App Engine Security Scan do not support custom auth on AngularJS application [112066301]

Assigned

Feature Request

Status Update

No update yet.

Description

mt...@mansonthomas.com

created issue #1

Aug 1, 2018 11:55AM

Hi,

I've an angularjs application(1.6.8) with a login/password field.
It uses JWT (Json Web Token).

When creating a security scan, I provide login URL, username, and password.
I get a login error message, while my application logs shows a success.

On authentication success, I use the following code to redirect the browser to the main page:

$location.path('/');

The console should give more details about the auth failure and document how to be able to pass the security scan. (I'm willing to make adjustment to allow my app to be scanned)

Regards,
Thomas.

Comments

kn...@google.com <kn...@google.com> Aug 2, 2018 01:57AM

Assigned to kn...@google.com.

kn...@google.com <kn...@google.com> #2Aug 2, 2018 07:33PM

Thanks for the report. I will route this to the appropriate internal team and update this when I hear back from them.

kn...@google.com <kn...@google.com> Aug 2, 2018 07:35PM

Status: Won't Fix (Intended Behavior)

mt...@mansonthomas.com <mt...@mansonthomas.com> #3Aug 3, 2018 05:46AM

One more detail, Data Layer event calls from the watch to the phone (running Android 13) do work on if the listener is in an Activity or Fragment.

kn...@google.com <kn...@google.com> #4Aug 3, 2018 10:41PM

Status: Assigned (reopened)

Also, I'm seeing this message in the Logcat:

"2022-06-12 18:47:15.156 1841-4562/? W/PackageManager: Intent does not match component's intent filter: Intent { act=com.google.android.gms.wearable.BIND_LISTENER"

be...@google.com <be...@google.com> #5Aug 9, 2018 09:25PM

Experiencing the same issues, please see my other report for any useful logs:

https://issuetracker.google.com/issues/235673375

mt...@mansonthomas.com <mt...@mansonthomas.com> #6Aug 10, 2018 08:13AM

+1, can confirm it doesn't work on Android 13:=

2022-07-15 11:26:15.023   589-5347  PackageManager          pid-589                              W  Intent does not match component's intent filter: Intent { act=com.google.android.gms.wearable.BIND_LISTENER cmp=xxx/xxx.WatchMessageReceiver }
2022-07-15 11:26:15.023   589-5347  PackageManager          pid-589                              W  Access blocked: ComponentInfo{xxx/xxx.WatchMessageReceiver}
2022-07-15 11:26:15.023   589-5347  ActivityManager         pid-589                              W  Unable to start service Intent { act=com.google.android.gms.wearable.BIND_LISTENER cmp=xxx/xxx.WatchMessageReceiver } U=0: not found

be...@google.com <be...@google.com> #7Aug 10, 2018 11:21PM

Note that I've been able to make it work by:

Adding <action android:name="com.google.android.gms.wearable.BIND_LISTENER" /> in the intent filter
Removing <data android:scheme="wear" android:host="*" />

But I feel like this is not something we should do