We work on a google cloud print integration and need to connect to google talk via oauth2.
While testing the smack library I could not login to talk.google.com with the auth error response of incorrect-encoding.
On investigating the issue I found it seems to be related to a double base64 encoding of the authentication text. (I’m no expert in smack so I might be wrong) Here is what I think is going on:
SASLXOauth2Mechanism.getAuthenticationText():
encodes the authentication text to a base64 encoded byte array with
Base64.encode(toBytes(’\u0000’ + authenticationId + ‘\u0000’ + password));
This would be Base64.encode(byte[] ) for the first time.
SASLMechanism.authenticate():
Calls the SASLXOauth2Mechanism.getAuthenticationText() to get the authentication text as a byte array.
It then converts the byte array to a string with Base64.encodeToString(byte[])
Base64.encodeToString(byte[]):
Before calling the String constructor it calls Base64.encode(byte[] ) on the byte array input argument.
This would be Base64.encode(byte[] ) for the second time.
So as far as I can see the authentication text is double base64 encoded and hence the incorrect-encoding issue. (google can’t find the ‘\u0000’ separators)
When I replaced the original SASLXOauth2Mechanism.getAuthenticationText() with the simple line
return toBytes(’\u0000’ + authenticationId + ‘\u0000’ + password);
The login returned with a success message.
Yes the fix worked for me.
On a side note I used 4.1.7 and the switch to 4.2.0 had a little hick up.
Before I could test the fix I got a “java.security.KeyStoreException: Uninitialized keystore” exception.
So I needed to set XMPPTCPConnectionConfiguration.builder().setKeystoreType(null) to get it working.
As a user I would have expected it to just run with the default value for this advanced setting.
Nonetheless… Thank you very much for the fast response and fix.