(ssoCode)).let { result ->
                 when (result) {
                     is SSOInitiateLoginResult.Failure -> onSSOInitiateFailure(result)
-                    is SSOInitiateLoginResult.Success -> onSuccess(result.requestUrl, serverConfig)
+                    is SSOInitiateLoginResult.Success -> onSuccess(result.requestUrl)
                 }
             }
         }
@@ -84,34 +85,44 @@ class LoginSSOViewModelExtension(
     suspend fun establishSSOSession(
         cookie: String,
         serverConfigId: String,
-        serverConfig: ServerConfig.Links,
         onAuthScopeFailure: (AutoVersionAuthScopeUseCase.Result.Failure) -> Unit,
         onSSOLoginFailure: (SSOLoginSessionResult.Failure) -> Unit,
         onAddAuthenticatedUserFailure: (AddAuthenticatedUserUseCase.Result.Failure) -> Unit,
         onSuccess: suspend (UserId) -> Unit,
     ) {
-        withAuthenticationScope(serverConfig, onAuthScopeFailure) { authScope ->
-            authScope.ssoLoginScope.getLoginSession(cookie).let { ssoLoginResult ->
-                when (ssoLoginResult) {
-                    is SSOLoginSessionResult.Failure -> onSSOLoginFailure(ssoLoginResult)
-                    is SSOLoginSessionResult.Success -> {
-                        addAuthenticatedUser(
-                            authTokens = ssoLoginResult.accountTokens,
-                            ssoId = ssoLoginResult.ssoId,
-                            serverConfigId = serverConfigId,
-                            proxyCredentials = ssoLoginResult.proxyCredentials,
-                            managedBy = ssoLoginResult.managedBy,
-                            isPersistentWebSocketEnabled = defaultWebSocketEnabledByDefault,
-                            replace = false
-                        ).let { authenticatedUserResult ->
-                            when (authenticatedUserResult) {
-                                is AddAuthenticatedUserUseCase.Result.Failure -> onAddAuthenticatedUserFailure(authenticatedUserResult)
-                                is AddAuthenticatedUserUseCase.Result.Success -> onSuccess(authenticatedUserResult.userId)
-                            }
-                        }
-                    }
-                }
+        val authScope = when (val result = coreLogic.authenticationScopeForConfigId(serverConfigId)) {
+            is AutoVersionAuthScopeUseCase.Result.Success -> {
+                appLogger.i("SSO: Resolved auth scope from serverConfigId=$serverConfigId")
+                result.authenticationScope
+            }
+            is AutoVersionAuthScopeUseCase.Result.Failure -> {
+                appLogger.e("SSO: Failed to resolve auth scope for serverConfigId=$serverConfigId")
+                onAuthScopeFailure(result)
+                return
+            }
+        }
+
+        val ssoLoginSuccess = when (val ssoLoginResult = authScope.ssoLoginScope.getLoginSession(cookie)) {
+            is SSOLoginSessionResult.Failure -> {
+                onSSOLoginFailure(ssoLoginResult)
+                return
             }
+            is SSOLoginSessionResult.Success -> ssoLoginResult
+        }
+
+        val authenticatedUserResult = addAuthenticatedUser(
+            authTokens = ssoLoginSuccess.accountTokens,
+            ssoId = ssoLoginSuccess.ssoId,
+            serverConfigId = serverConfigId,
+            proxyCredentials = ssoLoginSuccess.proxyCredentials,
+            managedBy = ssoLoginSuccess.managedBy,
+            isPersistentWebSocketEnabled = defaultWebSocketEnabledByDefault,
+            replace = false
+        )
+
+        when (authenticatedUserResult) {
+            is AddAuthenticatedUserUseCase.Result.Failure -> onAddAuthenticatedUserFailure(authenticatedUserResult)
+            is AddAuthenticatedUserUseCase.Result.Success -> onSuccess(authenticatedUserResult.userId)
         }
     }
 }
diff --git a/app/src/main/kotlin/com/wire/android/ui/authentication/login/sso/SSOUrlConfig.kt b/app/src/main/kotlin/com/wire/android/ui/authentication/login/sso/SSOUrlConfig.kt
@@ -0,0 +1,23 @@
+/*
+ * Wire
+ * Copyright (C) 2025 Wire Swiss GmbH
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see http://www.gnu.org/licenses/.
+ */
+package com.wire.android.ui.authentication.login.sso
+
+import kotlinx.serialization.Serializable
+
+@Serializable
+data class SSOUrlConfig(val userIdentifier: String = "")
diff --git a/app/src/main/kotlin/com/wire/android/ui/authentication/login/sso/SSOUrlConfigHolder.kt b/app/src/main/kotlin/com/wire/android/ui/authentication/login/sso/SSOUrlConfigHolder.kt
diff --git a/app/src/main/kotlin/com/wire/android/ui/newauthentication/login/NewLoginScreen.kt b/app/src/main/kotlin/com/wire/android/ui/newauthentication/login/NewLoginScreen.kt
diff --git a/app/src/main/kotlin/com/wire/android/ui/newauthentication/login/NewLoginViewModel.kt b/app/src/main/kotlin/com/wire/android/ui/newauthentication/login/NewLoginViewModel.kt

Original file line number	Diff line number	Diff line change
`@@ -156,7 +156,7 @@ class LoginSSOViewModel(`
`156`	`156`	`ssoCode = defaultSSOCode,`
`157`	`157`	`onAuthScopeFailure = { updateSSOFlowState(it.toLoginError()) },`
`158`	`158`	`onSSOInitiateFailure = { updateSSOFlowState(it.toLoginSSOError()) },`
`159`		`- onSuccess = { requestUrl, _ -> openWebUrl(requestUrl, state.serverLinks) }`
	`159`	`+ onSuccess = { requestUrl -> openWebUrl(requestUrl, state.serverLinks) }`
`160`	`160`	`)`
`161`	`161`	`}`
`162`	`162`	`}`
`@@ -208,7 +208,7 @@ class LoginSSOViewModel(`
`208`	`208`	`ssoCode = ssoTextState.text.toString(),`
`209`	`209`	`onAuthScopeFailure = { updateSSOFlowState(it.toLoginError()) },`
`210`	`210`	`onSSOInitiateFailure = { updateSSOFlowState(it.toLoginSSOError()) },`
`211`		`- onSuccess = { requestUrl, _ -> openWebUrl(requestUrl, serverConfig) }`
	`211`	`+ onSuccess = { requestUrl -> openWebUrl(requestUrl, serverConfig) }`
`212`	`212`	`)`
`213`	`213`	`}`
`214`	`214`	`}`
`@@ -218,14 +218,12 @@ class LoginSSOViewModel(`
`218`	`218`	`fun establishSSOSession(`
`219`	`219`	`cookie: String,`
`220`	`220`	`serverConfigId: String,`
`221`		`- serverConfig: ServerConfig.Links? = null,`
`222`	`221`	`) {`
`223`	`222`	`updateSSOFlowState(LoginState.Loading)`
`224`	`223`	`viewModelScope.launch {`
`225`	`224`	`ssoExtension.establishSSOSession(`
`226`	`225`	`cookie = cookie,`
`227`	`226`	`serverConfigId = serverConfigId,`
`228`		`- serverConfig = serverConfig ?: this@LoginSSOViewModel.serverConfig,`
`229`	`227`	`onAuthScopeFailure = { updateSSOFlowState(it.toLoginError()) },`
`230`	`228`	`onSSOLoginFailure = { updateSSOFlowState(it.toLoginError()) },`
`231`	`229`	`onAddAuthenticatedUserFailure = { updateSSOFlowState(it.toLoginError()) },`
`@@ -247,10 +245,15 @@ class LoginSSOViewModel(`
`247`	`245`	`}`
`248`	`246`	`}`
`249`	`247`
`250`		`- fun handleSSOResult(ssoLoginResult: DeepLinkResult.SSOLogin?, serverConfig: ServerConfig.Links? = null) {`
	`248`	`+ fun handleSSOResult(`
	`249`	`+ ssoLoginResult: DeepLinkResult.SSOLogin?,`
	`250`	`+ ) {`
`251`	`251`	`when (ssoLoginResult) {`
`252`	`252`	`is DeepLinkResult.SSOLogin.Success -> {`
`253`		`- establishSSOSession(ssoLoginResult.cookie, ssoLoginResult.serverConfigId, serverConfig)`
	`253`	`+ establishSSOSession(`
	`254`	`+ ssoLoginResult.cookie,`
	`255`	`+ ssoLoginResult.serverConfigId,`
	`256`	`+ )`
`254`	`257`	`}`
`255`	`258`
`256`	`259`	`is DeepLinkResult.SSOLogin.Failure ->`