Acknowledged
5 months ago

Connect IQ SDK 7.4.3 Oauth2 malforms urls on Android

When using the authenticate oauth2 API, the url sent to the default browser by the Connect IQ app is malformed on Android devices.

The url should look like https://requesturl?parameter1=xxxxx&parameter2=yyy etc

But instead it produces https://requesturl&parameter1=xxxxx&parameter=yyy 

The url is correctly formed on iPhone devices. Suggesting the bug is in the Android Connect IQ app

Ultra
Parents
  • 6 months ago

    Also, I realize that the order of keys in a Dictionary is not guaranteed to match the insertion order, which means that my previous solution isn't quite right.

    I think this could be fixed by prefixing every param name with an extra "&", which should be ignored by the server. If you do this, you don't even need an extra "dontcare" key in the params dictionary.

    Auth.makeOAuthRequest(
       "https :// requesturl?dontcare=1", // requestUrl
       { // requestParams
          "&param1" => "A",
          "&param2" => "B"
       },
       //...
    )

    On android (with the param order switched up to prove it doesn't matter):

    requesturl?dontcare=1&&param2=B&&param1=A

    - dontcare = 1
    - param1 = A
    - param2 = B

    On iphone:

    requesturl?dontcare=1?&param2=B&&param1=A

    - dontcare = 1?
    -     param1 = A
    - param2 = B

    The keys here (no pun intended):

    - on iphone, the leading "?" (correct) in the "real" query string will be including in the value of the "dontcare" param

    - on android, the leading "&" (incorrect") in the "real" query string will simply be ignored, since it's just an extra "&" in front of another "&" (indicating an empty key/value pair, I think)

    - the extra "&" in front of each real param will ensure none of them will be included in the value of the "dontcare" param, regardless of the order the params are written out

Comment
  • 6 months ago

    Also, I realize that the order of keys in a Dictionary is not guaranteed to match the insertion order, which means that my previous solution isn't quite right.

    I think this could be fixed by prefixing every param name with an extra "&", which should be ignored by the server. If you do this, you don't even need an extra "dontcare" key in the params dictionary.

    Auth.makeOAuthRequest(
       "https :// requesturl?dontcare=1", // requestUrl
       { // requestParams
          "&param1" => "A",
          "&param2" => "B"
       },
       //...
    )

    On android (with the param order switched up to prove it doesn't matter):

    requesturl?dontcare=1&&param2=B&&param1=A

    - dontcare = 1
    - param1 = A
    - param2 = B

    On iphone:

    requesturl?dontcare=1?&param2=B&&param1=A

    - dontcare = 1?
    -     param1 = A
    - param2 = B

    The keys here (no pun intended):

    - on iphone, the leading "?" (correct) in the "real" query string will be including in the value of the "dontcare" param

    - on android, the leading "&" (incorrect") in the "real" query string will simply be ignored, since it's just an extra "&" in front of another "&" (indicating an empty key/value pair, I think)

    - the extra "&" in front of each real param will ensure none of them will be included in the value of the "dontcare" param, regardless of the order the params are written out

Children
No Data