TeamPiped
Got error: "Sign in to confirm that you're not a bot"
Official Instance
- [x] The bug is reproducible on the official hosted instance, or is API-related.
Describe the bug
On my private instance and with some others i have tested in the public list i am seeing "Got error: "Sign in to confirm that you're not a bot"" instead of a video
Here is a link from a public instance with the same problem:
https://piped.r4fo.com/watch?v=2G-L0u_L0qU
To Reproduce
Open this url on this instance
https://piped.r4fo.com/watch?v=2G-L0u_L0qU
See error
Expected behavior
Video to play normally
Logs/Errors
org.schabi.newpipe.extractor.exceptions.ContentNotAvailableException: Got error: "Sign in to confirm that you're not a bot" at org.schabi.newpipe.extractor.services.youtube.extractors.YoutubeStreamExtractor.checkPlayabilityStatus(YoutubeStreamExtractor.java:1016) at org.schabi.newpipe.extractor.services.youtube.extractors.YoutubeStreamExtractor.onFetchPage(YoutubeStreamExtractor.java:876) at org.schabi.newpipe.extractor.Extractor.fetchPage(Extractor.java:60) at org.schabi.newpipe.extractor.stream.StreamInfo.getInfo(StreamInfo.java:77) at org.schabi.newpipe.extractor.stream.StreamInfo.getInfo(StreamInfo.java:72) at org.schabi.newpipe.extractor.stream.StreamInfo.getInfo(StreamInfo.java:67) at me.kavin.piped.server.handlers.StreamHandlers.lambda$streamsResponse$0(StreamHandlers.java:54) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317) at java.base/java.lang.VirtualThread.run(VirtualThread.java:309)
Browser, and OS with Version.
Happens on multiple browsers and devices
Additional context
I'm assuming it's related to something google/youtube have done as invidious instances are having similar issues.
https://github.com/iv-org/invidious/issues/4734
Some instances are working, some aren't. But it's probably gonna spread to all of them.
Is there any solution for this?
Cobalt implemented OAuth, but other than that there's not been much in terms of solving this issue...
Is there any solution for this?
Cobalt implemented OAuth, but other than that there's not been much in terms of solving this issue...
Well, maybe it would be good implementing it as an optional feature, so instances could continue running until there is a better solution.
Restarting all containers fixed it for me tonight.
Didn't work for me, you probably got "B" tested ;D
jokes aside, I have another request that may warrant a separate issue: I opened a page to use the share button and copy the original youtube link, but the error message "eats" away all the UI, I think it would be nice if a partial interface could still be shown in this case
This is happening to me on the majority of videos (~8 out of 10) and on different instances, to the point I had to go back to using vanilla youtube. Sadly, I dont know enough about piped or youtube's inner workings to be able to help, but I hope I can bring more attention to this issue. My fear is that this change could make piped and other frontends unusable sooner than we think if a solution isn't found
Is there any solution for this?
Yes. Just obtain youtube API keys and paste the API_SECRET to src/main.js function at 127th line.
getAuthToken() {
return this.getPreferenceString("authToken" + this.hashCode(this.authApiUrl()));
},
Everything works.
This is happening to me on the majority of videos (~8 out of 10) and on different instances, to the point I had to go back to using vanilla youtube. Sadly, I dont know enough about piped or youtube's inner workings to be able to help, but I hope I can bring more attention to this issue. My fear is that this change could make piped and other frontends unusable sooner than we think if a solution isn't found
You can host your own instance instead and paste the token as I have written above.
You can host your own instance instead and paste the token as I have written above.
If I use Docker, how can I rebuild it? I am looking forward to an update from the team regarding documentation and Docker for this temporary solution
This is coming so often on official (piped.video) instance, approximately 7 of 10 videos. I haven't tried to change instance yet, I have switched to invidious.
I haven't tried to change instance yet
This is the best workaround though. Works 100% of the time. You rarely have to change it twice.
Your modify the main.js like this?
getAuthToken() { return this.getPreferenceString("authToken" + this.hashCode(API_KEY)); },
Where API_KEY = your yt api key
Also how do get into the docker container to modify main.js? I tried bash but that'd didn't work.
Your modify the main.js like this?
getAuthToken() { return this.getPreferenceString("authToken" + this.hashCode(API_KEY)); },
Where API_KEY = your yt api key
Also how do get into the docker container to modify main.js? I tried bash but that'd didn't work.
Unfortunately, no.
getAuthToken() {
return this.getPreferenceString("YOUR_API_TOKEN_HERE" + this.hashCode(this.authApiUrl()));
},
API_KEY is API_SECRET in your profile.
You can host your own instance instead and paste the token as I have written above.
If I use Docker, how can I rebuild it? I am looking forward to an update from the team regarding documentation and Docker for this temporary solution
I am not facile with Docker, unfortunately. Instead, I host my own private instance on a VPS.
Your modify the main.js like this?
getAuthToken() { return this.getPreferenceString("authToken" + this.hashCode(API_KEY)); },
Where API_KEY = your yt api key
Also how do get into the docker container to modify main.js? I tried bash but that'd didn't work.
When bash doesn't work try sh ;D (or ash for alpine)
Where is the file located BTW?
edit:
I use these aliases in bash (or remove function for zsh) to quickly find and then enter a container with bash or sh (yeah I should env I know)
# get the container name if you don't remember, example: "dclist piped"
function dclist() {
if [ -z "$1" ]; then
docker ps -a --format "table {{.ID}}\t{{.Names}}" | (read -r; printf "%s\n" ""; sort -k 2);
else
docker ps -a --format "table {{.ID}}\t{{.Names}}" | (read -r; printf "%s\n" ""; sort -k 2) | grep "$1";
fi
}
# enter a container with bash or sh, example: "dcsh piped"
function dcbash() { docker exec -it "$1" /bin/bash; }
function dcsh() { docker exec -it "$1" /bin/sh; }
Partial docker instructions, untested, try only if you know what this means:
- open your piped instance
- right click -> view page source or whatever your browser calls it
- find out the name of the javascript bundled file, mine is
<script type="module" crossorigin src="/assets/index-WHXXydFZ.js"></script>
At this point you can either extract it from the container, change it and mount it back (easier, persist across restarts, may break the frontend if the containers are updated) or manually edit it in place (no time so will do this for now, may need restart of the container, may break anyway or just not work) or add the sed command to the start script (it's already doing something similar for the instance name)
- enter the piped frontend container with its name, I used
docker exec -it "piped-frontend" /bin/sh; - enter the assets folder with
cd /usr/share/nginx/html/assets - swap the authToken with
sed -i 's/"authToken"/"YOUR_TOKEN"/g' index-YOUR_FILE.js - ???
- If you force refresh the page and check the sources again you can click on the js file and see if it has been changed or not
I've tried to do what above was suggested with the substitution of the authToken with an API key for Youtube Data v3 (plain API key not OAuth) and it just results in completely broken piped frontend. No trace or any message in the console. I have confirmed that it is substituted correctly in the browser with cache disabled (just in case).
What's supposed to happen when you swap out the hardcoded authToken string? Can someone provide clearer instructions on how to do this?
I'm also confused what "API_SECRET" referenced above is. Is it not the value of the API key?
Everything written above about patching getAuthToken() is not true, that authToken is only used to authenticate at Piped instances with your Piped account, it's not related to the visitor tokens used for extracting data from YouTube.
Obtaining YouTube API keys and only setting them in the frontend doesn't solve the problem at all, because the YouTube API key would need to be used at the Piped backend anyways ...
You probably want to save yourself that time and either get a new IP address that's not blocked from YouTube or put a proxy / VPN in front of your instance.
You probably want to save yourself that time and either get a new IP address that's not blocked from YouTube or put a proxy / VPN in front of your instance.
Invidious made a IPv6 rotation tool, so that is another way of solving the issue. It needs a bit of setup, but works pretty good on a couple of instances I saw using it.
Invidious made a IPv6 rotation tool, so that is another way of solving the issue. It needs a bit of setup, but works pretty good on a couple of instances I saw using it.
Unfortunately lots of instances had their whole IPV6 /64 range blocked recently. I guess it depends of the provider
Unfortunately lots of instances had their whole IPV6 /64 range blocked recently. I guess it depends of the provider
Yes, all my Hetzner IPv6 ranges are blocked too since some days :/
I heard https://stylenhost.com/ still works. Maybe we should compile a list of providers that work and don't work.
Maybe we should compile a list of providers that work and don't work.
Not sure this is a good idea, could make things much easier for Google :sweat_smile:
(although it doesn't hurt to warn people that hetzner is blocked for example)
Ran into this issue a while ago and haven't had time to look into it. For the meantime I guess I will just deploy gluetun to just use a VPN instead. Because my VPS is indeed with Hetzner... Welp, that's unfortunate. Aside from IPv6 rotation, is there any other idea on how to fix that issue? Thanks!
Being it was the new-pipe extractor that broke, and they just fixed the issue on their side, couldn't we get their updated extractor and plug it in?
Latest piped-backend seems to have incorporated the change already. However, for me it doesn't change anything, even with the latest docker image I get the antibot prompt. Exact same instance from my home IP address works fine without any changes, so IP reputation also plays a role.
Ran into this issue a while ago and haven't had time to look into it. For the meantime I guess I will just deploy gluetun to just use a VPN instead. Because my VPS is indeed with Hetzner... Welp, that's unfortunate. Aside from IPv6 rotation, is there any other idea on how to fix that issue? Thanks!
Hi, IPV6 rotation didn't help for me, as my whole IP range seems to be restricted. Can't deploy a new IPV6 to my server, and ran an update without more luck, so I'm just going to try Gluetun aswell.
