Access granting URL not working on mobiles.

M-Nasan
Conversationalist

Access granting URL not working on mobiles.

Hey all,

 

I am working on a Laravel project to manage WiFi networks via Meraki APIs. When user registers through the splash page, a verification email is sent to them. When clicking on verify link in the email, the user will be granted access by being redirected to "https://nxxx.network-auth.com/splash/grant?continue_url=https://www.bbc.com/news&duration=3600".

It is working with no problems when account is verified from a computer. The user is redirected to BBC website and given an hour of network access. However, when using a mobile, the user will not be redirected to BBC website but to a blank page with the link above in the address bar and they won't be granted access to the internet. 

 

Any thoughts of why this issue is happening?

 

Thanks in advance.

9 Replies 9
JonnyWinter
Here to help

Hey M-Nasan, 

 

Is this happening on all models of mobile phones or just Android or just iOS? There is a troubleshooting guide here by Meraki - https://documentation.meraki.com/MR/MR_Splash_Page/Splash_Page_Traffic_Flow_and_Troubleshooting

 

With splash page auto redirects, they fail on Android v5.0+ by design (Android design). If the device is set to reject cookies you will also get results like what you are explaining.

 

Take a look and let us know. 

 

Jonny. 

Hey Jonny,

 

Thanks for the reply.

The issue is happening on all mobile devices regardless of the OS or the version. I also checked for allowing cookies and the mobile does allow cookies. I checked the document you have provided and I think it is a little different from what I'm using such as the grant URL. I used this document as reference to write my code (Page 7 exactly).

Moreover, I think it is a session issue. Because when I printed the session in the verifying function I got two completlty different results for verifying by computer and mobile.

 

Computer session print:

"""

'_token' => 'xxxxxxxxxxxxxxxxxxxxxxxxxx', '_previous' => array ( 'url' => 'https://xxxx.tk/verify-email', ), '_flash' => array ( 'old' => array ( ), 'new' => array ( ), ), 'user_data' => array ( 'nodeMac' => 'xx:xx:xx:xx:xx:xx', 'node_id' => NULL, 'branch_id' => 7, 'device_id' => 11, 'network_id' => 7, 'base_grant_url' => 'https://nxx.network-auth.com/splash/grant', 'continue_url' => 'https://www.bbc.com/news, 'client_mac_address' => 'xx:xx:xx:xx:xx:xx', 'client_device_os' => 'Windows', 'client_device_browser' => 'Chrome', 'client_device_type' => 'desktop', 'client_device_brand_name' => NULL, 'client_ip' => 'xx.xx.xx.xx', 'campaign_id' => 29, ), 'grant_token' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', )

"""

 

Mobile session print:

"""

'_token' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', 'user_data' => array ( 'client_mac_address' => 'xx:xx:xx:xx:xx:xx', 'base_grant_url' => 'https://nxxx.network-auth.com/splash/grant', 'client_ip' => 'xxx.xxx.xxx.xxx', ), '_previous' => array ( 'url' => 'https://xxxx.tk/email/verify/126/25422f30b3d58abe2c645fa755f85f19775ff5eb?base_grant_url=https%3A%2F...', ), '_flash' => array ( 'old' => array ( ), 'new' => array ( ), ), )

"""

 

I'm just speculating here, but I think the reason is the mobile opens a webpage view for the splash page (registration page where 'user_data' data is filled) when connecting to the WiFi. Then when clicking on the verify link in the email it opens in the default browser which causing creating a new session. On the other hand, when connecting to a WiFi on the computer, splash page opens in the default browser and naturally verifying email link will open on the same browser too.

 

If this is the reason, what is the value, which exist in the old session, that make the computer request works while the mobile doesn't? 

 

Thanks.

 

Hey Jonny,

 

Thanks for the reply.

 

The issue is occurring on all mobile devices regardless of the OS or the version. I also checked if the mobile device allows cookies and it does. Thanks for the heads up though.

I checked the document you have posted and I think it is somewhat different form what I'm using. I used this document as reference in writing my code. Moreover, I think it is a session issue because I tried printing the session in the verify function and I got two completely different results for mobile and computer.

 

I'm just speculating here, but when connecting on a WiFi via mobile the splash page (Registration page) is opened in a web view. Then when verify link is clicked in the email, it opens in the default browser, which cause creating a new session. On the other hand, when connecting on a WiFi via a computer, the splash page is opened on the default browser directly, which most cases is also used for verifying too.

 

If this is true, then what makes the old session works while the new one doesn't?

 

Thank you.

M-Nasan
Conversationalist

Please Ignore this post. Because the one before it with prints got marked as spam I posted this. But they are essentially the same thing.

Good morning,

 

Okay, so I have an idea to test this. Are you able to copy the registration link - the URL (https://xxxx.tk/email/verify/126/25422f30b3d58abe2c645fa755f85f19775ff5eb?base_grant_url=https%3A%2F...) - and paste/go it in the browser the registration originally happened in? That way you should be able to test to see if it is a session thing. When looking at the session there is a lot less data for mobile. Not sure if that's a major worry - I couldn't find any clear documentation to see what is required/what isn't. Also, have you opened a Meraki case?

 

Thanks,

 

Jonny.

Good Morning Jonny,

 

That's the issue actually. I cannot go to where the registration originally happed because it is just a web view, which the mobile device opens automatically when connecting to a WiFi that has a splash page, and not an actual browser. So it does not really save any cookies or data. This is an image of it:

20210125_122130.jpg

The data is less in mobile session is not really an issue. It is just because the session is new so the data stored during the registration in the old session is not there. To be honest, I don't really care if it is a new session or the old one. My goal is to get the same behavior on the mobile as in the computer (redirecting to continue_url and give network access to the client). To achieve that, I need to know what exactly is required for it. However, I looked around a lot, and same as you, I could not find any clear information regarding what is and isn't required.

 

I have not opened a Meraki case. I am kinda new to Meraki so could you please point me to where I can open one?

 

Thank you.

 

Nasan.

Heya,

 

Is there any chance you can pass the data from the one browser session over to the server in some payload and then pass it back to the new browser session? Could be some query strings or in some database? I.e. POST from my client could send more data - make sense?

 

To open up a case, you can go to the dashboard, log in go to Help > Get Help in the top bar. From here select MR or API/Webhooks then select Still Need Help and give them a call. 

 

Hope this all helps!

 

Jonny.

Hey Jonny,

 

Yes I got your point. I tried to store session data in the database upon registration and then repopulate the new session with that data but it also did not work. Which is really weird, because the only difference between the processes of validating from a mobile and computer is the session. Otherwise, every thing else is identical email service provider, used route, function, ...etc 

 

Thank you very much. I'll try to open one today.

 

Thanks.

Hey M-Nasan,

 

No worries. Let me know how you get on. I'm invested! Cheers.

 

Jonny.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels