Change User-Agent to pymyq #54
Conversation
Addresses a symptom of arraylabs#53
Chamberlain is blocking the User-Agent "okhttp/3.10.0" Root cause of arraylabs#53
hstern
changed the title
|
I can confirm by patching the |
|
We have a lot of issues with the user agents, there's this PR in the sleepyq repo: technicalpickles/sleepyq#17 I'm not a dev but could something like this be implemented to myq? |
|
Homebridge devs updated their myq plugin and have already solved this issue for all their users. They did not hardcode a new user-agent mouse for the Chamberlain cat to chase...
Now I don't know if they are using this same pymyq or something else, but the point is this is a great idea. |
Nope, they have their own implementation of the API. Here's the line where they're setting a random user agent. I don't know much about Python, but after a quick Google search it seems we could achieve the same thing like so: ''.join(random.SystemRandom().choice(string.ascii_uppercase + string.ascii_lowercase + string.digits) for _ in range(20))I tested this out by importing |
|
Do we know what user agent the official client uses? |
Which official client? Back in June (#44) I determined (by using a MITM proxy, IIRC) that the Android client was specifying "okhttp/3.10.0". That got us another 6 months. Whatever we change it to, they could block it next week. If I get time, I might try to figure out how to do the MITM proxy thing again. |
|
@dseven FWIW it worked fine without a User-Agent header at all. |
I will get this for iOS later today. |
That's a fair point. Although if they are still using "okhttp/{version}" it may be worth following along as they may just be updating as they update their library dependencies. But you are right that there's no gauarantee that they won't start using some other approach to pretend to improve security. |
|
Not great news, I think they are using certificate pinning on iOS. I can't mitm the myq app and all requests just fail. |
|
So how do I implement a temporary change (by changing the User Agent as discussed in this thread) in my Home Assistant running on a Raspberry PI? I have SSH installed and have browsed the directory structure, but I don't seem to have the same paths as discussed in this thread. It's really annoying that Chamberlain intentionally changes their API to disable HA and other home automation platforms. It would be really nice if we could just communicate directly with the garage door opener. |
This didn’t work ? docker exec -it homeassistant sed -i 's/okhttp/3.10.0/pymyq/g' /usr/local/lib/python3.8/site-packages/pymyq/api.py |
I don't use it in a docker container, I use it on a Raspberry PI. It doesn't even have that /usr/local/lib/python3.8 directory. I don't have any problem editing a file, if I can find it. |
That won't work - too many |
|
Yeah, the |
|
Might it maybe be easier to update the manifest.json instead? That should then result in the newer version of pymyq being pulled upon restart.
|
So back to my original question, how do I perform this update on a Raspberry PI that is not running HA in Docker? |
looked at the apk with apktool, looks like it was switched to http/3.12.1 Old App: smali_classes2/m/a/f.smali: const-string v0, "okhttp/3.10.0" |
|
Interesting. My assumption (guess) all along is that they are blacklisting user-agent's as a way to force app users to update to the latest version (probably to reduce support load from people reporting issues with old versions), and not some great conspiracy to thwart our efforts. |
|
yep that's my guess. Glad I didn't send the nasty-gram e-mail I was planning to send yesterday :) |
|
this worked perfect (for now)... thanks for the sed command |
@rockford622 Are you using "Home Assistant Operating System" (HassOS) on that Raspberry Pi? If so, you really do have Docker containers, and that /usr/local/lib/python3.8 directory is encapsulated within the homeassistant "core" container. However, the default SSH won't allow you to interact with Docker; you need to disable 'Protection mode" to be able to use the docker commands.
Then you when you use SSH, you should be able to see the containers: |
Yes, I am. I don't see how to disable Protection Mode from the SSH dashboard. This is what my SSH dashboard looks like. There is nothing under the Configuration section either that relates to Protection Mode.
|
install the "SSH & Web Terminal" add-on. You're running a different SSH add-on. |
|
Guys, you've totally hijacked a pull request that fixes a problem in the pymyq code, and turned it into a "how do I hack the python code used by various types of home assistant installations?" If you don't know how to hack the fix in, I suggest waiting a few days until the various components (pymyq, homeassistant core, docker containers, homeassistant OS, etc.) pick up the fix, then update using the officially supported mechanism applicable to your installation. |
Thank you, got the correct one now. |
This fixed it for me! Thanks!!! |
Myq began blocking the
User-Agent: "okhttp/3.10.0"header on 16/12/2020. This pull request changes theUser-Agenttopymyqand fixes an UnboundLocalError that confused the issue.