App does not follow redirect when changing HTTP scheme to HTTPS

[Lockszmith-GH]

I'm a brand new user to both gorcy and barcode buddy.

So first, before I start 'complaining' - I have to say - AMAZING work on barcodebuddy and it's android app. The clean design of this solution is really inspiring.

My Issue

Setting up

(I think) I followed the instructions properly:

• grocy and barcodebuddy installed via docker-compose behind a traefik reverse proxy
• both grocy and bardcodebuddy are accessible via Let's Encrypt signed certificates HTTPS
• grocy is on

  https://grocy.< mydomain >

• barcodebuddy is on

  https://bcb.< mydomain >

• I've setup authentication for barcodebuddy and logged in
• connected to grocy's API. barcodebuddy setting page states:

  Successfully connected to Grocy, valid API key.

• in API, added Mobile App
• Installed official Google Play android app
• Scanned QR Code

All of the above was rather simple to follow, and everything seemed to be working smooth.

Problem

I might be missing something, but now when I scan a barcode, I was expecting it to show in Unkown Barcodes or Processed, but instead in the Android App, I get the following error:

Error: Unknown error occurred. Please check URL. * See screenshot below

Question

So I'm stuck at this point. Is there a log I can check? Anything in the process I'm missing?

Screenshot

[Forceu]

Hm that is weird, it could be related to the reverse proxy. Can you please install the attached version, and try again?

app-debugPublic.zip

[Lockszmith-GH]

Just saw your reply, and tried the app.

Now something different is happening. I'll describe the timeline, so you can see what I mean:

• I install the app-debugPublic.apk over already installed (and setup) app.
• Scan a bar code: ❗ 🎉 😄 It shows up in Processed Barcodes with the following message:

  2020-04-17 11:48:14: Unknown barcode could not be looked up. Barcode: #########

• I think to myself 🤔 , awesome! Let's make sure it's this apk and nothing else, so I uninstall and install again from Play store.
• Need to setup again, add mobile app, scan QR code, get to scanning a barcode again.
• As reported originally, get the Unknown error occurred (as expected ).
• Uninstall play store app. Install debug APK.
• Register the mobile app.
• Scan barcode - app crashes 😞.
• At this point I tried different orders of uninstalling/installing, the new APK crashes, the old one returns the Unknown error.

So... something different is happening with this APK, and for a second there it seemed to have worked, but then it crashes.

Any logs I can collect?

[Forceu]

Okay, that is indeed interesting... Please install the attached version and let me know if it is still crashing. If yes, it will give you the option to send the log to an email, please do that and also upload the file from the email to this issue. app-debugPublic.zip

[24hourbullshit]

I experience the same problem, tried the debug version, you should have the logs on email by now!

[Lockszmith-GH]

I've sent debug output as well. @24hourbullshit - is your setup the same as mine?

[24hourbullshit]

Barcode Buddy running via Docker and Grocy in Docker via Home Assistant.

BB is accessible from the "outside", Traefik acts as my middle man, Grocy in turn is accessible only internally at the moment, if I don't go via Home Assistant.

[Lockszmith-GH]

I wonder what traefik does differently than (let's say) Ngnix - which is probably what @Forceu is using.

@Forceu - anyway you can create an APK that outputs the raw HTTP response? I'll create another setup with Nginx and compare and we try and assess how traefik is different here.

[Lockszmith-GH]

sorry, clicked by mistake :(

[Forceu]

Thanks, so I received the stacktrace and the debug app seems to be crashing, because the response seems to be null (the debug version should basically show the raw response, as @Lockszmith suggested).

I also setup Traefik, however the app is working for me without any problems :/ I updated the debug version, so it doesn't crash anymore. Please try again with this version and post the output it displays in the debug window after scanning a barcode.

Can you maybe share your Traefik / Docker config so I can reproduce the problem?

app-debugPublic.zip

[Lockszmith-GH]

Just sent the new crash-dump

Gist with my relevant docker-compose configuration and traefik.toml: https://gist.github.com/Lockszmith/df0b6d49f80191f9c1e714f5282e02af

NOTE: I'm using traefik 1.7, as I have not migrated my configuration to the new schema

[Forceu]

Just sent the new crash-dump

It appears you are still using the old version, can you please double check that you installed the APK from the ZIP archive above? It has the same name, so maybe you chose wrong one.

Ah okay, I tried it with Traefik 2.2, maybe that is why.

If you are using Docker, can you please download the image f0rc3/barcodebuddy-docker:latest-dev and go to the Barcode Buddy API menu (https://yourUrl.com/api). There you can try the API yourself (make sure to enter the API key) - does it work from there or does it generate an error as well?

[Lockszmith-GH]

You are right! sorry about that. Now I get:

Received Body is null. Received Error Body:

'Temporary Redirect'

This is actually some sort of text-editing control, but there wasn't any button I could use to send/collect more details.

I also tried what you suggested with the latest-dev tag (awesome API testing page BTW, really well thought off), and the posting of a barcode works, multiple times with same or different data. So it looks like curl is handling whatever traefik is throwing at it OK, but the android app (at least on barcode scanning) is choking on it. (maybe perform a test call when API registration happens, and collect data there?)

The response headers were:

content-length: 135 content-security-policy: frame-ancestors 'self' https://*.example.com content-type: application/json date: Wed, 22 Apr 2020 20:24:40 GMT server: nginx/1.16.1 strict-transport-security: max-age=315360000; includeSubdomains; preload x-content-type-options: nosniff x-firefox-spdy: h2 x-frame-options: SAMEORIGIN allow-from https://*.example.com x-powered-by: PHP/7.3.16 x-xss-protection: 1; mode=block

I tried curl with verbose output on the localmachine, on a remote one (outside of my home) and from the android phone, connected to home-wifi and with cell connection. The only response I got was 200, no redirection.

Hope you have an idea here.

[Forceu]

Thanks, that helps a lot! Normally the client should follow redirects automatically, so that is kind of surprising... Do you have any change from HTTP to HTTPS?

Anyways, please try the attached version and let me know if it is working with that one.

app-release.zip

[Lockszmith-GH]

I think I've completely wasted your time. And this whole ordeal was a classic PEBKAC

When registering the mobile application, the page shows the URL, the API Key and the QR code. By default it shows an http address, but it allows to edit the URL.

Inside the docker container, barcodebuddy is running as HTTP, it is the reverse-proxy that makes the connection HTTPS.

When I edited the address from http://bcb.example.com to https://bcb.example.com - the mobile client works without a problem.

I apologize for wasting your time, hope this issue will help others who made the same mistake I made.

[Forceu]

Great to hear it is working now! And no worries, I did not realise that OkHttpClient does not honor HTTP to HTTPS redirects. I fixed it in https://github.com/Forceu/barcodebuddy-android/commit/2df2bb2c57ce4369cc87391f14db5835a87f46b2 and might add a note next to QR code if it is in HTTP

[24hourbullshit]

I confirm, the problem was the same for me! Great that it was so easy to just add an "s", thanks for a greap app :)