Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to Log in to Account managers via weak/main account keys on Android Devices #6082

Open
MrGrappleMan opened this issue Feb 14, 2025 · 4 comments
Open

Unable to Log in to Account managers via weak/main account keys on Android Devices #6082

MrGrappleMan opened this issue Feb 14, 2025 · 4 comments
Labels
C: Client OS: Android
Milestone
Client/Manager

Comments

@MrGrappleMan
Copy link

Describe the bug

Attempting to log in to any account manager using a weak or main account key fails on Android devices. The issue occurs when trying to authenticate through BOINC’s account manager system.

Steps to reproduce

  1. Open the BOINC client on an Android session.
  2. Select "Use account manager"
  3. Use Science United or in fact any other account manager.
  4. Enter the weak/main account key for authentication in "User" field like the desktop versions.
  5. Observe that login fails, as no password is supplied. The manager outright denies a login attempt w/o a password.

Expected behavior

The Android manager should detect that the user is attempting to log in via an account key if no password is input. Like the desktop version, an appropriate request about an account key should be called to the respective server.

Screenshots

No response

System information

OS: Android 14 aarch64
API Level: 34
BOINC version: 8.0.4

Additional context

No response
@AenBleidd AenBleidd added this to the Client/Manager milestone Feb 14, 2025
@davidpanderson
Copy link
Contributor

Account managers aren't BOINC projects; they don't use account keys.

@MrGrappleMan
Copy link
Author

MrGrappleMan commented Feb 15, 2025
edited
Loading

Science United, the account manager itself has a page that describes the usage of weak account keys. This works on desktop based distributions and thus, primarily for guest machines. https://scienceunited.org/su_weak_auth.php instructs to perform changes manually in /var/lib/boinc/ to achieve logins without exposure of account details.

Weak or main account key logins apply to both manually added projects and account managers.

@davidpanderson
Copy link
Contributor

Science United does. But not account managers in general.

@MrGrappleMan
Copy link
Author

Science United does. But not account managers in general.

Unsure about Gridcoin, GRCPool or whatever the real name of the account manager is, but even BAM has a provision:
https://www.boincstats.com/bam/account/

Strangely, in BAM, using the weak authenticator in the username field of the Desktop versions works. Science United requires an email explicitly, forcing the user to follow the unconventional method of manually creating files. I have not tried connecting the PC version of the manager to the Android client, or rooted android and manually adding the appropriate files to BOINC's data directory. The Android client can have the capability to do so, yet is limited by the native manager.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C: Client OS: Android
Projects
Client/Manager
Status: Backlog
Milestone
Client/Manager
Development

No branches or pull requests
3 participants
@davidpanderson @AenBleidd @MrGrappleMan