obtaining token from pre_auth endpoint failes

[freeflyk]

Hello.

I'm currently trying to integrate the notify_push functionality into the NextcloudServices App for Android. Using the username/password authentication works fine. However, I do have some issues obtaining a token using the pre-authorization mechanism. In detail, sending an authenticated request to the pre_auth endpoint (/apps/notify_push/pre_auth) via the Nextcloud singlesignon API fails with the http status code 412 and the error message "CSRF check failed".

As shown in the code example, I would expect to POST an authenticated request to the endpoint obtained from the capability-endpoint to receive the token that I can then use to create the websocket connection.

import com.nextcloud.android.sso.aidl.NextcloudRequest;
import com.nextcloud.android.sso.api.NextcloudAPI;

Map<String, List<String>> header = new HashMap<>();
LinkedList<String> values = new LinkedList<>();
values.add("application/json");
header.put("Accept", values);
header.put("Content-Type", values);

NextcloudRequest request = new NextcloudRequest.Builder().setMethod("POST")
            .setUrl(Uri.encode("/apps/notify_push/pre_auth", "/"))
            .setHeader(header)
            .build();

API.performNetworkRequest(request);

It would be great if you could help me on how the pre_auth mechanism is supposed to work to obtain the required token. The notes for developers simply state that I should make an authenticated request to the endpoint to obtain the token.

Best, freeflyk.

[icewind1991]

should be fixed with 0.6.7