Ticket Created
over 5 years ago

WERETECH-8754

Update Connect IQ browser to allow OAuth login to 3rd party (disallowed_useragent error)

I'm unable to complete a OAuth 2 login flow to Google on my Garmin 6 PRO due to a "disallowed_useragent" error in the login browser. This cought me by surprise since it works perfectly in the simulator and there's no mention of this limitation in the docs.

I know that this was already addressed by the dev team, but I can't wrap my head around why this isn't a planned fix. To me, allow developer easy access to Google Auth services without the need of a companion app is a no brainer.

Is there any issue that I'm not seeing (perhaps license/security related?). Is there an undocumeted alternative flow that doesn't require creating a separate app?

Former Member
Former Member
Parents
  • Former Member
    Former Member over 5 years ago

    After 2 weeks of work, I was able to develop a login flow robust enough to be used in production, that doesn't require a companion app (but still requires an external server). I'm posting it here as a suggestion to anyone else who stumbles upon this limitation.

    MY WORKAROUND:

    Avoid using the Connect IQ SDK OAuth flow. Instead implement an external server to handle the login via Web and then retrieve the tokens in a second moment.

    1. Generate a unique and robust device ID token using System.getDeviceSettings().uniqueIdentifier and some level of encription;
    2. Using Communications.openWebPage open a webpage to an your external service. On your external server:
      1. Register the device ID request for login;
      2. Redirect the user to the OAuth login page passing the ID as 'status', and a callback to your server;
      3. Intercept the callback, store the tokens and generate a 4 digit access code using the callback 'status' as key
      4. Display the 4 digit access code on a web page
    3. Back on the device, prompt the user to enter the 4 digit code using a number picker.
    4. Using Communications.makeWebRequest, request from the server the tokens using the 4 digit code and the device ID as access password

    The process is far from ideal, very convoluted and prone to errors.

    PROPOSED SOLUTION FOR GARMIN:

    Garmin should simply allow the option to perform the login on an external browser, implementing a callback to the ConnectIQ app. The app can intercept the callback and pass to the Garmin app that has requested it.

    At the moment the code is a little bit messy, but I could put together a Git repo for the login code if someone is interested.

Comment
  • Former Member
    Former Member over 5 years ago

    After 2 weeks of work, I was able to develop a login flow robust enough to be used in production, that doesn't require a companion app (but still requires an external server). I'm posting it here as a suggestion to anyone else who stumbles upon this limitation.

    MY WORKAROUND:

    Avoid using the Connect IQ SDK OAuth flow. Instead implement an external server to handle the login via Web and then retrieve the tokens in a second moment.

    1. Generate a unique and robust device ID token using System.getDeviceSettings().uniqueIdentifier and some level of encription;
    2. Using Communications.openWebPage open a webpage to an your external service. On your external server:
      1. Register the device ID request for login;
      2. Redirect the user to the OAuth login page passing the ID as 'status', and a callback to your server;
      3. Intercept the callback, store the tokens and generate a 4 digit access code using the callback 'status' as key
      4. Display the 4 digit access code on a web page
    3. Back on the device, prompt the user to enter the 4 digit code using a number picker.
    4. Using Communications.makeWebRequest, request from the server the tokens using the 4 digit code and the device ID as access password

    The process is far from ideal, very convoluted and prone to errors.

    PROPOSED SOLUTION FOR GARMIN:

    Garmin should simply allow the option to perform the login on an external browser, implementing a callback to the ConnectIQ app. The app can intercept the callback and pass to the Garmin app that has requested it.

    At the moment the code is a little bit messy, but I could put together a Git repo for the login code if someone is interested.

Children
No Data