-
Notifications
You must be signed in to change notification settings - Fork 300
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Looks like I requested too many OTPs #2605
Comments
+1 |
AMP cannot use that sequencing of windows to log into your account. It can only handle a first window with email+password on same screen followed by the OTP window with its app generated OTP prefilled. Your sequence has an additional options window to select the type of OTP and that will never work with the AMP proxy login as it will return to AMP after that window with a login failed result code and AMP then sends you back to the beginning page again. |
Hey Daniel. I hope this response finds you and your family well. Thank your for your response. I am not sure what you mean by the sequencing of windows? I realize that AMP only accepts credentials from the form that prompts both email and password. However, The initial login form only contains a prompt for the email followed by an additional prompt for the password. In order to get the form containing both, the user has to create and existing account and then select the button to login. After that AMP prompts for the OTP. Because I reconfigured a certain amount of times, Amazon is not sending me a text containing the OTP. After the login screen it is giving me 3 choices to get the OTP and AMP does not know how to handle it. I am not sure what you mean by "You need to change your Amazon account to only use OTP via app"? My Amazon security is set up for 2FA where the Authenticator can be used. If that were not the case I could not have got this far. |
Why is Amazon giving you 3 choices to get the OTP? It's not AMP doing that as all of those login screens are provided from Amazon. Your Amazon security should be set up for 2SV only via Authenticator App and other options should never be an option! AMP was never written to handle anything else when OTP/2SV is configured. |
I am not sure why. I can tell you that my alexa devices were not being discovered. So i would uninstall AMP and install it again. I am guessing that Amazon has a maximum otp per day that it will text to a cell phone. When I login into my Amazon account, Amazon will not text me a otp. So, I have to ask for another way to get the OTP. It gives me the options, Text me, Call me or use the Authenticator App. Text me does not work, I have not tried option 2 and so I use the Authenticator App. You can see the same options are offered in the video, It just with Amp, it does not prompt for the OTP code. |
AMP CAN NOT USE A TEXTED OTP CODE! YOU NEED TO PROVIDE THE OTP SECRET IN THE AMP CONFIG SETUP! |
I think that is partially right. The Amp installation form only accepts a Authentication App Secret key. But when AMP ask me to login, the OTP was texted to me. |
AMP did not ask you to login, Amazon did. The issue is that AMP expects the first Amazon window to be email+password and an optional second window to enter the OTP code. If the login completes and returns to AMP after the first window, AMP proceeds to process whether the login was successful or not. If not, it opens the 2nd window as instructed by Amazon which should be the entry of the OTP code. If the login is successful, AMP processes the cookie and continues. If however after the second window AMP has not seen a "successful login", it returns you to the beginning of the sequence to start over, hence the loop you see. So, you need to disable the option in your Amazon account to "text me a code" with the only method being the "enter OTP code from authenticator app" and then your login sequence will be either one or two pages. A three page login sequence will always fail and loop you back to start over after the 2nd window. |
This seems reminiscent of an earlier problem I had though I don't remember if it would get to the OTP stage but from memory the workaround was instead of choosing Sign in, choose Create new account but use the same email and when it says account already exists continue and it would work ok. |
That was before the initial link in |
@jeffgoldszer The issue is that AMP expects the first Amazon window to be email+password and an optional second window to enter the OTP code. If the login completes and returns to AMP after the first window, AMP proceeds to process the cookie from the "successful login". If unsuccessful, it opens the 2nd window as instructed by Amazon which should be the entry of the OTP code. If the login is successful upon returning to AMP, AMP processes the cookie and continues. If however after the second window AMP has not seen a "successful login", it returns you to the beginning of the sequence to start over, hence the loop you see. So, you need to disable the option in your Amazon account to "text me a code" with the only method being the "enter OTP code from authenticator app" and then your login sequence will be either one or two pages. A three page login sequence will always fail and loop you back to start over after the 2nd window. |
Is this AMP related or alexapy related? Where can I find the implementation for that part (if it is AMP related)? |
@bniedermayr If you select |
I believe the issue is in |
Ah perfect! You made my day! That tricked the login pages to get to the username+passwd window in the expected range.
Is this documented somewhere? Would make much sense to document this valuable information. |
The workaround is not yet in the wiki ( which anyone can edit). I've been posting my workaround everywhere I've seen it asked and this has been an issue for months now albeit more convoluted before twe changed to a different Amazon url. It all started months ago when Amazon restructured Alexa app sign in windows. |
Anyone can edit the Wiki. No PR required for that. |
Ah ok. Good to know :-) Just added a short "Note" section here https://github.com/alandtse/alexa_media_player/wiki/Configuration#integrations-page I hope that fits. |
Ah, I was too hasty..... Although now the login loop is gone an Home Assistant returns from the Alexa login UI the login itself fails. I missed the "Alexa Media Player could not be logged in" message completely, because I was so happy that the login loop was gone... So what I see now is: Captcha -> Enter Username (UI page) -> select signup -> get error message "account already exists" -> Enter Username+Password (UI page) -> Enter OTP (UI Page). The Enter OTP page has an already prefilled OTP password, and I just hit the ok button. During setup the only Home assistant logs I get so far is: 12:02:28.585 WARNING (MainThread) [homeassistant.util.loop] Detected blocking call to load_verify_locations with args (<ssl.SSLContext object at 0x7ffa75a4ccd0>,) inside the event loop by custom integration 'alexa_media' at custom_components/alexa_media/config_flow.py, line 374: self.proxy = AlexaProxy( (offender: /config/deps/httpx/_config.py, line 149: context.load_verify_locations(cafile=cafile)), please create a bug report at https://github.com/alandtse/alexa_media_player/issues
For developers, please see https://developers.home-assistant.io/docs/asyncio_blocking_operations/#load_verify_locations
Traceback (most recent call last):
File "<frozen runpy>", line 198, in _run_module_as_main
File "<frozen runpy>", line 88, in _run_code
File "/usr/src/homeassistant/homeassistant/__main__.py", line 223, in <module>
sys.exit(main())
File "/usr/src/homeassistant/homeassistant/__main__.py", line 209, in main
exit_code = runner.run(runtime_conf)
File "/usr/src/homeassistant/homeassistant/runner.py", line 189, in run
return loop.run_until_complete(setup_and_run_hass(runtime_config))
File "/usr/local/lib/python3.12/asyncio/base_events.py", line 674, in run_until_complete
self.run_forever()
File "/usr/local/lib/python3.12/asyncio/base_events.py", line 641, in run_forever
self._run_once()
File "/usr/local/lib/python3.12/asyncio/base_events.py", line 1990, in _run_once
handle._run()
File "/usr/local/lib/python3.12/asyncio/events.py", line 88, in _run
self._context.run(self._callback, *self._args)
File "/config/deps/aiohttp/web_protocol.py", line 477, in _handle_request
resp = await request_handler(request)
File "/config/deps/aiohttp/web_app.py", line 567, in _handle
return await handler(request)
File "/config/deps/aiohttp/web_middlewares.py", line 117, in impl
return await handler(request)
File "/usr/src/homeassistant/homeassistant/components/http/security_filter.py", line 92, in security_filter_middleware
return await handler(request)
File "/usr/src/homeassistant/homeassistant/components/http/forwarded.py", line 210, in forwarded_middleware
return await handler(request)
File "/usr/src/homeassistant/homeassistant/components/http/request_context.py", line 26, in request_context_middleware
return await handler(request)
File "/usr/src/homeassistant/homeassistant/components/http/ban.py", line 86, in ban_middleware
return await handler(request)
File "/usr/src/homeassistant/homeassistant/components/http/auth.py", line 242, in auth_middleware
return await handler(request)
File "/usr/src/homeassistant/homeassistant/components/http/headers.py", line 32, in headers_middleware
response = await handler(request)
File "/usr/src/homeassistant/homeassistant/helpers/http.py", line 73, in handle
result = await handler(request, **request.match_info)
File "/usr/src/homeassistant/homeassistant/components/http/decorators.py", line 81, in with_admin
return await func(self, request, *args, **kwargs)
File "/usr/src/homeassistant/homeassistant/components/config/config_entries.py", line 222, in post
return await super().post(request, flow_id)
File "/usr/src/homeassistant/homeassistant/components/http/data_validator.py", line 74, in wrapper
return await method(view, request, data, *args, **kwargs)
File "/usr/src/homeassistant/homeassistant/helpers/data_entry_flow.py", line 122, in post
result = await self._flow_mgr.async_configure(flow_id, data)
File "/usr/src/homeassistant/homeassistant/data_entry_flow.py", line 367, in async_configure
result = await self._async_configure(flow_id, user_input)
File "/usr/src/homeassistant/homeassistant/data_entry_flow.py", line 414, in _async_configure
result = await self._async_handle_step(
File "/usr/src/homeassistant/homeassistant/data_entry_flow.py", line 517, in _async_handle_step
result: _FlowResultT = await getattr(flow, method)(user_input)
File "/config/custom_components/alexa_media/config_flow.py", line 569, in async_step_totp_register
return await self.async_step_start_proxy(user_input)
File "/config/custom_components/alexa_media/config_flow.py", line 374, in async_step_start_proxy
self.proxy = AlexaProxy( I followed the documentation and all my dependencies should be ok: |
I fixed that WARNING but from memory can't recall if it''s reflected in |
I'm running homeassistant with docker (homeassistant/home-assistant:2024.11.3) kubectl exec -ti hass-66d45d7b74-cnrv5 -- bash
hass-66d45d7b74-cnrv5:/config# pip show authcaptureproxy
Name: authcaptureproxy
Version: 1.3.3
Summary: A Python project to create a proxy to capture authentication information from a webpage. This is useful to capture oauth login details without access to a third-party oauth.
Home-page: https://github.com/alandtse/auth_capture_proxy
Author: Alan D. Tse
Author-email:
License: Apache-2.0
Location: /config/deps
Requires: aiohttp, beautifulsoup4, httpx, multidict, typer, yarl
Required-by: AlexaPy |
IMPORTANT: Please search the issues, including closed issues, and the FAQ before opening a new issue. The template is mandatory; failure to use it will result in issue closure.
I was logging in successfully but not seeing any devices. I have tried several time each time requiring a login. Currently, after I submit my login credentials, I get options on how I want to get my otp. When I pick one, I am immediately ask for my email address. Consequently, amazon will not text an opt to my cell phone number. When I login into amazon I need to use the authentication app.
To Reproduce
I really don't know how to reproduce this. I am guessing login some amount of times. I can show you the behavior.
Expected behavior
Screenshots
Recording.2024-10-08.133443.mp4
System details
const.py
or HA startup log):ow alexapy` in homeasssistant container or HA startup log):
Debug Logs (alexa_media & alexapy)
Please provide logs.
Additional context
The text was updated successfully, but these errors were encountered: