search

AnalogJ / lexicon

Manipulate DNS records on various DNS providers in a standardized way.
MIT License
1.46k stars 298 forks source link

[easyname] provider broken (security code/2FA, REST API) #1925

Open pannal opened 3 weeks ago

pannal commented 3 weeks ago 
 Traceback (most recent call last):
   File "/usr/local/bin/lexicon", line 8, in <module>
     sys.exit(main())
   File "/usr/local/lib/python3.10/dist-packages/lexicon/cli.py", line 131, in main
     results = client.execute()
   File "/usr/local/lib/python3.10/dist-packages/lexicon/client.py", line 81, in execute
     self.provider.authenticate()
   File "/usr/local/lib/python3.10/dist-packages/lexicon/providers/base.py", line 73, in authenticate
     self._authenticate()
   File "/usr/local/lib/python3.10/dist-packages/lexicon/providers/easyname.py", line 91, in _authenticate
     self._login(csrf_token)
   File "/usr/local/lib/python3.10/dist-packages/lexicon/providers/easyname.py", line 83, in _login
     assert json_response["redirectUrl"] == self.URLS["dashboard"], (
 KeyError: 'redirectUrl'

dns-lexicon==3.11.7

pannal commented 3 weeks ago

After disabling 2FA in my easyname account, this happens:

Traceback (most recent call last):
  File "/usr/local/bin/lexicon", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.10/dist-packages/lexicon/cli.py", line 131, in main
    results = client.execute()
  File "/usr/local/lib/python3.10/dist-packages/lexicon/client.py", line 81, in execute
    self.provider.authenticate()
  File "/usr/local/lib/python3.10/dist-packages/lexicon/providers/base.py", line 73, in authenticate
    self._authenticate()
  File "/usr/local/lib/python3.10/dist-packages/lexicon/providers/easyname.py", line 91, in _authenticate
    self._login(csrf_token)
  File "/usr/local/lib/python3.10/dist-packages/lexicon/providers/easyname.py", line 79, in _login
    assert (
AssertionError: Could not login due to a network error.

Also, easyname has a REST API now.

pannal commented 3 weeks ago

The same happens with dns-lexicon==3.17.0, log:

Arguments: Namespace(delegated=None, config_dir='/root', resolve_zone_name=False, provider_name='easyname', action='create', domain='xxxx.it', type='TXT', name='_acme-challenge.xxxx.it', content='validate', ttl=10, priority=None, identifier=None, log_level='DEBUG', output='TABLE', auth_username='xxxx@xxxx.net', auth_password='xxxxxxxxxxxxxxx*')
Parameter resolve_zone_name is not set, use tldextract to guess the zone name from known TLDs
unable to cache publicsuffix.org-tlds.{'urls': ('https://publicsuffix.org/list/public_suffix_list.dat', 'https://raw.githubusercontent.com/publicsuffix/list/master/public_suffix_list.dat'), 'fallback_to_snapshot': True} in /root/.lexicon_tld_set/publicsuffix.org-tlds/de84b5ca2167d4c83e38fb162f2e8738.tldextract.json. This could refresh the Public Suffix List over HTTP every app startup. Construct your `TLDExtract` with a writable `cache_dir` or set `cache_dir=None` to silence this warning. [Errno 20] Not a directory: '/root/.lexicon_tld_set/publicsuffix.org-tlds'
Starting new HTTPS connection (1): publicsuffix.org:443
https://publicsuffix.org:443 "GET /list/public_suffix_list.dat HTTP/1.1" 200 86322
Actual zone name resolved for domain xxxx.it: xxxx.it
Starting new HTTPS connection (1): my.easyname.com:443
https://my.easyname.com:443 "GET /en/login HTTP/1.1" 200 None
Home response: URL=https://my.easyname.com/en/login Code=200
https://my.easyname.com:443 "POST /en/authentication-api/login HTTP/1.1" 400 79
Login response: URL=https://my.easyname.com/en/authentication-api/login Code=400
Traceback (most recent call last):
  File "/usr/local/bin/lexicon", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.10/dist-packages/lexicon/_private/cli.py", line 135, in main
    results = client.execute()
  File "/usr/local/lib/python3.10/dist-packages/lexicon/client.py", line 211, in execute
    executor = self.__enter__()
  File "/usr/local/lib/python3.10/dist-packages/lexicon/client.py", line 168, in __enter__
    raise e
  File "/usr/local/lib/python3.10/dist-packages/lexicon/client.py", line 161, in __enter__
    provider.authenticate()
  File "/usr/local/lib/python3.10/dist-packages/lexicon/_private/providers/easyname.py", line 93, in authenticate
    self._login(csrf_token)
  File "/usr/local/lib/python3.10/dist-packages/lexicon/_private/providers/easyname.py", line 83, in _login
    login_response.status_code == 200
AssertionError: Could not login due to a network error.
pannal commented 3 weeks ago

OK, this seems to be due to an easyname change: They now either require 2FA or a security code sent via email when logging in. I think the provider needs to be changed to use their REST API instead of crawling.

https://api-docs.easyname.com/

elpollodiablo commented 3 weeks ago

OK, this seems to be due to an easyname change: They now either require 2FA or a security code sent via email when logging in. I think the provider needs to be changed to use their REST API instead of crawling.

https://api-docs.easyname.com/

The rest api does not support changing dns records. I'm considering switching to a completely different domain provider due to this :(