Closed isaac-galvan closed 3 years ago
I too reproduce this issue.
Later, the COVID-19 keys stopped changing, but the other toggles (exposure notification, health provider data) started changing from off to on every time you open the settings screen:
@petyos, my investigation shows that there is something wrong on the backend side. GET https://api.rokwire.illinois.edu/health/covid19/user returns different values for "privateKey" - sometimes the right value but sometimes a previous value of this key.
Please take a look at the attached log. We are interested in the log entries prefixed with "HealthUser:".
The first GET request returns some value (a wrong one):
-----BEGIN PUBLIC KEY-----\r\nMIIBCgKCAQEAizpISgPU7D/iRKGPrcE9Fv/lfqSvaxFOFgdP330BMAPzLk/K4z1CJpl4FlH/WCEGPDb13kUk6MDbIsxPu8nkB3RCRrAu+tJhf63FlbUbtnkXKDNYxTapicEZu4JJoarqKQAj8MBa/Lou7csYdHyEIiJaGF5bfHoKqlOKUiMeuRoU5Aig1z7nlpHLizOIfGHPlfZiaUh1mZfO9XyeiOCGCg5AYI/sosoiehq1x5kOHvSPx6GO/RjcKC2fHOBaPs8i8oFYwPJQIrw0mr9XVfr9rHyr9G/idwlehl+hyulHC9of0dB9+O/094ot1OHN4w6NlZlAfFjnO59Fz9ehLZHmewIDAQAB\r\n-----END PUBLIC KEY-----
The next 3 GET requests returns another value (the right one):
-----BEGIN PUBLIC KEY-----\r\nMIIBCgKCAQEAmV8qRg+Db/UBwHCayhBAfIxRcJyAZLwtHePgyPuk+4K3/qt6GyU7Lx7jBC55SBHGa8cJ7/A5IAqC/muyWeNmleWD3r1cAhwqIvAjI712o3PYomzxf9aWikDjMegiko05nnqJxRX+WqR8tEWpAwbfQLwsEk9SpH/Z5jd65Vp6i2QJor+h4b/ChgrpNcp58LgtroJ68MFQWvwr5nL98R4up0F+nM7XkltDMfOwTjabRgX0BVNpy7Ervh8c+7fZIcE7vsLkCmmR17IzLqz9y7ZujHoW1eAo8jB8ACbDxlWJD/3KhvSo4unk9Bx5EG+TUV4Ve/h7oqDf6uT0+nPAl7P3AwIDAQAB\r\n-----END PUBLIC KEY-----
Then we refresh the RSA key pair and apply the new public key using POST https://api.rokwire.illinois.edu/health/covid19/login API
-----BEGIN PUBLIC KEY-----\r\nMIIBCgKCAQEAgb1Wng8HS+xaCNOdyzsYFcBk7aGj7LBQP/4elUtzLa3DX/3izRNe2MNX6NmQlMR74v1WYiA9hpoHFT+amNZ7fofIfDcmenLNKHUydpiq+N3uE9vJlX8f8z5zpQClwMEPQFVQ33ZjL3OiIIhZiuvrJ/iYW5HAoMukfnQINV7nIo/tRymOonUELntNuJnioJsfAfcHNFB75Yzm/uJ1yeWDovXyY2ukO1J/LFJnyImav6LC6SR5+/b890CKzJtqtKuju7YgmCZ4xFUO2l4GBWcUaITtsbNJgzvXx44QK5A2Ee9ntSboKYzi5slUdUXVetQyH6JGxQVB05ZUBw4FBWRKdwIDAQAB\r\n-----END PUBLIC KEY-----
The next GET request returns the right public key:
-----BEGIN PUBLIC KEY-----\r\nMIIBCgKCAQEAgb1Wng8HS+xaCNOdyzsYFcBk7aGj7LBQP/4elUtzLa3DX/3izRNe2MNX6NmQlMR74v1WYiA9hpoHFT+amNZ7fofIfDcmenLNKHUydpiq+N3uE9vJlX8f8z5zpQClwMEPQFVQ33ZjL3OiIIhZiuvrJ/iYW5HAoMukfnQINV7nIo/tRymOonUELntNuJnioJsfAfcHNFB75Yzm/uJ1yeWDovXyY2ukO1J/LFJnyImav6LC6SR5+/b890CKzJtqtKuju7YgmCZ4xFUO2l4GBWcUaITtsbNJgzvXx44QK5A2Ee9ntSboKYzi5slUdUXVetQyH6JGxQVB05ZUBw4FBWRKdwIDAQAB\r\n-----END PUBLIC KEY-----
The next GET request returns the previous public key from point 3
-----BEGIN PUBLIC KEY-----\r\nMIIBCgKCAQEAmV8qRg+Db/UBwHCayhBAfIxRcJyAZLwtHePgyPuk+4K3/qt6GyU7Lx7jBC55SBHGa8cJ7/A5IAqC/muyWeNmleWD3r1cAhwqIvAjI712o3PYomzxf9aWikDjMegiko05nnqJxRX+WqR8tEWpAwbfQLwsEk9SpH/Z5jd65Vp6i2QJor+h4b/ChgrpNcp58LgtroJ68MFQWvwr5nL98R4up0F+nM7XkltDMfOwTjabRgX0BVNpy7Ervh8c+7fZIcE7vsLkCmmR17IzLqz9y7ZujHoW1eAo8jB8ACbDxlWJD/3KhvSo4unk9Bx5EG+TUV4Ve/h7oqDf6uT0+nPAl7P3AwIDAQAB\r\n-----END PUBLIC KEY-----
Please Note:
NB 1: It is an arbitrary value which a GET request after a POST update will return the previous public key. Sometimes it happens on the second request, sometime on the 5-th. А рandom stuff.
NB 2: I managed to recreate this only on production and not on dev.
There is a Health BB version to be deployed - https://github.com/rokwire/rokwire-terraform/issues/66 Please test when deployed. Thanks!
Hi @petyos @mihail-varbanov we're still seeing an issue with the toggles in the app being inconsistent as shown in the video attached to https://github.com/rokwire/safer-illinois-app/issues/674#issuecomment-880168104.
If you change one of the toggles (off -> on, on -> off) it does not stay the same on later views of the settings screen.
It was fixed in Health BB v2.10.0
The update is Working great. Thanks!
Describe the bug The COVID-10 panel in the Settings page is acting weird with COVID-19 keys. This is in 2.10.31 and 2.10.29
To Reproduce Steps to reproduce the behavior:
Expected behavior It would always read valid and paired.
Screenshots If applicable, add screenshots to help explain your problem. https://user-images.githubusercontent.com/11352701/125674105-59bbe7d7-72e9-4267-833e-da2f61e9e0dd.MP4
Smartphone (please complete the following information):