API error 401 since yesterday #166
Comments
|
I'm having the exact same issue 3/3/2021, 9:18:16 AM [DysonPureCoolPlatform] Error while signing in. Status Code: 401 I'm using HOOBS 3.3.3, the version of the Dyson firmware is the latest: 1.8.7 all installed on a Raspberry Pi |
|
They really seem to have changed something. The release information for the latest update of the Dyson iOS app say something about new interface for room climate devices (https://apps.apple.com/de/app/dyson-link/id993135524). It also states changes to authentification (2 step auth). |
|
same here [3/3/2021, 5:16:27 PM] [DysonPureCoolPlatform] Error while signing in. Status Code: 401 |
|
A workaround that just worked for me was to log out of the latest iOS app, log back in, then reboot homebridge. |
Indeed, works here as well. Thanks. |
|
If I have the Dyson app running on multiple devices, I assume that most likely I have to do this in all of them. Do you only run it on one device?
… Am 04.03.2021 um 04:18 schrieb Jake Mauer ***@***.***>:
A workaround that just worked for me was to log out of the latest iOS app, log back in, then reboot homebridge.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
|
This is what I get since yesterday: |
Hi @jakemauer, I tried that but no luck EDIT: correction, logging out/in via iOS app, restarting Homebridge fixes it for me. It just takes a few minutes |
Not working for me... anyone else still having issues? |
did you wait a few minutes? |
My assumption is logging in to one of the apps should do it. What happens when you try? |
Are you on the latest app version? I had to supply a two-factor code sent to my email before I could login to the iOS app, which is new behavior I think. |
|
Logout and login, there providing the additional auth. code sent by mail from Dyson and then a reboot of Homebridge did it for me as well! It was sufficient to do it on one iOS device.
… Am 04.03.2021 um 18:53 schrieb Jake Mauer ***@***.***>:
If I have the Dyson app running on multiple devices, I assume that most likely I have to do this in all of them. Do you only run it on one device?
…
Am 04.03.2021 um 04:18 schrieb Jake Mauer @.***>: A workaround that just worked for me was to log out of the latest iOS app, log back in, then reboot homebridge. — You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe.
My assumption is logging in to one of the apps should do it. What happens when you try?
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
|
Looks like the main requirements is re-authenticating via the official app, and getting that code via email. |
At what point did you waited? after login off on the mobile app? before login back in at the app? before login in on the plugin? how long did you waited? |
yes, latest version, and yes I had to add the code sent to my email and yes that's new... |
|
I actually got it working, for some reason the region acronym didn't match my region, I don't think I changed that recently I believe it was like that since I installed the plug-in for the first time. Not sure if the API was actually validating that, but it seems it is now. Anyways I changed to the right region and it's working now. Thank everyone for the help provided. |
|
I'm seeing the same thing. I've tried troubleshooting steps that others have recommended, but no luck. |
Following the latest Dyson iOS app update from yesterday, this trick doesn't work anymore. |
|
So you are saying that it worked when you were on App version 5.0.21060, and after you installed 5.0.21061 it stopped working?
I am on 5.0.21060 and it still works so far.
… Am 05.03.2021 um 09:10 schrieb Arnaud de Theux ***@***.***>:
Looks like the main requirements is re-authenticating via the official app, and getting that code via email.
It's not really 2fa, but lols more like they're marking the email address as verified once this is done.
Following the latest Dyson iOS app update from yesterday, this trick doesn't work anymore.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
Not 100% sure but it was working fine until ~11pm yesterday. This morning the app was updated on my iPhone, and since then I got error 400 in HB again. |
|
I had same issue. Logged out of app and back in with new code. started working again... Was doing work on my homebridge so multiple restarts and started doing it again... Logged out of app and back in with new code and it is working again.. Seems there is a timeout of sorts. |
|
Mine is working fine since yesterday, when I fixed the region code I was already in the latest version of the app |
|
I updated now and it still seems to be working.
… Am 05.03.2021 um 11:02 schrieb Arnaud de Theux ***@***.***>:
So you are saying that it worked when you were on App version 5.0.21060, and after you installed 5.0.21061 it stopped working? I am on 5.0.21060 and it still works so far.
…
Not 100% sure but it was working fine until ~11pm yesterday. This morning the app was updated on my iPhone, and since then I got error 400 in HB again.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
|
If you can't sign in or sign up, this is what I got from Dyson Support after spending hours on the phone and web chat: |
Not really related to this issue. |
|
Asked them if this is relevant to Dyson Link, they said yes.
… On Mar 5, 2021, at 4:54 PM, Arnaud de Theux ***@***.***> wrote:
If you’d like to place an order, we’d suggest checking out as a guest for the time being, alternatively you’re certainly welcome to create a new online Dyson account with a different email address.```
Not really related to this issue.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub <#166 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABDVUCLXIJEYMVWFLUSS4XTTCEEFTANCNFSM4YQXIEWQ>.
|
|
I've had to log out of Dyson link, create a new account with a new email, re-pair the device and then I was able to use my new credentials in this plugin config. All works now. |
|
Whoops I already deleted all logs when I reinstalled. Other ideas?
…On Sat, Mar 27, 2021 at 14:59 Mike ***@***.***> wrote:
I found the credentials in the homebrige.log and used it in the Homebridge
config, this made it work for me
Can you explain where to find the credentials in the log file. I see some
text saying that they will be upcoming in the log. But I don't see the
actual credentials.
@rohrkemper <https://github.com/rohrkemper> you need to go back in the
log until the last time the plugin connected successfully, there it prints
the credentials. if you cycle your logs or don't archive it, you will not
see this information until you are able to login again
It looks something like:
"Credentials for device with serial number NN2-EU-YXZ are: eyJTZXJpYW..."
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#166 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ADHVYSYOLRVLTZ4JNUCKDB3TFXQF7ANCNFSM4YQXIEWQ>
.
|
|
Decided to give it a go: There are a postman collection and
P.S. Look at Update - April 7 2021: After @coraxx pointed out that this Postman collection works I went ahead and verified it. And indeed it started working now. You can get credentials manually in Postman and Dev can update the plugin. P.S. It is better to store the credentials in the plugin settings (existing feature is off by default) so you don't have go thru this process every time unless credentials get compromised. |
|
@sweetw0r Did you manage to get this to work? Is this a way of extracting your machines credentials, I didn't know mine before the 2FA . |
|
I USE TP06 [DysonPureCoolPlatform] Device credentials not stored, asking Dyson API. If you want to prevent communication with the Dyson API, copy the credentials for each device from the coming log entries to the config.json. |
|
I got the same error, but finally managed to get it working like this:
|
|
Is there no other way to retrieve your credentials, tried time and time again to time to mobile app login and Homebridge restart; to no avail |
|
@tkaudioservices Make sure your phone and homebridge are in the same network, so presenting same outer IP to Dyson API. Like that (and only like that) it worked for me. |
|
Could be that it's simply unrealiable and not actually as time-sensitive as I thought, i.e., retry a few times, and also wait some time between retries since I think it blocks you for too many failed attempts. |
|
Still need to figure out that final call to receive credentials. I suspect it is to Can somebody with Java knowledge look at this syntax to figure out the request scheme? sources/p033c3/C1545d.java |
|
Looks like the secret here is the wifipassword of the device printed on the manual / sticker on the front of the fan. It is first hashed (SHA512) and then base64 encoded. that is the “password” that you can also fetch with the manifest API: However, this alone is not sufficient as the value for the “credentials” field for the plugin. Looking at the source it is the base64 encoded JSON stringified apiConfig (as fetched from the manifest endpoint) with the addition of a “password” field to represent the sha512 hashed / base 64 encoded json string. see (here)[https://github.com/lukasroegner/homebridge-dyson-pure-cool/blob/7287ae32d1e947242ab5c7655a79d3adbe3a2bf6/src/dyson-pure-cool-platform.js#L240] and (here)[https://github.com/lukasroegner/homebridge-dyson-pure-cool/blob/7287ae32d1e947242ab5c7655a79d3adbe3a2bf6/src/dyson-pure-cool-platform.js#L268] For me this was: It is possible to log in using the new authentication flow (that requires the 2FA email). I followed this comment to figure out how to do that. It looks like you can circumvent the authentication with dyson completely if you have the wifi password (and other information you can get mostly from dyson link). It appears that the plugin is only using part of the information it gets from the manifests API: in particular the fields I was able to do the following given that I know the serial (from sticker or dyson link), name (from dyson link), version (software version in dyson link), product type (from the front sticker final 3 digits of product SSID) and wifi password. Hopefully that helps someone who has been struggling to the re-auth flow to work. |
|
@sweetw0r I just quickly played around with the new API calls a bit (in python). This is how you could login with the 2FA and receive a token. Though I do not know how new API calls look like using this token. If someone is interested, here some pseudo code (working but no logic combining them): import requests
# This checks if the user/email exists
url = 'https://appapi.cp.dyson.com/v3/userregistration/email/userstatus'
params = {'country': 'DE'}
payload = {'Email': 'XYZ@domain.tld'}
headers = {'user-agent': 'android client'}
r = requests.post(url, params=params, headers=headers, json=payload, verify = False)
# returns something like:
# {"accountStatus":"ACTIVE","authenticationMethod":"EMAIL_PWD_2FA"}
print (r.text)
# This will trigger sending the email with 2FA code
url = 'https://appapi.cp.dyson.com/v3/userregistration/email/auth'
params = {'country': 'DE'}
payload = {'Email': 'XYZ@domain.tld', 'Password': 'SecretDysonAccountPassword'}
headers = {'user-agent': 'android client'}
r = requests.post(url, params=params, headers=headers, json=payload, verify = False)
# returns something like:
# {"challengeId":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"}
print (r.text)
# Get the challenge id from previous call and the 6 digit code from the 2FA email
url = 'https://appapi.cp.dyson.com/v3/userregistration/email/verify'
params = {'country': 'DE'}
payload = {'Email': 'XYZ@domain.tld', 'Password': 'SecretDysonAccountPassword', "challengeId":"result from previous call", 'otpCode': '6 digit code received via email'}
headers = {'user-agent': 'android client'}
r = requests.post(url, params=params, headers=headers, json=payload, verify = False)
# returns something like:
# {"account":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx","token":"xxxxx-xxxxxxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxx","tokenType":"Bearer"}
print (r.text) |
|
Small update: after getting the token, all old API calls work as expected. Authentication is changed from "Basic" to "Bearer": url = 'https://appapi.cp.dyson.com/v2/provisioningservice/manifest'
params = {'country': 'DE'}
# token id which gets returned after sending the 2FA code in the form of xxxxx-xxxxxxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxx
headers = {'user-agent': 'android client', 'Authorization': 'Bearer xxxxx-xxxxxxxxxxxxx_xxxxxxxxxxxxxxxxxxxxxxx'}
r = requests.get(url, params=params, headers=headers, verify = False)
# returns all your dyson products
print (r.text) |
Has anyone successfully pieced this together to receive Credentials? |
|
Yeah, it's very much just a proof of concept though I successfully got my Dyson fan credentials. Sadly my JavaScript knowledge is very limited, otherwise I would offer a pull request. |
|
@tkaudioservices I have successfully gone though the new authorization flow (V3) using curl and used the final returned bearer token to fetch the “password”. That password can be generated without having to do the auth flow if you have your wifi password (as printed on the sticker on the front / in the manual). Unfortunately, that is not sufficient to generate the “credentials” as required by the plugin though. You’ll have to encode that password (and a few other bits of information properly) to generate one of these. |
|
Thanks @coraxx Just updated my original #166 (comment) Here is an example of response for |
|
I suspect there's something else going on as well. I've got credentials for my devices stored (to avoid the API) and even though the manifest localCredentials (gotten with the 2fa/token process above) still match the creds I had stored, they no longer seem to base64 decode as they did. I haven't dug too far in yet, though; I thought it was an issue of attaching the bearer token to the device comms as well as to the API, but the plugin is failing at what appears to be the config-credential decode step. |
|
Signing into the Dyson app again and Homebridge at the same time didn't work. I've sent a negative survey to Dyson over the new app. Hopefully we can find a work around with this change Dyson did to break the API. |
|
I think I have a version ready #177 for the plugin. Only "problem" is, that it is not a nice user experience ^^ First you have to start the homebridge to retrieve the challengeID in the log. Copy that into the config, as well as the one time password code you get via email. Then it should work fine from there on. I just tested it and I can still logout and log back in with 2FA on my smartphone, as well as restarting the homebridge after that. Only problem is, when you have too many API calls in a short time. Dyson API has quite the hard API rate limiting. |
This fix worked for me |
|
Workaround, Log out of the app on the phone. Then restart homebridge. Let homebridge login. Then log back into the app. I am good to go now. |
|
I think the log out / log back in steps are overkill. I've now gone to the 'credentials' method. |
|
Update Dyson API.postman_collection.json with |
|
I finally had some time to find a viable solution for 2FA. With the help of @sweetw0r and @coraxx I added a separate flow for retrieving the credentials for all your devices. The plugin now has a small website where you can retrieve the credentials by logging into the Dyson account. The plugin no longer directly communicated with the Dyson API. New version 2.0.0 is live on npm. Let me know that you think. I haven't tried the non-2FA flow, as my account has already been migrated to 2FA, however, the old flow is also implemented in the "website" for retrieving credentials. |
|
None of these approaches helped.
|
I follow EXACTLY all steps and it worked!! Among the hundreds of methods to get the credential, only this one works! |
and others
Seems like authentication is failing again, I guess Dyson changed something again?
The text was updated successfully, but these errors were encountered: