justpass-me / Passkeys-for-Flutter-with-justpass

Flutter SDK for Passkeys with Juspass
https://www.justpass.me/docs/mobile/Flutter
Other
4 stars 1 forks source link

Error while registering : user.name must be defined in requestJson #5

Closed sbesnard closed 1 year ago

sbesnard commented 1 year ago

Hi folks,

I get an error when trying to register on Flutter on Android Emulator.

Extension setup completed just fine according to tutorial.

Here is the code in Flutter :

on<CreatePassKey>(
      (event, emit) async {
        final user = FirebaseAuth.instance.currentUser;
        loggy.debug("preparing to create passkey");
        if (user != null) {
          final registrationUrl = '$BASE_URL/register';
          final token = await user.getIdToken();
          final headers = {'Authorization': 'Bearer $token'};
          final result = await justPassMeClient.register(
            registrationUrl,
            headers,
          );
          loggy.debug('Paskee Created :$result');
        }
      },
    );

This is the debug from Emulator

I/okhttp.OkHttpClient( 8068): --> GET https://europe-west1-xxx.cloudfunctions.net/ext-justpass-me-oidc/register
I/okhttp.OkHttpClient( 8068): Authorization: Bearer eyxxx
I/okhttp.OkHttpClient( 8068): JUSTPASS-ME-PLATFORM: app
I/okhttp.OkHttpClient( 8068): --> END GET
D/TrafficStats( 8068): tagSocket(127) with statsTag=0xffffffff, statsUid=-1
I/okhttp.OkHttpClient( 8068): <-- 403 https://xxx.accounts.justpass.me/openid/authorize/?client_id=521763&scope=openid%20token%20email%20profile&response_type=code&redirect_uri=https%3A%2F%2Feurope-west1-xxx.cloudfunctions.net%2Fext-justpass-me-oidc%2Fregister_callback%2F&login_hint=aKJyupHmK3drtBxRnaIfyO35SPP2&username=serge%40xxx&prompt=create&response_mode=code&hint_mode=token&justpass_me_platform=app&nonce=wlUpExao0Gz8crN1TmJBpfER4EXiLlSiUN-ez0kGnaw&state=AvviQ91qxq5eIr59vLuNBDwfLfURQwDG7fKkTNNQRqg&signature=xxx (5129ms)
I/okhttp.OkHttpClient( 8068): content-length: 141
I/okhttp.OkHttpClient( 8068): content-type: application/json
I/okhttp.OkHttpClient( 8068): date: Wed, 23 Aug 2023 09:03:31 GMT
I/okhttp.OkHttpClient( 8068): referrer-policy: same-origin
I/okhttp.OkHttpClient( 8068): server: istio-envoy
I/okhttp.OkHttpClient( 8068): set-cookie: sessionid=zxh6xqqhxn3c2zqa50ag0pxirnxzas34; expires=Wed, 23 Aug 2023 10:03:31 GMT; HttpOnly; Max-Age=3600; Path=/; SameSite=Lax
I/okhttp.OkHttpClient( 8068): vary: Cookie
I/okhttp.OkHttpClient( 8068): x-content-type-options: nosniff
I/okhttp.OkHttpClient( 8068): x-frame-options: DENY
I/okhttp.OkHttpClient( 8068): x-envoy-upstream-service-time: 40
I/okhttp.OkHttpClient( 8068): {"error": "Redirect URI Error", "description": "The request fails due to a missing, invalid, or mismatching redirection URI (redirect_uri)."}
I/okhttp.OkHttpClient( 8068): <-- END HTTP (141-byte body)
W/System.err( 8068):    at androidx.credentials.CreatePublicKeyCredentialRequest$Companion.getRequestDisplayInfo$credentials_release(CreatePublicKeyCredentialRequest.kt:104)
W/System.err( 8068):    at androidx.credentials.CreatePublicKeyCredentialRequest.<init>(CreatePublicKeyCredentialRequest.kt:78)
W/System.err( 8068):    at androidx.credentials.CreatePublicKeyCredentialRequest.<init>(CreatePublicKeyCredentialRequest.kt:72)
W/System.err( 8068):    at tech.amwal.justpassme.proxy.CredentialPasskeyProxy.register$just_pass_me_release(CredWebAuthnProxy.kt:38)
W/System.err( 8068):    at tech.amwal.justpassme.WebauthnRepository.register$just_pass_me_release(WebauthnRepository.kt:47)
W/System.err( 8068):    at tech.amwal.justpassme.WebauthnRepository$register$1.invokeSuspend(Unknown Source:15)
W/System.err( 8068):    at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
W/System.err( 8068):    at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
W/System.err( 8068):    at android.os.Handler.handleCallback(Handler.java:958)
W/System.err( 8068):    at android.os.Handler.dispatchMessage(Handler.java:99)
W/System.err( 8068):    at android.os.Looper.loopOnce(Looper.java:205)
W/System.err( 8068):    at android.os.Looper.loop(Looper.java:294)
W/System.err( 8068):    at android.app.ActivityThread.main(ActivityThread.java:8176)
W/System.err( 8068):    at java.lang.reflect.Method.invoke(Native Method)
W/System.err( 8068):    at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:552)
W/System.err( 8068):    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:971)
D/JustpassmeFlutterPlugin( 8068): Error

I have an entry created in Firestore : express-sessions

Here is the log of the function :

{
  "textPayload": "https://speech2sense.accounts.justpass.me/openid/authorize/?client_id=521763&scope=openid%20token%20email%20profile&response_type=code&redirect_uri=https%3A%2F%2Feurope-west1-atout-care-2-dev.cloudfunctions.net%2Fext-justpass-me-oidc%2Fregister_callback%2F&login_hint=aKJyupHmK3drtBxRnaIfyO35SPP2&username=xxx%40xxx&prompt=create&response_mode=code&hint_mode=token&justpass_me_platform=app&nonce=yZ1ytevOxGCxTjzEKFr4AtvHA8NqZy-fp4GzCk921Zg&state=xxx",
  "insertId": "64e5cea7000e148d9f74e880",
  "resource": {
    "type": "cloud_function",
    "labels": {
      "project_id": "atout-care-2-dev",
      "region": "europe-west1",
      "function_name": "ext-justpass-me-oidc"
    }
  },
  "timestamp": "2023-08-23T09:17:27.922765Z",
  "severity": "INFO",
  "labels": {
    "instance_id": "00c61b117cc797a7beef1cbd1e237a7c8cc0b0ff2c5dc1d28af281c24b596bdeb5fcf56f7dc3d298bf160cb19e11f8de1bda6f7539d428491c4249",
    "execution_id": "gxon7lar6ypl"
  },
  "logName": "projects/xxx/logs/cloudfunctions.googleapis.com%2Fcloud-functions",
  "trace": "projects/xxx/traces/ecfcf1334892210f2180751b7955a026",
  "receiveTimestamp": "2023-08-23T09:17:28.177598686Z"
}
{
  "textPayload": "Function execution took 813 ms, finished with status code: 302",
  "insertId": "10wv55mfgg7wl9",
  "resource": {
    "type": "cloud_function",
    "labels": {
      "function_name": "ext-justpass-me-oidc",
      "project_id": "xxx",
      "region": "europe-west1"
    }
  },
  "timestamp": "2023-08-23T09:17:27.987708785Z",
  "severity": "DEBUG",
  "labels": {
    "execution_id": "gxon7lar6ypl"
  },
  "logName": "projects/xxx/logs/cloudfunctions.googleapis.com%2Fcloud-functions",
  "trace": "projects/xxx/traces/ecfcf1334892210f2180751b7955a026",
  "receiveTimestamp": "2023-08-23T09:17:28.177598686Z"
}

Thanks for any insight

ahmed3elshaer commented 1 year ago

Hi @sbesnard , thanks for taking time to report this, this was originally an issue in older version of the SDK, let me make sure the latest release is pushed to the pipeline and i will inform you right away This refers to missing parameter redirection/callback url in our merchant dashboard

sameh-amwal commented 1 year ago

@sbesnard your $BASE_URL should be https://europe-west1-atout-care-2-dev.cloudfunctions.net/ext-justpass-me-oidc not https://europe-west1-xxx.cloudfunctions.net/ext-justpass-me-oidc

sbesnard commented 1 year ago

@sameh-amwal It was meant as part of redaction of the log. Obviously failed attempt !

@mkalioby Thanks for the prompt reply. I realized that in the setup process, the wrong regions had crept in the urls for the settings. I corrected it, it created the passkey, but now, progress, we have a new error, probably related to storing the key:

E/ContentValues( 9553):     at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.CredentialProviderCreatePublicKeyCredentialController.handleResponse$credentials_play_services_auth_release(CredentialProviderCreatePublicKeyCredentialController.kt:155)
E/ContentValues( 9553):     at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.CredentialProviderCreatePublicKeyCredentialController$resultReceiver$1.onReceiveResult(CredentialProviderCreatePublicKeyCredentialController.kt:92)
E/ContentValues( 9553):     at android.os.ResultReceiver$MyRunnable.run(ResultReceiver.java:50)
E/ContentValues( 9553):     at android.os.Handler.handleCallback(Handler.java:958)
E/ContentValues( 9553):     at android.os.Handler.dispatchMessage(Handler.java:99)
E/ContentValues( 9553):     at android.os.Looper.loopOnce(Looper.java:205)
E/ContentValues( 9553):     at android.os.Looper.loop(Looper.java:294)
E/ContentValues( 9553):     at android.app.ActivityThread.main(ActivityThread.java:8176)
E/ContentValues( 9553):     at java.lang.reflect.Method.invoke(Native Method)
E/ContentValues( 9553):     at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:552)
E/ContentValues( 9553):     at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:971)
W/System.err( 9553): androidx.credentials.exceptions.publickeycredential.CreatePublicKeyCredentialDomException: The incoming request cannot be validated
W/System.err( 9553):    at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.PublicKeyCredentialControllerUtility$Companion.publicKeyCredentialResponseContainsError(PublicKeyCredentialControllerUtility.kt:287)
W/System.err( 9553):    at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.CredentialProviderCreatePublicKeyCredentialController.handleResponse$credentials_play_services_auth_release(CredentialProviderCreatePublicKeyCredentialController.kt:155)
W/System.err( 9553):    at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.CredentialProviderCreatePublicKeyCredentialController$resultReceiver$1.onReceiveResult(CredentialProviderCreatePublicKeyCredentialController.kt:92)
W/System.err( 9553):    at android.os.ResultReceiver$MyRunnable.run(ResultReceiver.java:50)
W/System.err( 9553):    at android.os.Handler.handleCallback(Handler.java:958)
W/System.err( 9553):    at android.os.Handler.dispatchMessage(Handler.java:99)
W/System.err( 9553):    at android.os.Looper.loopOnce(Looper.java:205)
W/System.err( 9553):    at android.os.Looper.loop(Looper.java:294)
W/System.err( 9553):    at android.app.ActivityThread.main(ActivityThread.java:8176)
W/System.err( 9553):    at java.lang.reflect.Method.invoke(Native Method)
W/System.err( 9553):    at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:552)
W/System.err( 9553):    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:971)
D/JustpassmeFlutterPlugin( 9553): Error
[log] onError(AuthenticationBloc, PlatformException(Error, The incoming request cannot be validated, null, null), #0      StandardMethodCodec.decodeEnvelope
message_codecs.dart:652
#1      MethodChannel._invokeMethod
platform_channel.dart:310
      <asynchronous suspension>
#2      MethodChannelJustPassMe.register
justpassme_flutter_method_channel.dart:17
      <asynchronous suspension>
sbesnard commented 1 year ago

FYI, I got it to work on iOS on physical device ! Well done ! Still no luck on physical android.

ahmed3elshaer commented 1 year ago

@sbesnard can you show me the verification assets into your Android app's build.gradle file in /android/build.gradle ?

ahmed3elshaer commented 1 year ago

@sameh-amwal It was meant as part of redaction of the log. Obviously failed attempt !

@mkalioby Thanks for the prompt reply. I realized that in the setup process, the wrong regions had crept in the urls for the settings. I corrected it, it created the passkey, but now, progress, we have a new error, probably related to storing the key:

E/ContentValues( 9553):   at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.CredentialProviderCreatePublicKeyCredentialController.handleResponse$credentials_play_services_auth_release(CredentialProviderCreatePublicKeyCredentialController.kt:155)
E/ContentValues( 9553):   at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.CredentialProviderCreatePublicKeyCredentialController$resultReceiver$1.onReceiveResult(CredentialProviderCreatePublicKeyCredentialController.kt:92)
E/ContentValues( 9553):   at android.os.ResultReceiver$MyRunnable.run(ResultReceiver.java:50)
E/ContentValues( 9553):   at android.os.Handler.handleCallback(Handler.java:958)
E/ContentValues( 9553):   at android.os.Handler.dispatchMessage(Handler.java:99)
E/ContentValues( 9553):   at android.os.Looper.loopOnce(Looper.java:205)
E/ContentValues( 9553):   at android.os.Looper.loop(Looper.java:294)
E/ContentValues( 9553):   at android.app.ActivityThread.main(ActivityThread.java:8176)
E/ContentValues( 9553):   at java.lang.reflect.Method.invoke(Native Method)
E/ContentValues( 9553):   at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:552)
E/ContentValues( 9553):   at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:971)
W/System.err( 9553): androidx.credentials.exceptions.publickeycredential.CreatePublicKeyCredentialDomException: The incoming request cannot be validated
W/System.err( 9553):  at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.PublicKeyCredentialControllerUtility$Companion.publicKeyCredentialResponseContainsError(PublicKeyCredentialControllerUtility.kt:287)
W/System.err( 9553):  at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.CredentialProviderCreatePublicKeyCredentialController.handleResponse$credentials_play_services_auth_release(CredentialProviderCreatePublicKeyCredentialController.kt:155)
W/System.err( 9553):  at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.CredentialProviderCreatePublicKeyCredentialController$resultReceiver$1.onReceiveResult(CredentialProviderCreatePublicKeyCredentialController.kt:92)
W/System.err( 9553):  at android.os.ResultReceiver$MyRunnable.run(ResultReceiver.java:50)
W/System.err( 9553):  at android.os.Handler.handleCallback(Handler.java:958)
W/System.err( 9553):  at android.os.Handler.dispatchMessage(Handler.java:99)
W/System.err( 9553):  at android.os.Looper.loopOnce(Looper.java:205)
W/System.err( 9553):  at android.os.Looper.loop(Looper.java:294)
W/System.err( 9553):  at android.app.ActivityThread.main(ActivityThread.java:8176)
W/System.err( 9553):  at java.lang.reflect.Method.invoke(Native Method)
W/System.err( 9553):  at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:552)
W/System.err( 9553):  at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:971)
D/JustpassmeFlutterPlugin( 9553): Error
[log] onError(AuthenticationBloc, PlatformException(Error, The incoming request cannot be validated, null, null), #0      StandardMethodCodec.decodeEnvelope
message_codecs.dart:652
#1      MethodChannel._invokeMethod
platform_channel.dart:310
      <asynchronous suspension>
#2      MethodChannelJustPassMe.register
justpassme_flutter_method_channel.dart:17
      <asynchronous suspension>

This error means that something with the structure of the public key is not valid, did you follow the android configuration ? A copy of your android app /android/build.gradle and Manifest would help us investigate the issue

sbesnard commented 1 year ago

build.gradle :

def localProperties = new Properties()
def localPropertiesFile = rootProject.file('local.properties')
if (localPropertiesFile.exists()) {
    localPropertiesFile.withReader('UTF-8') { reader ->
        localProperties.load(reader)
    }
}

def flutterRoot = localProperties.getProperty('flutter.sdk')
if (flutterRoot == null) {
    throw new GradleException("Flutter SDK not found. Define location with flutter.sdk in the local.properties file.")
}

def flutterVersionCode = localProperties.getProperty('flutter.versionCode')
if (flutterVersionCode == null) {
    flutterVersionCode = '1'
}

def flutterVersionName = localProperties.getProperty('flutter.versionName')
if (flutterVersionName == null) {
    flutterVersionName = '1.0'
}

def keystoreProperties = new Properties()
def keystorePropertiesFile = rootProject.file('key.properties')
if (keystorePropertiesFile.exists()) {
    keystoreProperties.load(new FileInputStream(keystorePropertiesFile))
}

apply plugin: 'com.android.application'
// START: FlutterFire Configuration
apply plugin: 'com.google.gms.google-services'
// END: FlutterFire Configuration
apply plugin: 'kotlin-android'
apply from: "$flutterRoot/packages/flutter_tools/gradle/flutter.gradle"

android {
    compileSdkVersion flutter.compileSdkVersion

    compileOptions {
        sourceCompatibility JavaVersion.VERSION_1_8
        targetCompatibility JavaVersion.VERSION_1_8
    }

    kotlinOptions {
        jvmTarget = '1.8'
    }

    sourceSets {
        main.java.srcDirs += 'src/main/kotlin'
    }

    defaultConfig {
        applicationId "com.speech2sense.medicompanion"
        minSdkVersion 23
        targetSdkVersion flutter.targetSdkVersion
        versionCode flutterVersionCode.toInteger()
        versionName flutterVersionName
        multiDexEnabled true
        resValue("string", "host", "https://speech2sense.accounts.justpass.me")
        resValue("string", "asset_statements", """
           [{
             "include": "https://speech2sense.accounts.justpass.me/.well-known/assetlinks.json"
           }]
        """)

    }

    signingConfigs {
        if (System.getenv("ANDROID_KEYSTORE_PATH")) {
            release {
                storeFile file(System.getenv("ANDROID_KEYSTORE_PATH"))
                keyAlias System.getenv("ANDROID_KEYSTORE_ALIAS")
                keyPassword System.getenv("ANDROID_KEYSTORE_PRIVATE_KEY_PASSWORD")
                storePassword System.getenv("ANDROID_KEYSTORE_PASSWORD")
            }
        } else {
            release {
                keyAlias keystoreProperties['keyAlias']
                keyPassword keystoreProperties['keyPassword']
                storeFile keystoreProperties['storeFile'] ? file(keystoreProperties['storeFile']) : null
                storePassword keystoreProperties['storePassword']
            }
        }
    }

    flavorDimensions "default"
    productFlavors { 
        production {
            dimension "default"
            applicationIdSuffix ""
            manifestPlaceholders = [appName: "Medicompanion"]
        }
        staging {
            dimension "default"
            applicationIdSuffix ".stg"
            manifestPlaceholders = [appName: "[STG] Medicompanion"]
        }
        development {
            dimension "default"
            applicationIdSuffix ".dev"
            manifestPlaceholders = [appName: "[DEV] Medicompanion"]
        }
    }

    buildTypes {
        release {
            signingConfig signingConfigs.release
            minifyEnabled true
            proguardFiles getDefaultProguardFile('proguard-android.txt')
        }
        debug {
            signingConfig signingConfigs.debug
        }
    }
}

flutter {
    source '../..'
}

dependencies {
    implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk7:$kotlin_version"
    implementation 'com.android.support:multidex:1.0.3'
}

Android manifest :

<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.speech2sense.medicompanion">
     <uses-permission android:name="android.permission.RECORD_AUDIO" />
      <uses-permission android:name="android.permission.INTERNET" />
    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
   <uses-permission android:name="android.permission.CAMERA" />
   <application
        android:label="medicompanion"
        android:name="${applicationName}"
        android:icon="@mipmap/ic_launcher">
        <activity
            android:name=".MainActivity"
            android:exported="true"
            android:launchMode="singleTop"
            android:theme="@style/LaunchTheme"
            android:configChanges="orientation|keyboardHidden|keyboard|screenSize|smallestScreenSize|locale|layoutDirection|fontScale|screenLayout|density|uiMode"
            android:hardwareAccelerated="true"
            android:windowSoftInputMode="adjustResize">
            <!-- Specifies an Android theme to apply to this Activity as soon as
                 the Android process has started. This theme is visible to the user
                 while the Flutter UI initializes. After that, this theme continues
                 to determine the Window background behind the Flutter UI. -->
            <meta-data
              android:name="io.flutter.embedding.android.NormalTheme"
              android:resource="@style/NormalTheme"
              />
            <meta-data
            android:name="asset_statements"
            android:resource="@string/asset_statements" />            
            <intent-filter>
                <action android:name="android.intent.action.MAIN"/>
                <category android:name="android.intent.category.LAUNCHER"/>
            </intent-filter>
        </activity>
        <!-- Don't delete the meta-data below.
             This is used by the Flutter tool to generate GeneratedPluginRegistrant.java -->
        <meta-data
            android:name="flutterEmbedding"
            android:value="2" />
    </application>
</manifest>
sbesnard commented 1 year ago

btw, your doc is down : https://accounts.justpass.me/organization/app/apps/guide/speech2sense/android/ gives a 500

ahmed3elshaer commented 1 year ago

@sbesnard in Manifest file, your meta-data tag should be outside of the acitivty tag and inside the application tag something like this

<manifest>
    <application>
...........
..........
        <meta-data
         android:name="asset_statements"
            android:resource="@string/asset_statements" />
     </application>
</manifest>  
ahmed3elshaer commented 1 year ago

btw, your doc is down : https://accounts.justpass.me/organization/app/apps/guide/speech2sense/android/ gives a 500

HYG https://www.justpass.me/docs/mobile/Android

ahmed3elshaer commented 1 year ago

@sbesnard in Manifest file, your meta-data tag should be outside of the acitivty tag and inside the application tag something like this

<manifest>
    <application>
...........
..........
        <meta-data
         android:name="asset_statements"
            android:resource="@string/asset_statements" />
     </application>
</manifest>  

@sbesnard let me know if this works!

sbesnard commented 1 year ago

Progress ?

So I modified the manifest, sorry for the stupid mistake (maybe clarify in doc for noobs like me ?). The But, new error :

/ContentValues(10184): Handle the passkey DOM errors thrown according to the WebAuthn spec. androidx.credentials.exceptions.domerrors.SecurityError@5e7a445
E/ContentValues(10184): androidx.credentials.exceptions.publickeycredential.CreatePublicKeyCredentialDomException: The incoming request cannot be validated
E/ContentValues(10184):     at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.PublicKeyCredentialControllerUtility$Companion.publicKeyCredentialResponseContainsError(PublicKeyCredentialControllerUtility.kt:287)
E/ContentValues(10184):     at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.CredentialProviderCreatePublicKeyCredentialController.handleResponse$credentials_play_services_auth_release(CredentialProviderCreatePublicKeyCredentialController.kt:155)
E/ContentValues(10184):     at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.CredentialProviderCreatePublicKeyCredentialController$resultReceiver$1.onReceiveResult(CredentialProviderCreatePublicKeyCredentialController.kt:92)
E/ContentValues(10184):     at android.os.ResultReceiver$MyRunnable.run(ResultReceiver.java:50)
E/ContentValues(10184):     at android.os.Handler.handleCallback(Handler.java:958)
E/ContentValues(10184):     at android.os.Handler.dispatchMessage(Handler.java:99)
E/ContentValues(10184):     at android.os.Looper.loopOnce(Looper.java:205)
E/ContentValues(10184):     at android.os.Looper.loop(Looper.java:294)
E/ContentValues(10184):     at android.app.ActivityThread.main(ActivityThread.java:8176)
E/ContentValues(10184):     at java.lang.reflect.Method.invoke(Native Method)
E/ContentValues(10184):     at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:552)
E/ContentValues(10184):     at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:971)
D/JustpassmeFlutterPlugin(10184): Error
/System.err(10184): androidx.credentials.exceptions.publickeycredential.CreatePublicKeyCredentialDomException: The incoming request cannot be validated
W/System.err(10184):    at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.PublicKeyCredentialControllerUtility$Companion.publicKeyCredentialResponseContainsError(PublicKeyCredentialControllerUtility.kt:287)
W/System.err(10184):    at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.CredentialProviderCreatePublicKeyCredentialController.handleResponse$credentials_play_services_auth_release(CredentialProviderCreatePublicKeyCredentialController.kt:155)
W/System.err(10184):    at androidx.credentials.playservices.controllers.CreatePublicKeyCredential.CredentialProviderCreatePublicKeyCredentialController$resultReceiver$1.onReceiveResult(CredentialProviderCreatePublicKeyCredentialController.kt:92)
W/System.err(10184):    at android.os.ResultReceiver$MyRunnable.run(ResultReceiver.java:50)
W/System.err(10184):    at android.os.Handler.handleCallback(Handler.java:958)
W/System.err(10184):    at android.os.Handler.dispatchMessage(Handler.java:99)
W/System.err(10184):    at android.os.Looper.loopOnce(Looper.java:205)
W/System.err(10184):    at android.os.Looper.loop(Looper.java:294)
W/System.err(10184):    at android.app.ActivityThread.main(ActivityThread.java:8176)
W/System.err(10184):    at java.lang.reflect.Method.invoke(Native Method)
W/System.err(10184):    at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:552)
W/System.err(10184):    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:971)
D/JustpassmeFlutterPlugin(10184): Error
ahmed3elshaer commented 1 year ago

@sbesnard Sure i will clarify more in the docs about the manifest issue, This error seems more related to the relying party, can you show me the json of the public key that you are trying to register with ? it should be printed in the logs before this error 🙏🏼

sbesnard commented 1 year ago

@ahmed3elshaer Are you referring to this ?

I/okhttp.OkHttpClient(10433): {"publicKey": {"rp": {"name": "speech2sense", "id": "speech2sense.accounts.justpass.me"}, "user": {"name": "serge@speech2sense.com", "id": "c2VyZ2VAc3BlZWNoMnNlbnNlLmNvbQ", "displayName": "serge@speech2sense.com For speech2sense"}, "challenge": "3n2SMAUFlMyXpo5rN6jGVanUOaSYeDbt9FaGP8Al5B4", "pubKeyCredParams": [{"type": "public-key", "alg": -7}, {"type": "public-key", "alg": -8}, {"type": "public-key", "alg": -35}, {"type": "public-key", "alg": -36}, {"type": "public-key", "alg": -37}, {"type": "public-key", "alg": -257}], "excludeCredentials": [{"type": "public-key", "id": "U-6ZqZ-Am9iwt7az1-hy8Uhxi9I"}], "authenticatorSelection": {"authenticatorAttachment": "platform", "residentKey": "required", "requireResidentKey": true}}}
mkalioby commented 1 year ago

btw, your doc is down : https://accounts.justpass.me/organization/app/apps/guide/speech2sense/android/ gives a 500

This is fixed.

ahmed3elshaer commented 1 year ago

@sbesnard I'm suspecting that the SHA Fingerprint that you added to your Android settings in the Dashboard was an SHA1, i'm sorry for adding it incorrectly you should use SHA256 instead, i fixed this mistake in the documentation for later users.

To fix the issue go to your organization dashboard, then Android Settings. Add SHA-265 fingerprint for your application to your organization in JustPassMe dashboard.

Note : To get your SHA-265 using CLI follow link Or if you prefer Android Studio use this

Please let me know how it goes 🙏🏼

ahmed3elshaer commented 1 year ago

@ahmed3elshaer Are you referring to this ?

I/okhttp.OkHttpClient(10433): {"publicKey": {"rp": {"name": "speech2sense", "id": "speech2sense.accounts.justpass.me"}, "user": {"name": "serge@speech2sense.com", "id": "c2VyZ2VAc3BlZWNoMnNlbnNlLmNvbQ", "displayName": "serge@speech2sense.com For speech2sense"}, "challenge": "3n2SMAUFlMyXpo5rN6jGVanUOaSYeDbt9FaGP8Al5B4", "pubKeyCredParams": [{"type": "public-key", "alg": -7}, {"type": "public-key", "alg": -8}, {"type": "public-key", "alg": -35}, {"type": "public-key", "alg": -36}, {"type": "public-key", "alg": -37}, {"type": "public-key", "alg": -257}], "excludeCredentials": [{"type": "public-key", "id": "U-6ZqZ-Am9iwt7az1-hy8Uhxi9I"}], "authenticatorSelection": {"authenticatorAttachment": "platform", "residentKey": "required", "requireResidentKey": true}}}

Yeah thanks that helped

sbesnard commented 1 year ago

I did change the SHA1 to SAH256, to no avail...

W/System.err(11008):    at android.os.ResultReceiver$MyRunnable.run(ResultReceiver.java:50)
W/System.err(11008):    at android.os.Handler.handleCallback(Handler.java:958)
W/System.err(11008):    at android.os.Handler.dispatchMessage(Handler.java:99)
W/System.err(11008):    at android.os.Looper.loopOnce(Looper.java:205)
W/System.err(11008):    at android.os.Looper.loop(Looper.java:294)
W/System.err(11008):    at android.app.ActivityThread.main(ActivityThread.java:8176)
W/System.err(11008):    at java.lang.reflect.Method.invoke(Native Method)
W/System.err(11008):    at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:552)
W/System.err(11008):    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:971)
D/JustpassmeFlutterPlugin(11008): Error
[log] onError(AuthenticationBloc, PlatformException(Error, The incoming request cannot be validated, null, null), #0      StandardMethodCodec.decodeEnvelope
ahmed3elshaer commented 1 year ago

@sbesnard Can you show me a full log since app open please ? you can upload it to a text file if it's large, i'm interested in logs from the Android Studio logcat if you can to help me investigate further

mkalioby commented 1 year ago

@sbesnard any update regarding the issue.

sbesnard commented 1 year ago

Hi All, sorry for the late reply. I finally got the extension to work. After clearing everything, I had a problem with the register url not being put in the settings.

There is still something fishy about the management of the secrets on GCP. I tried to create another app for the same firebase project, but on another organisation. After using the cli to install the extension, I get

Error: justpass-me: Found 'projects/xxx/secrets/ext-justpass-me-JUSTPASSME_API_SECRET-hyb/versions/1' for secret param JUSTPASSME_API_SECRET, but this instance was previously using a different secret projects/xxx/secrets/justpass-me-JUSTPASSME_API_SECRET.
Changing secrets is not supported. If you want to change the value of this secret, use a new version of projects/xxx/secrets/justpass-me-JUSTPASSME_API_SECRET.You can create a new version at https://console.cloud.google.com/security/secret-manager?project=xxx

So I just updated manually the value of the initial secret. No big deal, but this process needs to be clarified, and add consistency in you naming convention.