Acknowledged
5 months ago

Connect IQ SDK 7.4.3 Oauth2 malforms urls on Android

When using the authenticate oauth2 API, the url sent to the default browser by the Connect IQ app is malformed on Android devices.

The url should look like https://requesturl?parameter1=xxxxx&parameter2=yyy etc

But instead it produces https://requesturl&parameter1=xxxxx&parameter=yyy 

The url is correctly formed on iPhone devices. Suggesting the bug is in the Android Connect IQ app

Ultra
  • 6 months ago

    > Oh, I've found a way round it by adding ?android=1 to the auth url, if the user selects Google Android as the phone type in the app settings.

    Do you mean you make a call like this for android:

    Auth.makeOAuthRequest(
       "https :// requesturl?android=1", // requestUrl
       { // requestParams
          "param1" => "A",
          "param2" => "B"
       },
       //...
    )

    And it turns into this:

    requesturl?android=1&param1=A&param2=B

    If so, why can't you just modify this slightly to add another dummy parameter, but in the params dictionary, so it could work for both android and iphone?

    Auth.makeOAuthRequest(
       "https :// requesturl?dontcare=1", // requestUrl
       { // requestParams
          "dontcare" => 1,
          "param1" => "A",
          "param2" => "B"
       },
       //...
    )

    On android I think this should be:

    requesturl?dontcare=1&dontcare=1&param1=A&param2=B

    Here the server will see two dontcare keys, each with a value of 1.

    On iphone I think this will be:

    requesturl?dontcare=1?dontcare=1&param1=A&param2=B

    Here the server will see one dontcare key, with a value of "1?dontcare=1"

    Sorry if I'm missing something here.

  • 6 months ago in reply to FlowState

    Oh, I've found a way round it by adding ?android=1 to the auth url, if the user selects Google Android as the phone type in the app settings.  But it's less than ideal having to do this for the Garmin Android bug.  The code shouldn't have to care as to whether they have a paired Android or iOS phone but it does. I'd rather fixed the underlying bug in their Android code. Hey ho.

  • 6 months ago

    Plus, if the url is modified in the browser to replace the & with ?

    What if you just add “?” without removing the first “&”?

    e.g.

    h t t p s : : / / requesturl?&parameter1=xxxxx&parameter2=yyy 

  • 6 months ago

    Plus, if the url is modified in the browser to replace the & with ? To complete authorisation we get this on Android 14 and latest Chrome browser. The Connect IQ app itself is crashing.