Xiaomi-cloud-tokens-extractor icon indicating copy to clipboard operation
Xiaomi-cloud-tokens-extractor copied to clipboard

Published 20 hours ago verified publisher icon PiotrMachowski

Two-factor authentication doesn't work anymore

Open Pivek opened this issue 2 years ago • 59 comments

Hi, issue exactly the same as here https://github.com/PiotrMachowski/Home-Assistant-custom-components-Xiaomi-Cloud-Map-Extractor/issues/180 It seems that even after "succesful" authentication with "ok" message in browser issue still persists. It endlessly keeps asking me for two-factor authentication: image

Pivek avatar Nov 05 '21 12:11 Pivek

I'm with the same problem. From couple days ago the map it's STOP working.

the card shows: "two factor auth required (see logs)" I restart HA and in logs Additional authentication required. Open following URL using device that has the same public IP, as your Home Assistant instance: https://account.xiaomi.com/ident... sometimes the page only shows Mi logo and Tips but nothing more, othertimes I can get the login page fill the form receive the code to my email and the page shows "ok" in left upper corner"

in my mi account in 2 step auth menu it's disable...

kikofhm avatar Nov 05 '21 13:11 kikofhm

Same here.

kaizersoje avatar Nov 06 '21 12:11 kaizersoje

same here as well

KochC avatar Nov 08 '21 18:11 KochC

Another idea is to enable 2FA and try again

PiotrMachowski avatar Nov 09 '21 00:11 PiotrMachowski

No the thing is. You get forwarded to do this 2FA and are asked to restart the extractor. But after a restart the same issue occurs. The 2FA does not work in this case. Seems like this is another 2FA than the one you can set in the Xiaomi account.

KochC avatar Nov 09 '21 07:11 KochC

Same problem here Had to add to HA again after after a map update But now i am stuck here

stylab avatar Nov 09 '21 08:11 stylab

following

dbloom86 avatar Nov 09 '21 09:11 dbloom86

unfortunately the same problem here.

timbo16 avatar Nov 11 '21 07:11 timbo16

same

n0is3r avatar Nov 20 '21 13:11 n0is3r

same problem here

horvathgergo avatar Jan 07 '22 21:01 horvathgergo

Is there any way around it or to turn off the 2FA or something?

Tycho-S avatar Jan 20 '22 11:01 Tycho-S

I found workaround - not sure if all steps are necessary but it worked:

  • login to xiaomi account from browser
  • go to Signing in and security - turn 2FA on/off
  • go to Privacy - site requests confirmation code again - fill it
  • do not close browser, stay sign in
  • run extractor

It worked 26.1.2022

LLACZ avatar Jan 26 '22 18:01 LLACZ

Thanks for this! It did not for me unfortunately. Still getting a link to 2FA every time (and completing it doesn't work). What country do you pick? I tried de, us and nothing..

Tycho-S avatar Jan 27 '22 16:01 Tycho-S

@Tycho-S selecting country doesn't really matter as country is used to get devices, not to log in.

PiotrMachowski avatar Jan 27 '22 16:01 PiotrMachowski

@Tycho-S I used "de" for the first time, but it works without selecting any country. I am trying it right now and extractor works even without active connection from browser. On 2FA page is written - Whenever we detect that you're trying to sign in on a new device or in a new location, we'll show a confirmation dialog on your other devices. - is your IP address and "system/browser fingerprint" same for all requests, do you use any ad blocker (uBlock Origin, AdBlocker, etc.)?

LLACZ avatar Jan 27 '22 16:01 LLACZ

Thanks for the tip about the adblocker, I turned off uBlock origin (browser wide, not just whitelisting the site). But still it does the same :( What platform are you on? I'm on a Mac. I use Microsoft Edge as a browser. But I don't think the script interacts with the browser at all. It just gives me a link to copy and paste.

Edit: I cleared cookies on the browser and did it all again and now it works! Weird, but thanks so much @PiotrMachowski @llacz !

Tycho-S avatar Jan 27 '22 17:01 Tycho-S

I found workaround - not sure if all steps are necessary but it worked:

  • login to xiaomi account from browser
  • go to Signing in and security - turn 2FA on/off
  • go to Privacy - site requests confirmation code again - fill it
  • do not close browser, stay sign in
  • run extractor

It worked 26.1.2022

worked for me 2.6.2022

Vendo232 avatar Feb 06 '22 17:02 Vendo232

The described workaround did work for me too.

fegyosz avatar Mar 01 '22 18:03 fegyosz

The workaround isn't possible for me. I do not see any option to turn ON or OFF 2FA in the "Signing in and security" tab in my account, and in any other tab of the settings for that matter.

Hexalyse avatar Jun 09 '22 19:06 Hexalyse

The workaround isn't possible for me. I do not see any option to turn ON or OFF 2FA in the "Signing in and security" tab in my account, and in any other tab of the settings for that matter.

Same here, I have no option to disable 2FA on my account. imagen

But I've tried with my xiaomi ID instead of my email, and it worked! It didn't even ask for 2FA :D imagen imagen

adocampo avatar Jun 11 '22 22:06 adocampo

Any workarounds still exist? Getting the same issue as above, none of the suggestions listed seem to work.

MiralDesai avatar Jun 28 '22 16:06 MiralDesai

Did you try with your xiaomi ID instead of your email? I've tried just now and it works here.

adocampo avatar Jun 29 '22 08:06 adocampo

Did you try with your xiaomi ID instead of your email? I've tried just now and it works here.

Having the same issue and tried the ID instead of the e-mail. Unfortunately it didn't help.

wolterkam avatar Jun 29 '22 17:06 wolterkam

I made some progress but for all I know the issue I'm having later in the setup of the cloud map extractor is the same problem.

I followed the instructions here: https://www.home-assistant.io/integrations/xiaomi_miio/#alternative-methods

I installed an old version of the Mi home app, one where they log the token in plain text. Bit of a hassle but I believe I have the correct token now. However I'm now having 2FA issues with the cloud map extractor. Specially this: https://github.com/PiotrMachowski/Home-Assistant-custom-components-Xiaomi-Cloud-Map-Extractor/issues/157

If you're having issues with this token extractor I would suggest giving it try. apkmirror.com has the version of the app you need.

MiralDesai avatar Jun 30 '22 20:06 MiralDesai

Hi I was able to extract tokens even with 2FA enabled, but it requires

  • to follow the link generated by tokens-extractor
  • then open browser inspect console (F12) and go to Network tab
  • process 2FA authorization (by SMS or email)
  • when you finished on "ok" page, investigate last two requests
  • you will be able to find ssecurity, userId, and serviceToken
  • if you bypass those strings in second run of python script (do not call connector.login(), but set directly to self object)
self._ssecurity = input() or None
self._userId = input() or None
self._serviceToken = input() or None
  • then you will by able to get device tokens and stuff ssecurity

I can send PR, but I am thinking how to make this process easier. Problem with 2FA is that you need to register callback url on the server - https://sts.api.io.mi.com/sts is OK with this. So, if we use this page, it will set some of required tokens in cookies (userId and serviceToken), (ssecurity is set in cookie in xiomi.com page). We can extract that information by sentry lib, but it still requires opening browser by Python and sentry lib (not tested).

EDIT: I made a little tampermonkey script for extracting userId and serviceToken xiaomi-tokens.txt But ssecurity is problem - it comes as response header and javascript cannot read that :(

lipov3cz3k avatar Jul 04 '22 10:07 lipov3cz3k

Same issue here. Additional authentication required. Open following URL using device that has the same public IP, as your Home Assistant instance: "Two factor auth required "

Iam on the same public IP. Used the token extractor and followed the step with the URL. Got an "OK"message after. restarted the xiaomi_cloud_map_extractor: Reload service. nothing happens. not even after rebooting HA. Home Assistant OS 8.2

Arie046 avatar Jul 12 '22 07:07 Arie046

I'm also suffering from 2FA. There is no setting to turn it off (anymore?) on the Xiaomi Website. I tried resetting Cookies and signing up again, also didn't help. Starting the extractor as admin or not doesn't change a thing. The extractor runs into 2FA, I follow the link, and the page states OK after I enter the 2FA code. Restarting the extractor goes right back to the 2FA issue. Both the extractor and link, run on my Laptop on the same network with the same public IP.

Not quite sure how to fix this. @lipov3cz3k workaround seems quite involved.

eXifreXi avatar Jul 17 '22 21:07 eXifreXi

Okay so, because I'm impatient, I tried the workaround with manually grabbing those 3 (or 4) values.

  1. Run extractor
  2. Login normally and run into 2FA link
  3. Open the link, perform 2FA
  4. Hit F12 and go to the Network Tab
  5. Hit CTRL+F to open the search field and search for 5.1. ssecurity 5.2. userid 5.3. servicetoken
  6. Note all 3 of those down. There is a cUserId which I also wrote down, not sure if that is needed
  7. Open the token_extractor.py file in an editor of your choice
  8. Change self._ssecurity = None to self._ssecurity = "ENTER_THE_SERVICE_TOKEN_HERE" and do the same for the other 2 (3?) values
  9. Go down to line 248 which should say something about logged = connector.login() and replace the right side with a simple True
  10. Save everything and start the script once more. Enter whatever data you want (or just hit enter and leave it blank)

That should theoretically work.

eXifreXi avatar Jul 17 '22 22:07 eXifreXi

Hi, I found another solution how to disable 2FA - I deleted my xiaomi account and create new one from Mi Home android app. 2FA was disabled by default, it will prompt you to enable it, but do not do this.

In theory, you could just create second xiaomi account and share your original "home" with it. Than you can use second account for HA without 2FA and original with 2FA from elsewhere-> not tested

lipov3cz3k avatar Jul 19 '22 09:07 lipov3cz3k

Hi, I found another solution how to disable 2FA - I deleted my xiaomi account and create new one from Mi Home android app. 2FA was disabled by default, it will prompt you to enable it, but do not do this.

In theory, you could just create second xiaomi account and share your original "home" with it. Than you can use second account for HA without 2FA and original with 2FA from elsewhere-> not tested

Sadly it does not work for a shared home, just tried it and no devices found. I guess it needs to be done with the main account owning the home.

Rittsel avatar Jul 25 '22 21:07 Rittsel