cwa-app-android
cwa-app-android copied to clipboard
corona-warn-app
PCR-Test QR-code invalid (QR-Code ist ungültig)
Avoid duplicates
- [x] Bug is not mentioned in the FAQ
- [x] Bug is specific for Android only, for general issues / questions that apply to iOS and Android please raise them in the documentation repository
- not sure about this.
- [x] Bug is not already reported in another issue
Describe the bug
After scanning the QR-Code from an official Corona-Warn-App paper from the doctor the app shows the error: "QR-Code ist ungültig".
Expected behaviour
The app should accept the QR-Code.
Steps to reproduce the issue
- Click on "Wurden Sie getestet?"
- Click on "Weiter"
- Click on "Dokument mit QR-Code"
- Cllick on Einwilligungserklärung "Erlauben"
- Accept that the warn app can access the camera "ZULASSEN"
- Scan the QR-Code
Technical details
- Mobile device: Huawei P10 lite
- Android version: 8
Possible Fix
I don't know if it is an issue of the app, backend or any other part of the process.
Additional context
- The QR-Code was NOT scanned from another phone.
- The QR-Code was from an official piece of paper which explicitly meantioned the Corona-Warn-App.
- The FAQ: https://www.coronawarn.app/de/faq/#qr_test doesn't help:
In einigen Fällen kann es vorkommen, dass Sie einen QR-Code erhalten haben, der nicht mit dem Testabrufsystem der Corona-Warn-App kompatibel ist bzw. nicht für den Abruf des Tests freigeschaltet wurde. What does "nicht für den Abruf des Tests freigeschaltet" mean? Who has to do this?
Related to: corona-warn-app/cwa-documentation#400.
Internal tracking ID: EXPOSUREAPP-2403 Internal tracking ID: EXPOSUREAPP-3546 extra slash
Hi @DannySchumann
There is a hot topic open on this issue under https://github.com/corona-warn-app/cwa-documentation/issues/400.
"nicht für den Abruf des Tests freigeschaltet" refers to processing of the checkbox on the form shown in https://github.com/corona-warn-app/cwa-documentation/issues/400#issuecomment-669937832 "Das Einverständnis des Versicherten zum Übermitteln des Testergebnisses für Zwecke der Corona-Warn-App auf den vom RKI betriebenen Server wurde erteilt. Dem Versicherten wurden Hinweise zum Datenschutz ausgehändigt."
Did you get tested at a doctor's practice or by the health authority (Gesundheitsamt)? The form is slightly different for the Gesundheitsamt, where it replaces "Versicherten" with "Getesteten" in the above text. It also uses the different term at the top of the form with the QR code you should have received, where it says Name, Vorname des ...... (I'm just going by the information on https://www.kbv.de/html/1150_46778.php by the way.)
Good luck for the result of your test anyway!
Dear Mike, i am reporting on behalf of someone else. The test was done at the doctor's practice. Do one need to wait until the test was received by the laboratory before the code can be scanned? This is not mentioned anywhere, so i expect one is able to scan the code regardless of what checkbox is filled on a piece of paper which cannot be known by the system at scan-time. The upper part of the form was filled by the docter. Has the doctor to register the code in the system before handing it out?
Hi there is no wait for the laboratory you can scan the test immediately. You can also scan the code regardless of the checkbox. This error appears when the QR Form was copied and not newly generated or it is not a valid QR Code for the CWA because of a mistake of the creator. Can you provide me a photo of the QR code via email?
@DannySchumann
I sent the QR-Code to @thomasaugsten and now waiting for feedback.
Thanks for keeping us updated! It will be interesting to hear what was causing the problem scanning the QR code.
I re-read the full FAQ article Probleme mit dem QR-Code that you referred to and I realized that the text part that you quoted wasn't describing your problem, but instead was related to a problem after a QR code has been successfully scanned. So I made a suggestion in https://github.com/corona-warn-app/cwa-website/issues/549 about making the FAQ article easier to understand.
Edit: There is now a new article https://www.coronawarn.app/en/faq/#qr_scan "I get an error while scanning the QR code. What can I do?" which deals only with scanning issues to make it clearer.
The feedback from @thomasaugsten was that:
- The CR-Code was wrong generated
- It is known that wrong generated QR-Codes are out there
- App version 1.6 should accept these wrong generated QR-Codes (so this is also an App issue)
I think it is not acceptable that affected practices are not informed about that issue and that they handing out wrong QR-Codes every day. It should be also mentioned in the FAQs that there is the possibility of wrong generated codes at all.
Anyhow i appreciate the quick feedback of @thomasaugsten.
The feedback from @thomasaugsten was that:
* The CR-Code was wrong generated * It is known that wrong generated QR-Codes are out there * App version 1.6 should accept these wrong generated QR-Codes (so this is also an App issue)I think it is not acceptable that affected practices are not informed about that issue and that they handing out wrong QR-Codes every day. It should be also mentioned in the FAQs that there is the possibility of wrong generated codes at all.
Anyhow i appreciate the quick feedback of @thomasaugsten.
Version 1.6.1 on Samsung S 10+ with latest Android still has this issue. There is also no new version 1.7 in the Google Store (I saw somewhere on the CWA-Github that there is a new version).
The GP says that some codes only become "visible" after they have been processed by the labs. They also say that they have quite a lot of calls where people report the same issue.
Can you confirm that version 1.6.1 still has not resolved the issue, and/or post a work-around until the issue resolved?
A
This issue can have multiple reasons. Wrongly generated QR Codes, photocopied QR Codes our try to scan this more than once.
All QR codes are valid you will receive a result when the qr code have been processed by a test lab.
Hi Thomas
I can confirm that it can only be a wrongly generated qr code. The cases "photocopy" and "multiple scans" can be excluded - both don't apply here.
In some other post, I saw the issue is capitalization of letters. Is this still an issue?
Here are the prefixes:
https://localhost//?AD1ED0-... https://localhost//?AD1ED0-BEBEEB0B-17C2-48E3-B0B1-6D323704DA63 https://localhost//?C11462-... https://localhost//?C11462-09897507-3FCD-4894-A6E7-5185DBF14BF7
/Is there a workaround, like manually lowercasing the URL and feeding it back to CWA?// /
A
On 27.11.20 18:49, Thomas Augsten wrote:
This issue can have multiple reasons. Wrongly generated QR Codes, photocopied QR Codes our try to scan this more than once.
All QR codes are valid you will receive a result when the qr code have been processed by a test lab.
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/corona-warn-app/cwa-app-android/issues/1551#issuecomment-734936536, or unsubscribe https://github.com/notifications/unsubscribe-auth/AD2BQSYBOEEF55TZOGS3ZFLSR7RC7ANCNFSM4TMR4V6A.
@ascherp
Here are the prefixes:
https://localhost//?AD1ED0-...
There was mention in https://github.com/corona-warn-app/cwa-app-android/pull/1514#issuecomment-721084587 of invalid QR codes which contained two backslash characters after the local host i.e. https://localhost//? instead of https://localhost/? like the ones you have posted.
The https://github.com/corona-warn-app/cwa-app-android/pull/1514#issuecomment-721084587 refers to the solution in https://github.com/corona-warn-app/cwa-app-android/pull/1524. I don't know whether the comment means that // is supposed to be accepted or not. Unfortunately I'm unfamiliar with regex. Perhaps @harambasicluka could clarify?
There is a wishlist item https://github.com/corona-warn-app/cwa-wishlist/issues/227 concerning manual entry of a QR code using the alphanumeric string printed under the QR code, but that is still in status of being wished for.
Thanks for the link. Indeed, the bug is very annoying as it unnecessarily delays the entire process.
A good offline-tool to quick-fix the localhost// problem for yourself is to use https://wiki.ubuntuusers.de/QtQR/. In version 1.7.1 of the app, upper/lower case is not an issue anymore, but the two // after localhost are still a problem. Example, if you have https://localhost//?AD1ED0-... a tiny modification to https://localhost/?AD1ED0-... will do the trick.
I have updated the solution description.
A
On 29.11.20 11:21, Mike McCready wrote:
@ascherp https://github.com/ascherp
Here are the prefixes: https://localhost//?AD1ED0-...There was mention in #1514 (comment) https://github.com/corona-warn-app/cwa-app-android/pull/1514#issuecomment-721084587 of invalid QR codes which contained two backslash characters after the local host i.e. https://localhost//? instead of https://localhost/? like the ones you have posted.
The #1514 (comment) https://github.com/corona-warn-app/cwa-app-android/pull/1514#issuecomment-721084587 refers to the solution in #1524 https://github.com/corona-warn-app/cwa-app-android/pull/1524. I don't know whether the comment means that // is supposed to be accepted or not. Unfortunately I'm unfamiliar with regex. Perhaps @harambasicluka https://github.com/harambasicluka could clarify?
There is a wishlist item corona-warn-app/cwa-wishlist#227 https://github.com/corona-warn-app/cwa-wishlist/issues/227 concerning manual entry of a QR code using the alphanumeric string printed under the QR code, but that is still in status of being wished for.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/corona-warn-app/cwa-app-android/issues/1551#issuecomment-735371190, or unsubscribe https://github.com/notifications/unsubscribe-auth/AD2BQS6AWWEOD5OJ6HZPJ23SSIOCVANCNFSM4TMR4V6A.
Dear @ascherp, @MikeMcC399,
Thanks for the detailed analysis. We will bring up the 'QR code: extra slash' issue (EXPOSUREAPP-3546) to the developers together with the suggestion https://github.com/corona-warn-app/cwa-wishlist/issues/227.
Best wishes, DS
Corona-Warn-App Open Source Team
There was mention in #1514 (comment) of invalid QR codes which contained two backslash characters after the local host i.e. https://localhost//? instead of https://localhost/? like the ones you have posted.
I can confirm the bug, I had exactly the same issue as described in the bug by @DannySchumann
The error was caused by a malformed URI in the QR-code containing two slashes (not back slashes) instead of one, e.g https://localhost//?AD1ED0..., after the localhost part.
Reading the QR-Code with my camera app, copying the URI, fixing the double slash issue and generating a new QR-code with a valid URI with a single slash allowed me to scan the code within the CWA without issues and I got my result immediately.
@misterjupiter Can you please provide the name of the test lab via email
@misterjupiter Can you please provide the name of the test lab via email
Not yet, I was tested at a local doctors office. But since I'm gonna call them in the morning, just to verify that I got the correct result in the CWA, I'll ask about the lab and get back to you.
I have had an issue similar to this, but the code was already scanned (I scanned it) but after a phone update the code disappeared from the app and I wanted to rescan it, but that wasn't possible. Maybe remove this restriction that tests can only be scanned once?
@ShoofLLC
... the code was already scanned (I scanned it) but after a phone update the code disappeared from the app and I wanted to rescan it, but that wasn't possible. Maybe remove this restriction that tests can only be scanned once?
It's a problematic restriction that you can only scan your own code once. According to https://www.coronawarn.app/en/faq/#qr_test the reason is privacy:
"If you have already scanned the QR Code, it unfortunately cannot be scanned a second time, nor is it possible to delete a previously entered QR Code and scan it in again. We have to make sure that only one phone can scan the QR Code and transmit its diagnostic keys. For privacy reasons, we cannot store the phone's ID, so the QR Code is only valid for one scan."
@ShoofLLC
... the code was already scanned (I scanned it) but after a phone update the code disappeared from the app and I wanted to rescan it, but that wasn't possible. Maybe remove this restriction that tests can only be scanned once?
It's a problematic restriction that you can only scan your own code once. According to https://www.coronawarn.app/en/faq/#qr_test the reason is privacy:
"If you have already scanned the QR Code, it unfortunately cannot be scanned a second time, nor is it possible to delete a previously entered QR Code and scan it in again. We have to make sure that only one phone can scan the QR Code and transmit its diagnostic keys. For privacy reasons, we cannot store the phone's ID, so the QR Code is only valid for one scan."
Maybe the app can assign the google ad-id to a test (the ad-id can be changed if the user wants to) .
Hi @ShoofLLC,
Thanks for contributing here.
~~It is now possible to scan the QR code twice.~~
- It is NOT possible to scan the QR code more the once.
- The TeleTan can only be used to enter a positive test result
- I.e. in principle, that once you have used the QR code, but it has disappeared from the CWA (due to a phone update apparently), there is no way to obtain a test result via the CWA
In the meantime, this can a workaround: https://www.coronawarn.app/en/faq/#QRcodes, i.e. try to obtain a new QR code from the verification hotline. However, we will raise this issue internally and figure out if it makes sense to adapt procedures.
Best wishes, DS
Corona-Warn-App Open Source Team
@dsarkar
~~* It is now possible to scan the QR code twice~~
~~Does that mean any number of times or only once or twice?~~
In the meantime, this can a workaround: https://www.coronawarn.app/en/faq/#QRcodes, i.e. try to obtain a new QR code from the verification hotline. However, we will raise this issue internally and figure out if it makes sense to adapt procedures.
A QR code has to be associated with a Corona test for it to have a meaning. I don't understand how the verification hotline could issue a replacement QR code: only the lab handling the Corona test could do that. Could you please clarify how this would work?
Edit: clarified this was due to a typo.
Typo: now ==> not in previous comment https://github.com/corona-warn-app/cwa-app-android/issues/1551#issuecomment-745266898
We will come back to you on this issue.
@dsarkar
Typo: now ==> not in previous comment
Thank you for the correction, as this completely changed the meaning of the sentence to almost the opposite!
There was mention in #1514 (comment) of invalid QR codes which contained two backslash characters after the local host i.e. https://localhost//? instead of https://localhost/? like the ones you have posted.
I can confirm the bug, I had exactly the same issue as described in the bug by @DannySchumann
The error was caused by a malformed URI in the QR-code containing two slashes (not back slashes) instead of one, e.g https://localhost//?AD1ED0..., after the localhost part.
Reading the QR-Code with my camera app, copying the URI, fixing the double slash issue and generating a new QR-code with a valid URI with a single slash allowed me to scan the code within the CWA without issues and I got my result immediately.
I checked a bit on the Regex logic in https://github.com/corona-warn-app/cwa-app-android/blob/main/Corona-Warn-App/src/main/java/de/rki/coronawarnapp/service/submission/QRScanResult.kt Here is a version of the prefix part, that should be tolerant to using either one or two slashes aftere the "localhost" piece:
^(?:https:\/\/localhost\/\/?\?)
You can test drive it e.g. on https://regex101.com/ with some nice explanation provided. Please notice, that this for using this in a Java string literal one needs to escape the regex escape character once more, so the expression would look like this:
"^(?:https:\\/\\/localhost\\/\\/?\?)"
Also as a work arround you can generate your own QR-code using the Google API and the hex code beneath the QR-Code as described in my post here: https://github.com/corona-warn-app/cwa-wishlist/issues/302#issuecomment-752749343
We have to respect the Technical Guideline KBV for this form, at the moment we cannot deviate from this guideline
@thomasaugsten ... and I hope very much that this KBV Technical Guideline does not forbid you to implement a manual input for the code as an alternative / fallback See https://github.com/corona-warn-app/cwa-wishlist/issues/227
@thomasaugsten
We have to respect the Technical Guideline KBV for this form, at the moment we cannot deviate from this guideline
Do you have a link to the Technical Guideline available? Is it perhaps this one?
LEITFADEN ZUR IMPLEMENTIERUNG MUSTER 10C/E UND MUSTER OEGD/E ~~15. DEZEMBER 2020 VERSION: 1.04~~ 19. MÄRZ 2021 VERSION: 1.05 https://update.kbv.de/ita-update/Blankoformulare/10C_OEGD/KBV_ITA_VGEX_Implementierungshinweise_10C_OEGD.pdf
Hi,
I had a look at section "3 2-D BARCODE if the document mentioned above. What it does (in respect of our discussion) is to specifiy how to generate the barcode on the print out. It also confirms that the GUID needs to be written in clear text beneath the barcode and therefore will be available for manual entry. So there is nothing in this document stopping us from implementing a manual GUID capture feature in the app. What could happen however is that due to a typo a wrong GUID is used. The same however might occur if someone uses the barcode generation workaround I descibed and that's something you can't prohibit any way.
I'd suggest the following: I have cloned main branch of "cwa-app-android" and will give it a try in the next few days to add this in a local experimental branch. Not sure however how far I get since Android development is rather new to me but I am very happy to learn something NOT using Spring :-). If I am successfull I will update you.
So I had my dose of CWA code deep dive over the weekend and the more I look at it the more I think that it will take some time to do this properly and nut just as a "dirty hack".
One aspect is the decision where to actually place the manual data entry. From my point of view it could be at the bottom of "fragment_submission_qr_code_scan" because this way there is no need to replicate or refactor logic in "SubmissionQRCodeScanViewModel.kt". "validateTestGUID" could be used in the same way as it is done for scanned GUIDs.
The other aspect is about how to implement the input for the GUID itself. Rather than using a simple "EditField" it might be worth to have dedicated GUID.kt / GUIDInput.kt classes similar to what has been implemented for Tan capture. The latter would allow reuse in case manual GUID capture is also required in other use cases. What do you think?