05-08-2023 19:29 - edited 05-08-2023 19:31
05-08-2023 19:29 - edited 05-08-2023 19:31
I've been fighting with this off and on for a couple of days but I just figured out what the problem was. If I open the Fitbit authorization link with an Android Chromium-based browser (ie., Google Chrome, Vivaldi, etc) the page will not submit the data. This only occurs specifically with mobile Chromium browsers, the desktop versions and mobile Firefox are not affected. I have only tested this with OAUTH2.0 application-type personal using the Implicit Grant Flow. I do not know enough about this to know if the issue could be due to the redirect URI and I don't have another one to test with so I cannot check that.
Reproduction:
example of the link used
<https://www.fitbit.com/oauth2/authorize?response_type=code&client_id=#####&redirect_url=https://tasker.joaoapps.com/auth.html&prompt=login&scope=activity+cardio_fitness+electrocardiogram+heartrate+location+nutrition+oxygen_saturation+profile+respiratory_rate+settings+sleep+social+temperature+weight>
if you want to set up your own version of that link to test with here are the Fitbit register an app form items:
05-09-2023 09:17
05-09-2023 09:17
Hi @Drasiel
When implementing the authorization flow, are you using custom tabs on Android or a webview?
Gordon
05-09-2023 14:31
05-09-2023 14:31
Neither. I was using the mobile browser. I had a lot of issues with authentication through the HTTP response get/post (still trying to figure out a way to send checkbox info through the HTTP Post body properly to avoid this whole issue) and the inbuilt HTTP Auth method just opens your web browser, not a webview or custom tab. Since I didn't pay for the plugin that lets you use webview I couldn't even use it with the HTTP response get/post. So I cut out the middlemen and was using the actual mobile browser directly to travel to that link to figure out what was going wrong.