Unable to Upload to Garmin

[20TomTom]

Passwords and everything checked. Garmin has had an update ....

[lolo406]

I have the same problem

[ajayrana1310]

Same problem.

[talexop]

same problem.

[Maarty]

Garmin recently changed authentication to OAuth, it first did not affect the endpoint for .fit upload, but probably now it does.
Some inspiration on how to make this work can be found in this lib https://github.com/matin/garth/tree/main

[rakatika]

Anyone manage to solve this?

[Maarty]

I am not a Java developer, but if someone wants to fix this, basically, following the pattern in this lib https://github.com/matin/garth/tree/main you need to do the following steps:

1. get the correct cookies and "ticket" - already done in app/src/main/java/org/kochka/android/weightlogger/tools/GarminConnect.java
2. Get OAuth1 token:
   • GET request to https://connectapi.garmin.com/oauth-service/oauth/preauthorized/?ticket={ticket}&login-url=https://sso.garmin.com/sso/embed&accepts-mfa-tokens=true
   • "User-Agent" header = "com.garmin.android.apps.connectmobile"
   • "Authorization" header = OAuth XXXXXXXXXX where XXX is a standard OAuth1 header. Consumer key and consumer secret are here https://thegarth.s3.amazonaws.com/oauth_consumer.json
3. Exchange OAuth1 token for OAuth2 token
   • POST request to https://connectapi.garmin.com/oauth-service/oauth/exchange/user/2.0
   • "User-Agent" = "com.garmin.android.apps.connectmobile"
   • "Accept-Encoding" = "gzip, deflate"
   • "Accept" = "/"
   • "Authorization" header = OAuth XXXXXXXXXX - standard OAuth1 header with retrieved OAuth1 token from step 2
4. In step 3 you receive an OAuth2 token, which then can be used in all API requests as a Bearer token in the Authentication header

The OAuth2 token has a classic expiration, and it can be refreshed by a refresh token, or regenerated by exchanging the OAuth1 token again (that one has a 1-year expiration).
Also, in the API url stop using modern/proxy in the path and that will work.

[eniac2000]

Same problem here

[Selduro]

I do have the same Problem. Uploading the generated .fit-File via the linked python client is possible. I do lack the ability to integrate this new process into the app, though. I would really appreciate a solution that's as convenient as the app was before.

[mikelikesspam]

This app has 50k+ downloads on Google Play. I'd happily pay for an upgraded app that supported 2fa and sync to Garmin. Surely there are enough people willing to buy a cup of coffee to make this worthwhile for a new developer to pickup.

@matin - I don't know you so forgive me plugging you here, but this seems like a trivial fix for you. Your code is already cited above.

[matin]

@kochka I'm pretty terrible at Java, but I'm happy to provide guidance or help in any way. It looks like @Maarty outlined the correct auth flow perfectly. Are you up for making the change or at least reviewing a PR?

[matin]

@matin - I don't know you so forgive me plugging you here, but this seems like a trivial fix for you. Your code is already cited above.

@mikelikesspam no forgiveness required 😄. Always happy to help in any way I can!

[Syntax753]

Created an initial draft PR for these changes following your excellent insights @matin ! Still WIP and imagine I need to handle the cookies returned after signin..

Any insights would be fantastic - and happy holidays if this goes in to next year :D

https://github.com/kochka/WeightLogger/pull/69

[kochka]

@matin I'm not a Java developer neither, I did this app back in the day to fit my needs 😅 I'm currently really busy but I'll try to help, and of course, @Syntax753, I will merge and publish a PR.

[Syntax753]

@kochka ! Good to see you! I wasn't sure how active the repo was but just looking into getting the oAuth requests working and then hopefully submitting a working PR 😄

My background is Java/Maven (4 years ago) but not Android/Gradle - though with your existing work, @matin's OAuth skills, and my typin,g we should get there 👍😄

[kochka]

@Syntax753 Good luck with that 😄 If you do not figure out the last bits to make it works, I'll try to find some time during the WE to help.

[jesperuc]

Would it be possible to Add a paid version/ pro version so we can support the development of the app (actually just this one service - upload to Garmin Connect :-) )

looking forward to this will hopefully be fixed one day.

[Syntax753]

I got side-tracked since the New Year with work so did not manage to complete the fix. I am a bit confused by the flow unfortunately :(

On Wed, 7 Feb 2024 at 12:45, jesperuc @.***> wrote:

Would it be possible to Add a paid version/ pro version so we can support the development of the app (actually just this one service - upload to Garmin Connect :-) )

looking forward to this will hopefully be fixed one day.

— Reply to this email directly, view it on GitHub https://github.com/kochka/WeightLogger/issues/68#issuecomment-1931973272, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFIVGG7N2EEXXD45P5TCM53YSNZNRAVCNFSM6AAAAAA6NVJATGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSMZRHE3TGMRXGI . You are receiving this because you were mentioned.Message ID: @.***>

[jesperuc]

That's completely fair - I think we all now that situation now and then :-)

Unfortunately I dont have the knowledge on coding to provide my help.

[Maarty]

@Syntax753 if you need any help, I can guide you with the flow, unfortunately, I am not very familiar with Java/Android.
Following the flow I wrote in the comment above should be enough. You need to implement steps 2-4. For constructing the Oauth1 header you can find any tutorial on how it should look, or you can use a library - For example here https://oauth.net/1/ are a few libraries also for Java.
Basically, the header should look something like this "OAuth oauth_consumer_key="{consumerKey}",oauth_signature_method="{signatureMethod}",oauth_timestamp="{timestamp}",oauth_nonce="{nonce}",oauth_version="{version}",oauth_signature="{signature}"

You should feed the library with the Oauth1 token, consumer key and consumer secret. And it should return you the whole header. Basically, it calculates the signature, which is some HMAC-SHA1 hash created from the provided input.

[Syntax753]

Thanks Martin!

I have a branch with what I believe should work but I couldn't quite get it working. I can try and revisit this when I get some time.

On Mon, 19 Feb 2024 at 12:49, Martin @.***> wrote:

@Syntax753 https://github.com/Syntax753 if you need any help, I can guide you with the flow, unfortunately, I am not very familiar with Java/Android. Following the flow I wrote in the comment above should be enough. You need to implement steps 2-4. For constructing the Oauth1 header you can find any tutorial on how it should look, or you can use a library - For example here https://oauth.net/1/ are a few libraries also for Java. Basically, the header should look something like this "OAuth oauth_consumer_key="{consumerKey}",oauth_signature_method="{signatureMethod}",oauth_timestamp="{timestamp}",oauth_nonce="{nonce}",oauth_version="{version}",oauth_signature="{signature}"

You should feed the library with the Oauth1 token, consumer key and consumer secret. And it should return you the whole header. Basically, it calculates the signature, which is some HMAC-SHA1 hash created from the provided input.

— Reply to this email directly, view it on GitHub https://github.com/kochka/WeightLogger/issues/68#issuecomment-1952383230, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFIVGG57TR2IQO4HDG324JLYUNC4VAVCNFSM6AAAAAA6NVJATGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNJSGM4DGMRTGA . You are receiving this because you were mentioned.Message ID: @.***>

[louisjennings]

I got the auth flow working a few days ago (and recently added support for MFA) on a branch based on @Syntax753's work.

My most recent commit is able to successfully upload files to Garmin and I am currently running a debug build on my phone. I need to clean up the code and add support for saving and refreshing authentication. Once that is done, I'd be happy to get the changes merged in.

If you don't have MFA (multi factor authentication/two factor authentication) on your account, the current state of the code should be workable. As I haven't yet added support for OAuth2 refresh, if MFA is enabeld, you'll have to enter an MFA code every time you upload (which could be annoying).

I don't plan on releasing APKs on my forked repo unless I'm unable to get the changes merged into this repo. If you want the changes before the PR is merged, you can build from source.

The branch can be found here: https://github.com/louisjennings/WeightLogger/tree/unable-to-upload-to-garmin-%2368

(I'm not a Java/Android developer, so I'd welcome a review from someone with Android development experience)

[Syntax753]

Great work! The project is alive (just niche :)) so a PR should be picked up

On Wed, 21 Feb 2024, 09:07 louisjennings, @.***> wrote:

I got the auth flow working a few days ago (and recently added support for MFA) on a branch based on @Syntax753 https://github.com/Syntax753's work.

My most recent commit is able to successfully upload files to Garmin and I am currently running a debug build on my phone. I need to clean up the code and add support for saving and refreshing authentication. Once that is done, I'd be happy to get the changes merged in.

If you don't have MFA (multi factor authentication/two factor authentication) on your account, the current state of the code should be workable. As I haven't yet added support for OAuth2 refresh, if MFA is enabeld, you'll have to enter an MFA code every time you upload (which could be annoying).

I don't plan on releasing APKs on my forked repo unless I'm unable to get the changes merged into this repo. If you want the changes before the PR is merged, you can build from source.

The branch can be found here: https://github.com/louisjennings/WeightLogger/tree/unable-to-upload-to-garmin-%2368

— Reply to this email directly, view it on GitHub https://github.com/kochka/WeightLogger/issues/68#issuecomment-1956190451, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFIVGG7Q7AX47Z5AMRZUQFTYUW2MTAVCNFSM6AAAAAA6NVJATGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNJWGE4TANBVGE . You are receiving this because you were mentioned.Message ID: @.***>

[Syntax753]

I've reviewed your changes @louisjennings and they look very good to me! Can a PR be raised @kochka?

[kochka]

@Syntax753 Yes of course !

[Petr-Mi]

I don't know if this will help, but there is solution in this repository - https://github.com/lswiderski/mi-scale-exporter

[Petr-Mi]

Any news?

[atavius]

@kochka Are there any updates when new version with this fix will be released?

[kochka]

I didn't receive any PR, it was a work in progress.

[atavius]

Ok I am a bit confused as it seem to me that the fix is available based on comments. @louisjennings Is your branch working? If so can you create PR for Kochka?