Title:
Android TWA opens Chrome Custom Tab during OAuth login when using a no-code platform (Base44) with multiple domains

Body:

I'm trying to publish an Android app based on a PWA using Trusted Web Activity (TWA).

The web app works perfectly at:

https://maystok.com

It has a valid manifest.json and an assetlinks.json configured at:

<https://maystok.com/.well-known/assetlinks.json>

When the PWA is installed from Chrome on mobile, it runs correctly in standalone mode without the browser UI.

However, when the Android app is installed from Google Play, the login flow triggers a Chrome Custom Tab instead of staying inside the TWA.

Current flow

App launch
↓
https://maystok.com (landing page)
↓
User clicks "Try Free"
↓
Google login
↓
redirect to por.base44.com
↓
Google account selection
↓
redirect to maystok.base44.app
↓
Dashboard loads

At the step where the login redirects to:

por.base44.com

Android opens a Chrome Custom Tab showing the browser UI.

What I've already checked

• assetlinks.json is correctly hosted at
  https://maystok.com/.well-known/assetlinks.json

• The package name matches the one in Google Play

• SHA256 from Play Console is included

• The PWA manifest uses "display": "standalone"

• The issue only happens when the OAuth login starts

My hypothesis

Because the authentication flow goes through multiple domains:

maystok.com
por.base44.com
maystok.base44.app

Android cannot verify the trust relationship for the intermediate domains, so it falls back to Chrome Custom Tabs.

Questions

1. Is it possible for a TWA to remain fullscreen if the OAuth flow redirects through domains I do not control?

2. Would adding ADDITIONAL_TRUSTED_ORIGINS in the AndroidManifest solve this if those domains don't expose assetlinks.json?

3. Is the only reliable solution to ensure the entire authentication flow happens under the same origin (e.g. maystok.com)?

Any advice from developers who have deployed PWAs with OAuth in TWA would be greatly appreciated.