search

auth0 / Auth0.Android

Android toolkit for Auth0 API
https://auth0.com
MIT License
216 stars 133 forks source link

Parsing user_metadata throw exception #697

Closed gier3k closed 10 months ago

gier3k commented 11 months ago

Checklist

Description

I'm getting this excpetion:

W com.google.gson.JsonSyntaxException: java.lang.IllegalStateException: Expected BEGIN_OBJECT but was STRING at path $ W at com.google.gson.Gson.fromJson(Gson.java:1238) W at com.google.gson.Gson.fromJson(Gson.java:1329) W at com.google.gson.Gson.fromJson(Gson.java:1300) W at com.google.gson.internal.bind.TreeTypeAdapter$GsonContextImpl.deserialize(TreeTypeAdapter.java:179) W at com.auth0.android.request.internal.UserProfileDeserializer.deserialize(UserProfileDeserializer.java:48) W at com.auth0.android.request.internal.UserProfileDeserializer.deserialize(UserProfileDeserializer.java:18) W at com.google.gson.internal.bind.TreeTypeAdapter.read(TreeTypeAdapter.java:76) W at com.google.gson.Gson.fromJson(Gson.java:1227) W at com.google.gson.Gson.fromJson(Gson.java:1137) W at com.google.gson.Gson.fromJson(Gson.java:1047) W at com.google.gson.Gson.fromJson(Gson.java:982) W at com.auth0.android.result.Credentials.getUser(Credentials.kt:85)

This is bas64 of user, that is making issue: eyJ1c2VyX21ldGFkYXRhIjoie1wiY291bnRyeVwiOlwiRlJcIixcImxhbmd1YWdlXCI6XCJmclwiLFwibmV3c2xldHRlcnNcIjpbXX0iLCJuaWNrbmFtZSI6Im1vYmlsZWRldithdXRoMC0wNTEwMjAyMy0xIiwibmFtZSI6Im1vYmlsZWRldithdXRoMC0wNTEwMjAyMy0xQGphbWcuaW8iLCJwaWN0dXJlIjoiaHR0cHM6Ly9zLmdyYXZhdGFyLmNvbS9hdmF0YXIvNmZjYTg2OGFmZjJjMzRiZThlZjY0OWNjMzFjYzUxNjM_cz00ODAmcj1wZyZkPWh0dHBzJTNBJTJGJTJGY2RuLmF1dGgwLmNvbSUyRmF2YXRhcnMlMkZtby5wbmciLCJ1cGRhdGVkX2F0IjoiMjAyMy0xMC0yNlQxNTo1OToyMy4yNjhaIiwiZW1haWwiOiJtb2JpbGVkZXYrYXV0aDAtMDUxMDIwMjMtMUBqYW1nLmlvIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImlzcyI6Imh0dHBzOi8vc3RhZ2luZy5hdXRoLmFmcmljYW1lZGlhLmdyb3VwLyIsImF1ZCI6ImpFTHdreFJTejNiaFlqNzB3QWsxeXNUQk0wWkVURm5uIiwiaWF0IjoxNjk4MzM1OTY0LCJleHAiOjE2OTgzNzE5NjQsInN1YiI6ImF1dGgwfDY1MWViMWM3N2U1OWFjZTlhZjU3ZWRjZSIsImF1dGhfdGltZSI6MTY5ODMzNTk2Mywic2lkIjoiQ3Y4ZzB0M1J5VEdVT2RwejAzNEJLYVVSWWV4aHJGR0UiLCJub25jZSI6Ii1VNUZDVVlpNzN2M0RkNDkyLXJmejBub0JKMGsxVnNTb2liN2JpUDZqR1EifQ

That is representation of:

{ "user_metadata": "{\"country\":\"FR\",\"language\":\"fr\",\"newsletters\":[]}", "nickname": "mobiledev+auth0-05102023-1", "name": "mobiledev+auth0-05102023-1@jamg.io", "picture": "https://s.gravatar.com/avatar/6fca868aff2c34be8ef649cc31cc5163?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fmo.png", "updated_at": "2023-10-26T15:59:23.268Z", "email": "mobiledev+auth0-05102023-1@jamg.io", "email_verified": true, "iss": "https://staging.auth.africamedia.group/", "aud": "jELwkxRSz3bhYj70wAk1ysTBM0ZETFnn", "iat": 1698335964, "exp": 1698371964, "sub": "auth0|651eb1c77e59ace9af57edce", "auth_time": 1698335963, "sid": "Cv8g0t3RyTGUOdpz034BKaURYexhrFGE", "nonce": "-U5FCUYi73v3Dd492-rfz0noBJ0k1VsSoib7biP6jGQ" }

And screenshoot from debugger from place, that is making issue auth0_exception

Reproduction

  1. Try to login with user credentials that have 'user_metadata'
  2. 'onSuccess' callback method in 'WebAuthProvider.login' call 'credentials.user'

I just believe, that or data returned by server are not in correct format, or parser is not working in correct way

Additional context

Issue is similar to: https://github.com/auth0/Auth0.Android/issues/196 and have something in common with: https://github.com/auth0/Auth0.Android/pull/429

Auth0.Android version

2.10.2

Android version(s)

14 (I believe, it doesn't matter)

poovamraj commented 10 months ago

@gier3k running the JSON you provided through a JSON formatter seems to tell there is an issue in the format of the JSON.

Can you verify that a properly formatted JSON is provided so that correct Key, Value pairs can be extracted.

Screenshot 2023-11-13 at 11 28 21

gier3k commented 10 months ago

@poovamraj I can confirm, that this, what app is getting is not properly formatted JSON (at least not for schema, that is expected, so that in 'user_metada' is provided map, and not String, that is looking like map). I can also confirm, that if I inject little modified base64 json string: eyJ1c2VyX21ldGFkYXRhIjp7ImNvdW50cnkiOiJGUiIsImxhbmd1YWdlIjoiZnIiLCJuZXdzbGV0dGVycyI6W119LCJuaWNrbmFtZSI6Im1vYmlsZWRldithdXRoMC0wNTEwMjAyMy0xIiwibmFtZSI6Im1vYmlsZWRldithdXRoMC0wNTEwMjAyMy0xQGphbWcuaW8iLCJwaWN0dXJlIjoiaHR0cHM6Ly9zLmdyYXZhdGFyLmNvbS9hdmF0YXIvNmZjYTg2OGFmZjJjMzRiZThlZjY0OWNjMzFjYzUxNjM_cz00ODAmcj1wZyZkPWh0dHBzJTNBJTJGJTJGY2RuLmF1dGgwLmNvbSUyRmF2YXRhcnMlMkZtby5wbmciLCJ1cGRhdGVkX2F0IjoiMjAyMy0xMS0xM1QxNjoyOTo0MS4yMDlaIiwiZW1haWwiOiJtb2JpbGVkZXYrYXV0aDAtMDUxMDIwMjMtMUBqYW1nLmlvIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImlzcyI6Imh0dHBzOi8vc3RhZ2luZy5hdXRoLmFmcmljYW1lZGlhLmdyb3VwLyIsImF1ZCI6ImpFTHdreFJTejNiaFlqNzB3QWsxeXNUQk0wWkVURm5uIiwiaWF0IjoxNjk5ODkyOTgyLCJleHAiOjE2OTk5Mjg5ODIsInN1YiI6ImF1dGgwfDY1MWViMWM3N2U1OWFjZTlhZjU3ZWRjZSIsImF1dGhfdGltZSI6MTY5OTg5Mjk4MSwic2lkIjoiZnlMRVdJM2dnclhxQS1tcHdheFJIOU1VS1BNNVQtaVgiLCJub25jZSI6InJwSWcwbXpLVHdySHh5XzNFUE92ZndtUmNmSkFKUFdSNXM3RzNJRU5LRHcifQ that is representation of:

{ "user_metadata": { "country": "FR", "language": "fr", "newsletters": [] }, "nickname": "mobiledev+auth0-05102023-1", "name": "mobiledev+auth0-05102023-1@jamg.io", "picture": "https://s.gravatar.com/avatar/6fca868aff2c34be8ef649cc31cc5163?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fmo.png", "updated_at": "2023-11-13T16:29:41.209Z", "email": "mobiledev+auth0-05102023-1@jamg.io", "email_verified": true, "iss": "https://staging.auth.africamedia.group/", "aud": "jELwkxRSz3bhYj70wAk1ysTBM0ZETFnn", "iat": 1699892982, "exp": 1699928982, "sub": "auth0|651eb1c77e59ace9af57edce", "auth_time": 1699892981, "sid": "fyLEWI3ggrXqA-mpwaxRH9MUKPM5T-iX", "nonce": "rpIg0mzKTwrHxy_3EPOvfwmRcfJAJPWR5s7G3IENKDw" }

then user object is properly parsed and I don't have issues with it.

So now there is question (as I don't know) - this not proper json is coming from fault of AUth0 servers or from our company/organization code/servers

poovamraj commented 10 months ago

There is a good chance it is coming from organisation code. Can you verify this one.

Since this is not an issue on the SDK side. We would like to close this issue for now. If you have more doubts you can comment here and we can reopen this issue.