Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Gracefully handle authentication error as a result of requiring ToU acceptance #25

Closed
robberwick opened this issue Sep 27, 2024 · 2 comments

Comments

@robberwick
Copy link

When Abbott change the Terms of Use for the LibreLinkUp app, the login (and possibly all) requests will respond with a specific payload indicating that the user needs to accept those terms of use before they can proceed.

Currently, this is reported by the client as a Fetching connections failed: 401 Client Error: Unauthorized for url: ... error (see: #24 ). This error is misleading and leads the user to believe that there is a credentials problem, which is not the case.

If instead the client responded with a more specific error when the ToU acceptance response is received, then they could quickly identify and remediate the issue.

At the moment, this probably means logging out and back into the mobile application, whereupon they can accept those terms, and then normal operation is restored via this client. Ideally, the client would optionally hit the ToU acceptance endpoint automatically, but in the short term, a more useful error would go a long way.

If it's useful, the response I captured when using PyLibreLinkUp was in the form :

{
  "status": 4,
  "data": {
    "step": {
      "type": "tou",
      "componentName": "AcceptDocument",
      "props": {
        "reaccept": true,
        "titleKey": "Common.termsO...uYW5kcm9pZCIsImV4cCI6MTcyNzI4MjI2OH0.ljyu3U22kDhINqNLX7hTxWWfBVN57_zR2jJayMDmYaA",
        "expires": 1727282268,
        "duration": 3600000
      }
    }
  }
}
@khskekec
Copy link
Contributor

Totally agree. I would go with a non misleading error message first and expand it afterwards. How can I reproduce this for development?

@robberwick
Copy link
Author

My understanding is that If the response to the login request has status: 4, then the app looks for the value for type in the step object. That can be either 'tou' or 'pp', both of which need to be responded to with a call to {API_URL}/auth/continue/{type}.

I think the easiest way to test the response handling in code is to mock that endpoint and have it return the json in the issue description above.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants