Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVF code entry broken due to changes to Amazon Login #24

Closed
kennedn opened this issue Nov 11, 2020 · 9 comments
Closed

CVF code entry broken due to changes to Amazon Login #24

kennedn opened this issue Nov 11, 2020 · 9 comments

Comments

@kennedn
Copy link

kennedn commented Nov 11, 2020

It seems that Amazon has recently changed its Login Security such that the CVF code usually supplied via email to verify a new login has been replaced with a system that lets the user click a link and either allow or deny the login attempt.

This has broken the CVF flow in the Audible API:

  • The function check_for_cvf no longer fires due to a new HTML layout. A div with id cvf-page-content doesn't exist anymore:

    Audible/src/audible/login.py

    Lines 110 to 112 in a1a7041

    def check_for_cvf(soup):
    cvf = soup.find("div", id="cvf-page-content")
    return True if cvf else False
  • The code entry system no longer works, I am unsure if the /ap/cvf/verify endpoint is still used in Amazon's new Login flow. The page does some sort of polling and actually supplies the URL it will redirect you to once it detects that authorization has occurred. I am currently tinkering myself to try and figure out a way forward.
@mkb79
Copy link
Owner

mkb79 commented Nov 11, 2020

Hi,

Thank you for opening this issue. I‘ve tried it around 20 times with disabled 2FA to login on my US and DE account. I don’t be asked for a cvf code or I get a mail with an activation link.

So I can‘t replay your issue at this moment. It would be very helpful if you have the body of the html webpage which appears, when retrieving such a mail.

Best regards

@kennedn
Copy link
Author

kennedn commented Nov 11, 2020

Hiya,

I've attached an example of the html returned for a CVF prompt:

cvf.zip

Happy to test any code fixes / provide additional information if it's helpful.

Regards,

@mkb79
Copy link
Owner

mkb79 commented Nov 11, 2020

Thank you, that helps a lot. I‘ve implement a routine to detect this type of approval alert. Now I will implement a function for a workaround.

I will commit this when it’s ready.

@mkb79
Copy link
Owner

mkb79 commented Nov 11, 2020

Can you try this branch if this solves the new approval alert.

@kennedn
Copy link
Author

kennedn commented Nov 11, 2020

Confirmed working, thanks for the speedy response! Was able to make Amazon present the CVF prompt by changing my location with a VPN.

Apologies for the delay, I encountered another bug with that specific branch that was throwing me off for a time. I am using the API to pull down the activation_bytes file from audible and was getting the following stacktrace:

Traceback (most recent call last):
File "authenticator.py", line 13, in
auth.get_activation_bytes("/home/kennedn/Documents/AudibleAuthenticator/AudibleActivation4.sys")
File "/home/kennedn/Documents/AudibleAuthenticator/Audible/src/audible/auth.py", line 386, in get_activation_bytes
return get_ab(self, filename)
File "/home/kennedn/Documents/AudibleAuthenticator/Audible/src/audible/activation_bytes.py", line 100, in get_activation_bytes
player_token = get_player_token(auth)
File "/home/kennedn/Documents/AudibleAuthenticator/Audible/src/audible/activation_bytes.py", line 39, in get_player_token
player_token = extract_token_from_url(resp.url)[0]
File "/home/kennedn/Documents/AudibleAuthenticator/Audible/src/audible/activation_bytes.py", line 18, in extract_token_from_url
return query_dict["playerToken"]

But after reverting activation_bytes.py to the one present in the master branch I was able to login and pull them down.

@mkb79
Copy link
Owner

mkb79 commented Nov 11, 2020
edited

That sounds great that this is working for you. And I don’t thought to use a VPN to test it. Thanks for your hint!

Because your other issue with the activation bytes (ab). You are requesting the ab after a fresh login with LoginAuthenticator or you are use the FileAuthenticator with credentials from a previous registered device. In last case it’s important to know one thing. The function to request the activation bytes uses website cookies to authenticate. If you register a device to one marketplace you will get the website cookies only for this top level domain range. So if you switch over to another marketplace, the website cookies don’t work for the new one.

@mkb79
Copy link
Owner

mkb79 commented Nov 11, 2020

I‘ve solved the issue with v0.5.dev and requesting activation bytes. There where some errors when using website cookies retrieving from a fresh login with my auth_flow method. Website cookies from registered device worked fine. Thanks for this information.

@kennedn
Copy link
Author

kennedn commented Nov 11, 2020

Oh crap I forgot to mention, there was a small typo on one of the lines, soup should be login_soup:

Audible/src/audible/login.py

Line 242 in c7fbeeb

url = soup.find_all("a", class_="a-link-normal")[1]["href"]

As for the activation_bytes.py. I got the error from a fresh LoginAuthenticator auth.

@mkb79
Copy link
Owner

mkb79 commented Nov 11, 2020

Thank you. I solved this issue. I wrote it with my iPhone, so I didn’t saw this.

@kennedn kennedn closed this as completed Nov 28, 2020
@mkb79 mkb79 mentioned this issue Dec 2, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kennedn @mkb79