Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adapter for firebaseinstallations.googleapis.com #73

Open
baltpeter opened this issue May 3, 2024 · 5 comments
Open

Adapter for firebaseinstallations.googleapis.com #73

baltpeter opened this issue May 3, 2024 · 5 comments
Assignees
@baltpeter
Labels
adapter

Comments

@baltpeter
Copy link
Member

Endpoint URL: https://firebaseinstallations.googleapis.com/v1/projects/*/installations

Sample requests:
@baltpeter baltpeter self-assigned this May 3, 2024
@baltpeter
Copy link
Member Author

baltpeter commented May 3, 2024
edited

Official documentation on the Firebase Installations API/SDK:

@baltpeter
Copy link
Member Author

The body has a fid parameter (e.g. "fid":"ejj4195USJykejcWxX3K3J"). That is the Firebase installation ID.

@baltpeter
Copy link
Member Author

Urgh. In the new monkey run, we have a request where the body is not JSON but JS. -.-

https://data.tweasel.org/data/requests/monkey-april-2024,49780

{fid: 'eicruEJCM8UPXoL66P16PG', appId: '1:722550545529:android:82c62205f0ef0ea96608a8', authVersion: 'FIS_v2', sdkVersion: 'o:a:mlkit:1.0.0'}

But looking at the headers, it seems like that was sent manually by the app developer, not by the SDK, lol.

x-goog-api-key: AIzaSyCFwAkppu5iTGrHIwJWrCVELOrpKO6DDUg
content-type: application/json; charset=utf-8
content-length: 141
accept-encoding: gzip
user-agent: okhttp/3.12.13

baltpeter added a commit that referenced this issue May 3, 2024
@baltpeter
Fixes #73: Adapter for Firebase Installations SDK
21d372c
baltpeter added a commit that referenced this issue May 6, 2024
@baltpeter
Fixes #73: Adapter for Firebase Installations SDK
34a5132
zner0L pushed a commit that referenced this issue Jun 7, 2024
@baltpeter @zner0L
Fixes #73: Adapter for Firebase Installations SDK
052905d
@baltpeter baltpeter mentioned this issue Jun 7, 2024
Merged
@zner0L zner0L closed this as completed in 07dfa18 Jun 7, 2024
@zner0L
Copy link
Contributor

zner0L commented Jun 10, 2024

While testing the TrackHAR web UI, I found that the x-firebase-client header actually contains more information than just the SDK version. In a run I did with the co.gocrush app (HAR file of the run) it contained a base64-encoded and gzipped JSON, which also encoded the device name, a date, the os version and name, as well as the device model and manufacturer (decoded in Cyberchef):

{
    "heartbeats": [
        {
            "agent": "android-target-sdk/32 fire-transport/18.1.2 kotlin/1.6.21 android-installer/ fire-core/20.1.0 fire-cls/18.2.9 fire-fcm/23.0.3 fire-android/33 device-name/sdk_gphone_x86_64 fire-installations/17.0.1 fire-analytics/20.1.2 device-brand/google android-platform/ android-min-sdk/21 device-model/emu64xa",
            "dates": [
                "2024-06-10"
            ]
        }
    ],
    "version": "2"
}

@zner0L zner0L reopened this Jun 10, 2024
@baltpeter
Copy link
Member Author

More importantly, we'll need to filter out (#46) H4sIAAAAAAAAAKtWykhNLCpJSk0sKVayio7VUSpLLSrOzM9TslIyUqoFAFyivEQfAAAA (and possibly others?).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@baltpeter baltpeter

Labels
adapter
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@baltpeter @zner0L