Recaptcha implemented on Medtronic website #48
Comments
|
Did some reading in the other repo's making a non official login. :) Consensus seems that technically we should steer away with logging in all the time, and move to a session based token. https://github.com/Hartman5/recaptchaV3-Bypass i'm still quite a novice when it comes to Python development and a complete newbie for HomeAssistant integrations. :-) |
|
Guten morgen . Meine Anmeldung funktioniert auch nicht. Hat jemand eine Lösung? |
|
There might be a quick and dirty solution, it still needs some testing. |
How this? |
|
Medtronic added extra parameters in their API. Basically the token number of the captcha function. However any value provided gives access. |
|
i got it patched locally by adjusting the api.py file Just add an extra line at row 202 with this content ""g-recaptcha-response":"abc"," This is certainly not a permanent solution, but it does get the job done for me.. (running 4 hours without problems)
|
|
Habe das gerade gemacht . Funktionierte sofort. Danke . Werde es mal testen . |
This didnt work for me ..... |
|
After the update a restart of home assistant is needed |
|
If you are copy and pasting copy this "g-recaptcha-response":"abc", |
|
|
|
even after multiple restarts |
|
|
|
I think here the difference is that in my case i had a running installation with a valid config. From the screenshots it seems yours is a new installation. So this quick one line patch is not enough to make it consistent for new installations |
|
I just created release 2023.10.0 with this fix. |
actually been using for a long time, but it suddenly stopped and tried diffrent methods ( including deleteing it and reinstalling ) |
|
after the update, I cant reconnect again, even though i checked on other methods to loging (ipad / iphone)
|
|
Are there any errors in the logs? And what version of Home Assistant are you running? |
|
Traceback (most recent call last): |
|
My version |
File "/usr/local/lib/python3.11/site-packages/httpx/_models.py", line 1148, in getitem |
|
Guten morgen . Seid heute morgen geht die Anmeldung wieder nicht mehr. Gibt es eine Lösung? Liebe Grüße hofi1310 |
|
the latest error |
|
@ozaibi It's seems the login fails. I'm not sure why but maybe you can try if you can make a dump of your data using https://github.com/ondrej1024/carelink-python-client. It's much easier to test your credentials and the login using ondrej's cli. |
|
I will give it a try and get back to you |
|
Sadly the python Client also does not work anymore. |
|
this is really sad as i am dependent on it as a critical alarm for the whole house |
|
I understand Medtronic is not ok with all the scraping on their api as it creates a lot of traffic. But they really should just open up their api for personal use. Every patient using Carelink should be able to use their own data in the application of their choice. |
|
@hhuitema Yes you're right. Medtronic is now checking the captcha. My local installation stopped working too. Privacy wise this is really bad. Now Medtronic sends a lot of info about users login in at Carelink. I really do not want to share with google anything about my medical state or the tools I use to manage it. Why not add a Facebook pixel too? |
|
Indeed Medtronic is limiting access to their carelink functions, probably because they think this might have a relationship to the issues they have a few months ago. my preference would also be to have a supported method for API use on personal basis. As a side note on the captcha stuff, this is so basic in its function that the only thing that google would be able to see is that someone is using a captcha service from the medtronic domain, there are no user credentials shared and certainly not any medical information. |
|
I know they do not have any access to private data stored in the Medtronic database. But they know now who you are and that there is a relation between you and Medtronic. Another piece of the advertisement puzzle for them. But that's not the issue at hand. Solving the recaptcha wil take a very well trained AI or an implementation in HA. Both are very time consuming and I do not have that spare time available at the moment. If anyone else want to take look, you're very welcome. |
|
There is some code for different recaptcha solvers for Python - Would this not be possible? |
|
does anyone know what the repatch used in carelink so we can try to implement solvers via python |
|
https://2captcha.com/lang/python - https://geekpython.in/solve-captcha-in-python-using-2captcha - https://github.com/topics/captcha-solver?l=python <--- lol had to put it in... By the way it is recaptcha..... https://github.com/Artistrazh/recaptcha_v2_solver |
|
As I don't have the time either to implement this, I reached out to Medtronic and got this answer: |
|
@MrRasmus That sounds very good. If they provide an API endpoint we can fix it in a clean and safe way. Probably way better then the current implementation. |
|
First and foremost my thanks to @yo-han for what you've created. This is the kind of innovation in this space that has made life just a little less difficult. 🙌 Like many in this thread, I've also been searching for an answer. I suspect I don't have much to add here other than what might already be known information. Once you get a token, (for example, log in via a browser, and then copy the token as well as its expiration out). That you can maintain a connection. Token seems to be good for 40 minutes before requiring a refresh. I say this having recently updated my own PowerShell module for CareLink. I've been running the last 14+ days now without a single disconnect in my terminal.
Once a token is obtained, its right back to API calls (only had to update a couple endpoints). I don't have much experience with Python or developing custom Home Assistant integrations (currently using an HA file sensor to pick up these values). But conceptually it seems like if the onboarding flow took a token + token expiration. Then a similar outcome could be achieved similar to what I'm doing in my PowerShell module and respective scripts. Not trying to hijack the thread or saying what has to be done, just thinking out loud and wanted to share in the event this helps someone. |
|
Thanks to @sedy89 we have a new and working release today. https://github.com/yo-han/Home-Assistant-Carelink/releases/tag/2023.12.1 Check the readme to retrieve your session token from the cookie set by the Medtronic website and you should be good to go! No more recaptcha's! |
|
I close this issue now we have a different way of logging in. |
|
@yo-han This library does not implement the login procedure with reCapcha. For this you have to run the The big advantage of this new library is that it uses a refresh token which can be used to get a new access token even after it has expired. So after initial manual login the Carelink client library should be able to run autonomously, just like the Carelink Connect app, even if it is offline for some days. |
My installation of the integration stopped working 24 hours ago.
On the NightScout website i noticed issues and comments on people also having problems logging in.
No solution yet, hopefully we can find one soon.
https://github.com/nightscout/minimed-connect-to-nightscout/issues/47
The text was updated successfully, but these errors were encountered: