android icon indicating copy to clipboard operation
android copied to clipboard

Published 20 hours ago verified publisher icon gotify

Unsupported special characters in password

Open glamax13 opened this issue 3 years ago • 3 comments

Expected result: to be able to login with the credentials defined in with the browser interface.

Actual result: the android application tells me that it doesn't find matching credentials on the server.

Hi, First and foremost thanks a lot for this really usefull app! I love to be able to monitor my RaspberryPi health just by reading notifications on my phone.

It isn't a blocking issue but i thought that i would report it in order to prevent others to spend too much time on this.

Those are the steps to reproduce the issue:

  • I have a gotify server with a publicly accessible interface and an administrator account.
  • I changed the account password to this: 5aCx5€V)MDU{%AV0}v68 (nextcloud password generation)
  • Logs in fine with the browser based interface but doesn't find a match with the android app.
  • Switched to a alphanumeric only password and it works just fine everywhere.

Here are the android logs:

2021-03-03T19:08:33.490Z ERROR: Error while api call Code(401) Response: {"error":"Unauthorized","errorCode":401,"errorDescription":"you need to provide a valid access token or user credentials to access this api"} at com.github.gotify.api.Callback$RetrofitCallback.onResponse(Callback.java:74) at retrofit2.ExecutorCallAdapterFactory$ExecutorCallbackCall$1$1.run(ExecutorCallAdapterFactory.java:71) at android.os.Handler.handleCallback(Handler.java:883) at android.os.Handler.dispatchMessage(Handler.java:100) at android.os.Looper.loop(Looper.java:237) at android.app.ActivityThread.main(ActivityThread.java:8167) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:496) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1100)

Additional informations: I tested with the latest docker version and the app has been updated on 14 Feb 2021.

glamax13 avatar Mar 03 '21 19:03 glamax13

Nice catch!

OkHttp, a library for making http requests actually uses ISO 8859-1 as default charset for encoding the authorization basic auth header. (okhttp Credentials source).

This charset doesn't include the euro symbol -> gotify thinks you're using the wrong password.

jmattheis avatar Mar 03 '21 20:03 jmattheis