panasonic_cc
panasonic_cc copied to clipboard
sockless-coding
New Panasonic Authentication
It seems like that Panasonic Comfort Cloud has a new authentication system. My integration stopped working this night - and when trying to log in to CC on the web, I was challenged with 2FA.
Does the integration work for you guys?
Same problem here. Even the app tells me now this (translated from german): "Suspicious activity has been detected in this account, so your access has been temporarily denied to avoid security issues. Wait a while and try again."
Yes, looks like they made some changes again... I can't even login in to the app it just gives me a "Loading..." screen Edit: it was just dead slow...
The integration should still work, I tried authenticating using the same procedure as the integration. I used the same account as I used with the app (I used the SMS option to log in to the app).
I used TOTP and the integration cannot log in anymore.
Logger: homeassistant.config_entries
Source: config_entries.py:406
First occurred: 14:58:48 (4 occurrences)
Last logged: 21:19:30
Error setting up entry for panasonic_cc
Traceback (most recent call last):
File "/usr/src/homeassistant/homeassistant/config_entries.py", line 406, in async_setup
result = await component.async_setup_entry(hass, self)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/config/custom_components/panasonic_cc/__init__.py", line 79, in async_setup_entry
devices = await hass.async_add_executor_job(api.get_devices)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/concurrent/futures/thread.py", line 58, in run
result = self.fn(*self.args, **self.kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/config/custom_components/panasonic_cc/pcomfortcloud/session.py", line 207, in get_devices
self.login()
File "/config/custom_components/panasonic_cc/pcomfortcloud/session.py", line 106, in login
self._create_token()
File "/config/custom_components/panasonic_cc/pcomfortcloud/session.py", line 164, in _create_token
raise ResponseError(response.status_code, response.text)
custom_components.panasonic_cc.pcomfortcloud.session.ResponseError: Invalid response, status code: 500 - Data: {"code":5001,"message":"DB system error due to db system"}
Yeah, it worked yesterday - and now I get this:
File "/config/custom_components/panasonic_cc/pcomfortcloud/session.py", line 164, in _create_token raise ResponseError(response.status_code, response.text) custom_components.panasonic_cc.pcomfortcloud.session.ResponseError: Invalid response, status code: 429 - Data: {"code":42901,"message":"Too Many Requests"}
Guess if you activate the TOTP, it requires the code to be included. I'll take a look at it, might have to add a field for setting the TOTP key.
Same here. Panasonic warned (in their comfort cloud app) some 7-10 days ago that they would makes changes to their Authentication to also enable other 3rd party authentication services like google-account. Now the app redirects authentication to an Panasonic AD-service.
Panasonic forces to enable 2FA - without it, you can not log in to the application. So after turning on 2FA, the plugins do not work?
Ahh, but my challenge is not 2FA. I can log into my app without 2FA. It is : When adding the "Panasonic Comfort Cloud" integration to HA I get prompter with panasonic ID and password. Having typed the right credentials, I get: "Unexpected error creating device"
Bugger, I just had a Panasonic AC installed. Went to set it all up, and running into this same issue!
Does anyone have a way of data being sent now? header and date, in particular, this new 6 digit code 2FA / TOTP ?
When it comes to generating the code itself, it can be done locally. The code is generated on the principle that it takes the key and time and generates code - no API is needed for this. Every 30 sec. code is different.
Example how to generate code:
- http://tuxgraphics.org/~guido/javascript/totp-web.html
- https://jsfiddle.net/russau/ch8PK/?ref=grantwinney.com
The plugin for Homebridge is still working. https://github.com/homebridge-panasonic-ac-platform/homebridge-panasonic-ac-platform
I suspect that the lock of your plugins may be due to too many queries (refresh interval for devices). Personally, I recommend a minimum of 10 minutes. In many plugs I saw that it is even every 10 seconds. More: #152
Can anyone confirm if it is still possible to login this plugin, after adding 2 factor mobile or TOTP to the account?
The panasonic app refuses to log me in, unless I add it, but I do not want to break the home assistant that is currently logged in with the same account, in case it gets logged out.
Can anyone confirm if it is still possible to login this plugin, after adding 2 factor mobile or TOTP to the account?
The panasonic app refuses to log me in, unless I add it, but I do not want to break the home assistant that is currently logged in with the same account, in case it gets logged out.
I activated 2FA, someone else SMS and both of us work (on a different plugin). But it may be that there is now such a transition period and only in a moment Panasonic will require that the 2FA code be given in the API.
I used TOTP and the integration cannot log in anymore.
Logger: homeassistant.config_entries Source: config_entries.py:406 First occurred: 14:58:48 (4 occurrences) Last logged: 21:19:30 Error setting up entry for panasonic_cc Traceback (most recent call last): File "/usr/src/homeassistant/homeassistant/config_entries.py", line 406, in async_setup result = await component.async_setup_entry(hass, self) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/config/custom_components/panasonic_cc/__init__.py", line 79, in async_setup_entry devices = await hass.async_add_executor_job(api.get_devices) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/concurrent/futures/thread.py", line 58, in run result = self.fn(*self.args, **self.kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/config/custom_components/panasonic_cc/pcomfortcloud/session.py", line 207, in get_devices self.login() File "/config/custom_components/panasonic_cc/pcomfortcloud/session.py", line 106, in login self._create_token() File "/config/custom_components/panasonic_cc/pcomfortcloud/session.py", line 164, in _create_token raise ResponseError(response.status_code, response.text) custom_components.panasonic_cc.pcomfortcloud.session.ResponseError: Invalid response, status code: 500 - Data: {"code":5001,"message":"DB system error due to db system"}
Unfortunately, I still have the same problems. I can't say, if the problem appears after I was forced to change to 2FA.
What does the last line of the stacktrace mean? Is this a problem at Panasonic or in my database?
custom_components.panasonic_cc.pcomfortcloud.session.ResponseError: Invalid response, status code: 500 - Data: {"code":5001,"message":"DB system error due to db system"}
I've already deleted the integration and have tried to set it up again with entering my credentials, but still the same error.
I'm not sure if I'm in the same situation. I'm able to connect with the app on IOS. If I go into the settings of my account, I can reset the 2FA but it's not telling me if I'm currently having 2FA. I've not tried to reset yet because my HA at the cottage is working fine (didn't logout in a while so it may be why it's still working). I just logout/login from the app and I was not asked for anything else than the username/password so I may not be enrolled in the 2FA yet. However, when I try to install the integration on another HA, using the same username/password, I'm getting an "unknown error occurred". In the logs, I'm seeing this:
Logger: aiohttp.server
Source: /usr/local/lib/python3.11/site-packages/aiohttp/web_protocol.py:421
First occurred: 6:39:07 AM (1 occurrences)
Last logged: 6:39:07 AM
Error handling request
Traceback (most recent call last):
File "/usr/local/lib/python3.11/site-packages/aiohttp/web_protocol.py", line 452, in _handle_request
resp = await request_handler(request)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/aiohttp/web_app.py", line 543, in _handle
resp = await handler(request)
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/aiohttp/web_middlewares.py", line 114, in impl
return await handler(request)
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/src/homeassistant/homeassistant/components/http/security_filter.py", line 85, in security_filter_middleware
return await handler(request)
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/src/homeassistant/homeassistant/components/http/forwarded.py", line 100, in forwarded_middleware
return await handler(request)
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/src/homeassistant/homeassistant/components/http/request_context.py", line 28, in request_context_middleware
return await handler(request)
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/src/homeassistant/homeassistant/components/http/ban.py", line 80, in ban_middleware
return await handler(request)
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/src/homeassistant/homeassistant/components/http/auth.py", line 233, in auth_middleware
return await handler(request)
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/src/homeassistant/homeassistant/components/http/headers.py", line 31, in headers_middleware
response = await handler(request)
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/src/homeassistant/homeassistant/components/http/view.py", line 149, in handle
result = await handler(request, **request.match_info)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/src/homeassistant/homeassistant/components/http/decorators.py", line 63, in with_admin
return await func(self, request, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/src/homeassistant/homeassistant/components/config/config_entries.py", line 177, in post
return await super().post(request, flow_id)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/src/homeassistant/homeassistant/components/http/data_validator.py", line 72, in wrapper
result = await method(view, request, data, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/src/homeassistant/homeassistant/helpers/data_entry_flow.py", line 110, in post
result = await self._flow_mgr.async_configure(flow_id, data)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/src/homeassistant/homeassistant/data_entry_flow.py", line 320, in async_configure
result = await self._async_handle_step(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/src/homeassistant/homeassistant/data_entry_flow.py", line 416, in _async_handle_step
result: FlowResult = await getattr(flow, method)(user_input)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/config/custom_components/panasonic_cc/config_flow.py", line 83, in async_step_user
return await self._create_device(user_input[CONF_USERNAME], user_input[CONF_PASSWORD])
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/config/custom_components/panasonic_cc/config_flow.py", line 72, in _create_device
return await self._create_entry(username, password)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/config/custom_components/panasonic_cc/config_flow.py", line 44, in _create_entry
if entry.data[KEY_DOMAIN] == PANASONIC_DOMAIN:
~~~~~~~~~~^^^^^^^^^^^^
KeyError: 'domain'
I'm sure I have the proper username as I'm copying it from a password manager and it work just fine on the app. So, I'm not it is related to 2FA at this point. Is there a way to confirm this from the logs?
I also have a question. Some people said that they have 2FA with SMS and some with TOTP. How would this work with the integration considering that for SMS, HA is not receiving those. Seems to be a similar situation with TOTP except that it is usually sent by email. How do you integrate the SMS or TOTP so that the Panasonic integration capture those to complete the login?
Thank you.
@ehfortin
I have set 2FA TOTP (not SMS). On the other plugin (for Homebridge) I just checked and it works. I even restarted Homebridge and it still works. This plugin does not support 2FA yet.
When it comes to 2FA, a 6 digit code is generated based on 32 character key and UTC time - the code is different every 30 seconds. It can be generated locally (you need to add the algorithm to the code). I just don't know how this code is sent - what the new API header looks like. It is clear that it is much harder with SMS.
Hi,
Unfortunately I have activated 2FA in ComfortCloud app and I received SMS code. I do not remember if I had the option to choose SMS or TOTP. Is there an option to change to TOTP? I cannot find it anywhere...should I reset 2FA? I did not restart my HA since I activated 2FA, and my integration still works. I should not restart HA until solution is found and integration is updated, am I right?
Hi,
Unfortunately I have activated 2FA in ComfortCloud app and I received SMS code. I do not remember if I had the option to choose SMS or TOTP. Is there an option to change to TOTP? I cannot find it anywhere...should I reset 2FA? I did not restart my HA since I activated 2FA, and my integration still works. I should not restart HA until solution is found and integration is updated, am I right?
If you do a 2FA reset, you will have a choice again whether the code or SMS.
Hi, Unfortunately I have activated 2FA in ComfortCloud app and I received SMS code. I do not remember if I had the option to choose SMS or TOTP. Is there an option to change to TOTP? I cannot find it anywhere...should I reset 2FA? I did not restart my HA since I activated 2FA, and my integration still works. I should not restart HA until solution is found and integration is updated, am I right?
If you do a 2FA reset, you will have a choice again whether the code or SMS.
Thank you for the quick reply! I should not risk HA restart at the moment, right?
I had to upgrade my HA and on the first start up the integration failed to authenticate. I use a separate account for HA, and I hadn't logged into the app with this account since these changes started to be rolled out.
- I disabled the integration in HA
- I logged into the app using the HA account
- registered the 2FA using SMS (same phone number as my 'main' panasonic app account.)
- I logged in and and checked the app worked OK.
- I closed the app (didn't log out, not sure if this is a required step, or what would have happened if I did log out).
- enabled the integration
- All worked! (I suppose the implication is 'for now').
I had to upgrade my HA and on the first start up the integration failed to authenticate. I use a separate account for HA, and I hadn't logged into the app with this account since these changes started to be rolled out.
- I disabled the integration in HA
- I logged into the app using the HA account
- registered the 2FA using SMS (same phone number as my 'main' panasonic app account.)
- I logged in and and checked the app worked OK.
- I closed the app (didn't log out, not sure if this is a required step, or what would have happened if I did log out).
- enabled the integration
- All worked! (I suppose the implication is 'for now').
I followed the steps, but I get
"Unexpected error creating device."
"Traceback (most recent call last): File "/config/custom_components/panasonic_cc/config_flow.py", line 60, in _create_device devices = await self.hass.async_add_executor_job(api.get_devices) File "/usr/local/lib/python3.10/concurrent/futures/thread.py", line 58, in run result = self.fn(*self.args, **self.kwargs) File "/config/custom_components/panasonic_cc/pcomfortcloud/session.py", line 207, in get_devices self.login() File "/config/custom_components/panasonic_cc/pcomfortcloud/session.py", line 106, in login self._create_token() File "/config/custom_components/panasonic_cc/pcomfortcloud/session.py", line 164, in _create_token raise ResponseError(response.status_code, response.text) custom_components.panasonic_cc.pcomfortcloud.session.ResponseError: Invalid response, status code: 500 - Data: {"code":5001,"message":"DB system error due to db system"}"
