search

woocommerce / woocommerce-android

WooCommerce Android app
https://www.woocommerce.com/mobile
GNU General Public License v2.0
264 stars 133 forks source link

Login failures when using site credentials due to URL redirections. #11931

Open ThomazFB opened 1 week ago

ThomazFB commented 1 week ago

Issue

During the authentication steps using the Application Password credentials, some redirections might happen as the URL changes between http and https.

Currently, our network request API is not configured to pass forward the request header, making the credentials unavailable and failing the authentication process.

Possible solutions

The solution for this can be achieved from two approaches:

  1. Use a request header forwarding strategy inside the ApplicationPasswordsNetwork by supplying the RequestQueue with the name custom-ssl-custom-redirects. However, this would require deeper research on any potential regressions.

  2. Make changes to how we infer https websites. WCiOS already treats all websites as SSL-ready and displays an error for sites that don't. Android could follow the same approach.

dangermattic commented 1 week ago

🚫 Please add a type label (e.g. type: enhancement) and a feature label (e.g. feature: stats) to this issue.