ghaberek
Stopped working with latest controller version
Hi,
After upgrading to latest controller firmware (OC200v1_un_1.14.2_20211215_rel61111_up), the Python wrapper does not work anymore:
Traceback (most recent call last):
File "/opt/omada-api/devices.py", line 83, in <module>
main()
File "/opt/omada-api/devices.py", line 70, in main
omada.login()
File "/opt/omada-api/omada/omada.py", line 242, in login
result = self.post( '/login', json={'username':username,'password':password} )
File "/opt/omada-api/omada/omada.py", line 203, in post
response.raise_for_status()
File "/usr/local/lib/python3.10/site-packages/requests/models.py", line 960, in raise_for_status
raise HTTPError(http_error_msg, response=self)
**requests.exceptions.HTTPError: 404 Client Error: for url: https://192.168.1.1:443/api/v2/login?_=1641554357608**
What version is your controller software? I'm using 4.4.6 beta on self-hosted and the API still works fine. The firmware version and the software version are different. You can check this from the "About" option in the top-right "..." menu.
The latest firmware version I'm seeing on the OC200 downloads page is 1.9.3 which is software version 4.4.6. Is your new firmware running the version 5 software? I haven't tested against version 5 yet.
Aha! I just found this page: Apache Log4j Vulnerability in Omada Controller which shows:
Here are the official releases for Omada Controllers:
- Omada_Controller_V5.0.29_Windows
- Omada_Controller_V4.4.8_Linux_x64.tar
- Omada_Controller_V4.4.8_Linux_x64.deb
- OC200(UN)_V1_1.14.2 Build 20211215 > Built-in Omada Controller v5.0.29
- OC300(UN)_V1_1.7.0 Build 20211215 > Built-in Omada Controller v5.0.29
It doesn't seem they've released an Linux build of version 5 for self-hosting yet. I'll need that to get it stood up for testing and then I can start adapting this project to suit.
I'm using the latest software on OC200 appliance, downloaded from https://www.tp-link.com/de/support/download/oc200/#Firmware
- Controller Version:5.0.29
- Model:OC200 1.0
- Firmware Version:1.14.2 Build 20211215 Rel.61111
Hi all, Just updated my oc200 to the same version referenced by @t0th0mas and encountered the same issues.
Thanks Stefano
Something that could be useful at link https://community.tp-link.com/en/business/forum/topic/253944?page=3.
Is reported ... Re:Omada V2 API It looks like the recent controler update made changes to the API. There is now an extra parameter (omadacId) in the URL that you have to retrieve through /api/info.
Then you can get the token at %omadacId%/api/v2/login. However from there on I don't know how to proceed.
Previously I could just take this 'token' value and set it as a parameter, token=. However, viewing in Chrome, this has now changed to _=, but with the token it no longer works. Any suggestions?
... but right now no suggestions.
Thanks
Stefano
Aha! I just found this page: Apache Log4j Vulnerability in Omada Controller which shows:
Here are the official releases for Omada Controllers:
- Omada_Controller_V5.0.29_Windows
- Omada_Controller_V4.4.8_Linux_x64.tar
- Omada_Controller_V4.4.8_Linux_x64.deb
- OC200(UN)_V1_1.14.2 Build 20211215 > Built-in Omada Controller v5.0.29
- OC300(UN)_V1_1.7.0 Build 20211215 > Built-in Omada Controller v5.0.29
It doesn't seem they've released an Linux build of version 5 for self-hosting yet. I'll need that to get it stood up for testing and then I can start adapting this project to suit.
Hi @ghaberek, take a look at https://www.tp-link.com/it/support/download/omada-software-controller/ ... not sure but seems that v5.0.29 is available also for Linux.
Thanks again Stefano
take a look at https://www.tp-link.com/it/support/download/omada-software-controller/ ... not sure but seems that v5.0.29 is available also for Linux.
Of course, the published date says "2022-01-07" which means they probably just posted it as it certainly wasn't there when I last checked. I will get this stood up and begin testing. Thanks!
Hi @ghaberek, take a look at the attachment, I did some integration and it seems fine for v5.0.29 ... it's a raw exercise. thanks again Stefano omada.py.zip
Hi @ghaberek, take a look at the attachment, I did some integration and it seems fine for v5.0.29 ... it's a raw exercise. thanks again Stefano omada.py.zip
Thanks for this. I see the changes are relatively minimal. I would probably check the /api/info URL for a returned omadacId value and only send it back if it was received. If I'm not mistaken, that should keep it backwards-compatible with existing 4.x controllers.
Replace initOmadacId() with generic getApiInfo():
##
## Query API info from server.
##
def getApiInfo(self):
response = self.session.get( self.baseurl + '/api/info' )
response.raise_for_status()
json = response.json()
if json['errorCode'] == 0:
return json['result'] if 'result' in json else None
raise OmadaError(json)
Update login() to check for omadacId and store it:
##
## Log in with the provided credentials and return the result.
##
def login(self, username=None, password=None):
apiInfo = self.getApiInfo()
if 'omadacId' in apiInfo:
self.omadacId = apiInfo['omadacId']
...
Update url_for() to include omadacId if it is set:
##
## Build a URL for the provided path.
##
def url_for(self, path):
baseurl = self.baseurl + "/"
if self.omadacId is not None:
baseurl = baseurl + self.omadacId
return baseurl + Omada.ApiPath + path
If you want to test these changes, you're welcome to submit a pull request for them. My current attempts to upgrade my controller have failed so I'll have to rebuild it to get up to version 5. Once I get that working I will continue testing on my own.
No problem to test your changes (I'll be aable to do it only with v5, I've no v4 installed), I'll request a pull. But I think the the most important changes are the CookieJar addition and moving the token inside the header. CookieJar was not required in v4.x and also token was managed differently ... as params in the url.
I'll try to request a pull.
Thanks, Stefano
But I think the the most important changes are the CookieJar addition and moving the token inside the header. CookieJar was not required in v4.x and also token was managed differently ... as params in the url.
Certainly. I was only addressing the changes around omadacId specifically to avoid any backwards-compatibility issues. The CookieJar changes shouldn't affect existing version 4 systems, as the browser is going to be handling cookies already anyway.
Thanks!
Hi, I did it, and with v5.0.29 it's working fine. Not sure if with v4 it's working again
Thanks Stefano
Hi guys, first of all big thank you for this python interface, it really saved me. I have implemented the changes as you outlined. It works for me to get the poe status of my switch. But I cannot set the poe status anymore using patch, so I assume the call changes as well.
Is there a new documentation for v5, I have not found on plink website or forum how to use the new patch command?
I have no idea how to do a pull request, YET, to get the code back into this repo... Otherwise I would have done.
Is there a new documentation for v5, I have not found on plink website or forum how to use the new patch command?
Unfortunately no. I've reverse engineering most of it just by watching the controller page make requests using Firefox's developer console. If you Google for tp-link omada api the top result is this community post which includes the "v4.1.5" document which helps but isn't great. The next results are this project and a reference to it. I still need to get my controller migrated to v5.
I have no idea how to do a pull request, YET, to get the code back into this repo... Otherwise I would have done.
Here's the GitHub docs on getting started: https://docs.github.com/en/get-started/quickstart/contributing-to-projects
Is there a new documentation for v5, I have not found on plink website or forum how to use the new patch command?
Unfortunately no. I've reverse engineering most of it just by watching the controller page make requests using Firefox's developer console. If you Google for tp-link omada api the top result is this community post which includes the "v4.1.5" document which helps but isn't great. The next results are this project and a reference to it. I still need to get my controller migrated to v5.
I have no idea how to do a pull request, YET, to get the code back into this repo... Otherwise I would have done.
Here's the GitHub docs on getting started: https://docs.github.com/en/get-started/quickstart/contributing-to-projects
Finally I was able to submit the pull request Thanks Stefano
Hi, see attached the V5 document I got. However, it does not mention anything about login. I was trying to create my own scipt but I seem I can't proceed after login (My goal is to reconnect a specific device). Omada_SDN_Controller_V5.0.15 API Document.html.zip
Ah, nevermind, I got it resolved as well, token is moved to the headers as mentioned above!
Just FYI, Patch still works but now requires more data for a Switch Port to update, got it working also in V5. The API should be documented better...