random 400 error code on `login/send-code/`

[AaditT]

i am getting random 400 error code on the login/send-code/ endpoint. sometimes it works with success, sometimes i get this 400 error code.

can you please provide some clarity as to why i am getting this error, or possibly fix? thanks!

[chemokita13]

Are you using allways the international phone code?

[ninoturakura]

I have exactly same issue, I've checked the endpoints and the second one is failing here is the endpoint 'https://www.googleapis.com/identitytoolkit/v3/relyingparty/sendVerificationCode?key=' it just returns basic info about the error statusText: 'Bad Request', any clues what can be happening?

[ninoturakura]

also I tried using my phone number with and without country code but still got the same issue

[AaditT]

Are you using allways the international phone code?

Yes, I am using +1XXXXXXXXXX

[chemokita13]

Hey! @AaditT @ninoturakura Thank you for the details given, I will work on it, but that seems it wont be as faster as others bugs

[chemokita13]

Hey! @AaditT @ninoturakura I have implemented a log system in the server, could you resend the recuest to see the logs saved?

[AaditT]

hey @chemokita13 , will let you know when I face this issue again.

[ninoturakura]

Hey @chemokita13 thanks for the reply, I've tested this login endpoint from a different country number than mine. Btw I'm from Georgia and any number from here is failing, I have seen similar issue happening in other repos as well, it's not only my country but some of the other country numbers face the same issue as well. when I tried like a french number it gave me session and everything went smooth.

maybe this can give you some insight to what can be happening here, also it's not only you, I also tested different respositories all of them have the same issue.

[ninoturakura]

also what I've noticed when testing those repos is that all of them plus yours as well had the same user client, it seemed to me that you all copied this info from each-other. maybe that's the case that instead of apple user client that you have I need something other? or maybe some API keys that were used in your app does not work on every country's numbers? maybe for my country I need different api key?

[ninoturakura]

@chemokita13 also can you tell me, how did you get those API keys and stuff? Since when I tried it with MitmProxy it does not work, since the SSL certificate is changed and those googleApi's demand specific SSL certificates.

if you could just give me little hint at least on how you got those API keys, I could test it on beReal from my location, and maybe figure out why is it giving me that error of 400.

[chemokita13]

@chemokita13 also can you tell me, how did you get those API keys and stuff? Since when I tried it with MitmProxy it does not work, since the SSL certificate is changed and those googleApi's demand specific SSL certificates.

if you could just give me little hint at least on how you got those API keys, I could test it on beReal from my location, and maybe figure out why is it giving me that error of 400.

I just have taken the api keys decoding bereal apk, if you want u can use it

[chemokita13]

@AaditT @ninoturakura I made another way to login instead of that for throwing 400 error, could you try it? I let the link to the API: https://berealapi.fly.dev/api#/Login/LoginController_SendCodeVonage

[ninoturakura]

@chemokita13 I tried it still no luck(( it says OTP not sent, also can you please add those change to this github repo as well? I could not find that in local api docs

[ninoturakura]

@chemokita13 I also tried same, to decompile APK file at first, but this is what I get about the second api (www.googleapis.com/identitytoolkit/v3/relyingparty/sendVerificationCode):

  public final void Q0(g paramg, me paramme) {
    String str = ((g)paramg).y;
    if (!TextUtils.isEmpty(str))
      ((kf)X0()).e = str; 
    df df1 = this.w;
    d.i(df1.a("/sendVerificationCode", this.B), (gf)paramg, (xf)paramme, i.class, ((cf)df1).b);
  }

which is pretty unusable not to mention that I could not detect any API keys needed to communicate with the Google API.

[ninoturakura]

@chemokita13 I've used apktool for APK decompilation, did you used same tool as well? or maybe something different?

[artyaz]

idk if that is directly related, but I'm getting the same 400 code when trying to login

the same with vonage

it hasn't worked at all

[WilsonCazarre]

I'm also having this issue. It seems like it doesn't even get to make the request to send the OTP. It fails while trying to verify the Google API Client