Closed exstrim401 closed 7 months ago
Same without 2-factor.
Strange, I just tested it and it works for me. Did you ensure to escape the password properly?
For the record, I'm using an app password.
Also, did you enter your full email address as the username?
I tried on an account without 2 factor auth, and the Google Login still doesn't work for me.
Could not log in to Google Play. Please check your credentials and try again later.
./apkeep -a com.instagram.android .
Downloading com.instagram.android...
./apkeep -d GooglePlay --username account@domain.com --password SuperSecretSauce -a com.instagram.android .
Could not log in to Google Play. Please check your credentials and try again later.
@ryanerwin for accounts with 2FA you need to create an app password in account settings. Did you try with that?
This test was on an account WITHOUT 2 factor auth
Ah, sorry, misread that. Alright, I'm pressed for time this week so I'll have to check what's going on next week with this.
No worries.
If you need any additional debug / reproduce information to get to the bottom of it, please let me know.
Tried both username and with full email of two different accounts w/o 2-factor. Ps and it will be great if our passwords would not be saved in system logs(bash history at least).
@ryanerwin I just removed 2FA on my test account and generated a new 25 character password which includes A-Z, a-z, 0-9 and special characters. I was unable to reproduce the bug. Can you try to see if the download works when you:
Alright, I'm able to reproduce this on a new account I created. I was wondering if this was because I had never linked an Android device to that account, and thus never went through any Play Store TOS agreement dialogue. This doesn't seem to be the case, though, since I just added a device to the new account and I'm still getting that invalid credentials error. I'll have to inspect the traffic and see if there's a deeper error that isn't propagating up to the user.
Inspecting the traffic, I'm seeing the following (token redacted):
Error=NeedsBrowser
Url=https://accounts.google.com/signin/continue?sarp=1&scc=1&continue=https://accounts.google.com/o/android/auth?hl%3Den_US_en%26xoauth_display_name%3DAndroid%2BLogin%2BService%26source%3DAndroid%2BLogin&plt=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
ErrorDetail=To access your account, you must sign in on the web. Touch Next to start browser sign-in.
Looking this up on Google led me to this page: https://github.com/nviennot/android-checkin/issues/3
Looks like
"Continue" needs to be clicked here: https://accounts.google.com/b/0/DisplayUnlockCaptcha
Just tried this, still getting the same error though. Might need to propagate, I'll give it a little time before trying something different.
This might be an issue where Google is forcing people through a login prompt that requires you to enter your phone number before proceeding. I'm going to work on propagating the error up through https://github.com/Hainish/rs-google-play/tree/master/gpapi to the user.
I've enabled "less secure apps" in the account I was testing with, however even that isn't enough...
Still getting:
Could not log in to Google Play. Please check your credentials and try again later.
@ryanerwin have you also done this: https://accounts.google.com/b/0/DisplayUnlockCaptcha
For reference, here is how the Python library handles this error: https://github.com/NoMore201/googleplay-api/blob/664c399f8196e1eb7d2fcda4af34e5dc1fca0f20/gpapi/googleplay.py#L234
I usually follow their conventions. I'm going to add this and have it propagate up to the user. I'm unsure how else to deal with this, it seems like a problem on Google's side.
@exstrim401 @L34T @ryanerwin
When running from the latest master
commit, are you now seeing the following error message?
Security check is needed, try to visit https://accounts.google.com/b/0/DisplayUnlockCaptcha to unlock, or setup an app-specific password
When running from the latest
master
commit, are you now seeing the following error message?Security check is needed, try to visit https://accounts.google.com/b/0/DisplayUnlockCaptcha to unlock, or setup an app-specific password
tag 0.5.0-16-g5a360ed 1) requires 'libssl-dev' package to build 2) Got the message, account access switched. Nothing changed. 3) Tryed debugging proxy but with env http/https_proxy have no success. Maybe you could suggest best way to use custom proxy for debugging apkeep?
@Hainish
apkeep -a com.instagram.android . -d GooglePlay -u 'kimjongun@example.com' -p *********
Could not log in to Google Play. Please check your credentials and try again later.
Still Error=NeedsBrowser
Both clicking https://www.google.com/settings/security/lesssecureapps and https://accounts.google.com/b/0/DisplayUnlockCaptcha didn't help.
Solution here: https://github.com/NoMore201/googleplay-api/pull/153 To fix it you can only PR in https://github.com/dweinstein/rs-google-play/blob/master/gpapi/src/lib.rs
0a84406d4f1ce8f4dec7507aab4e2a7880716307 updates dependencies to implement the solution in https://github.com/EFForg/apkeep/issues/151. I was unable to reproduce the problem, so someone else will have to test it the current master
fixes the problem.
Until I get an account that can effectively debug this, it's hard for me to track the issue down.
When I turn off 2FA, I can download apps with my password.
When 2FA is enabled, I can create an app password and that works just as well.
Same thing happens to me, I have an account with 2FA and I set up a app password:
$ ./apkeep-x86_64-unknown-linux-gnu -d GooglePlay --username myemail@gmail.com --password apppassword -a com.a2a.energia .
0a84406 updates dependencies to implement the solution in EFForg/apkeep#151 (comment). I was unable to reproduce the problem, so someone else will have to test it the current master fixes the problem.
It doesn't.
I have tried to install the latest commit with: cargo install --git https://github.com/EFForg/apkeep.git
And I still get the error:
$ apkeep -d google-play --username myemail@gmail.com --password myapppassword -a com.a2a.energia .
Could not log in to Google Play. Please check your credentials and try again later.
The account has 2FA and I'm using an app password.
Until I get an account that can effectively debug this, it's hard for me to track the issue down.
Didn't you say that you were able to reproduce this with a new account?
Alright, I'm able to reproduce this on a new account I created.
0a84406 updates dependencies to implement the solution in EFForg/apkeep#151 (comment). I was unable to reproduce the problem, so someone else will have to test it the current master fixes the problem.
It doesn't.
I have tried to install the latest commit with:
cargo install --git https://github.com/EFForg/apkeep.git
And I still get the error:
$ apkeep -d google-play --username myemail@gmail.com --password myapppassword -a com.a2a.energia . Could not log in to Google Play. Please check your credentials and try again later.
The account has 2FA and I'm using an app password.
Until I get an account that can effectively debug this, it's hard for me to track the issue down.
Didn't you say that you were able to reproduce this with a new account?
Alright, I'm able to reproduce this on a new account I created.
same here
Was able to reproduce with a specific condition. I am running a Wireguard server, a UDP based VPN protocol. When turned on and pointing to 1.1.1.1/1.0.0.1 I can't even call www.googleapis.com
.
ping: www.googleapis.com: Temporary failure in name resolution
On APKeep:
Could not log in to Google Play. Please check your credentials and try again later.
When turned off, I am able to call and download a test .apk
package without issue.
I wasn't able to grab all info I needed as to which particular failure during resolution occurred (my internet is flaky at the moment), but that was the main block on my end as to why I could not login.
It's not a resolution because that insinuates DNS problems for everyone on this issue, but maybe try pinging www.googleapis.com
and see what shakes (or doesn't shake).
Tried both app password and own account password but getting same login error for Google play ApkPure download works fine.
I don't have a device associated with my google account Incase that makes a difference.
As a note, Google has disallowed "less secure apps" in May. I don't currently have an account where I'm encountering these issues.
@skjom84 You may need to accept the Google Play Terms of Service in order to download apps with apkeep
. Can you try that in your browser first? If that doesn't work, an emulator might be needed.
Hi, I'm having the same problem. I modified the code a bit to print out the error:
diff --git a/src/google_play.rs b/src/google_play.rs
index b166007..b7f6d47 100644
--- a/src/google_play.rs
+++ b/src/google_play.rs
@@ -32,7 +32,7 @@ pub async fn download_apps(
if let Err(err) = gpa.login(username, password).await {
match err.kind() {
GpapiErrorKind::SecurityCheck | GpapiErrorKind::EncryptLogin => println!("{}", err),
- _ => println!("Could not log in to Google Play. Please check your credentials and try again later."),
+ _ => println!("Could not log in to Google Play. Please check your credentials and try again later. {}", err),
}
std::process::exit(1);
}
And I got
Could not log in to Google Play. Please check your credentials and try again later. No GSF auth token
I saw there was a similar issue opened in the gapi
project, but no details on how it was solved: https://github.com/EFForg/rs-google-play/issues/1
I think GSF stands for Google Services Framework, maybe we need a validated device registered to the google play account?
I have the same issue "Could not log in to Google Play. Please check your credentials and try again later. ". I tried with normal/app password with/without 2FA, logging to the browser from desktop/mobile.
note that the EncryptedPasswd
login method coded here:
https://github.com/EFForg/rs-google-play/blob/2f15b2b1/gpapi/src/lib.rs#L985-L1000
has not been used by Google Services Framework since version 4.4 (2013). since version 5 (2014), the login uses this URL:
https://accounts.google.com/embedded/setup/android
and since version 7.1 (2016), this URL is used:
https://accounts.google.com/embedded/setup/v2/android
a password login is still possible, but its protected with Google bot-guard, so probably a better option is to accept the oauth_token
cookie instead.
@exstrim401 @Hainish ^
I am testing by adding a phone number, and the google authenticator/totp codes here, and I will report back. If you can't locate it, it is called "2-Step Verification" under My Account.
Update: Confirming that adding BOTH a phone number and the google authenticator did not work.
At this point, perhaps a browser-based extension would be a good idea?
Same here after building the last released of Apkeep (0.15.0
) and the last commit (74c63f8
):
$ target/debug/apkeep --app com.instagram.android -d google-play -u '[redacted]' -p '[redacted]' ./
Could not log in to Google Play. Please check your credentials and try again later. No GSF auth token
More strange: all works as expected with the binary asset in the last release from Github, but it fail if I compile it myself.
Do you build it with special flags or options?
@codeurimpulsif as previously mentioned:
https://github.com/EFForg/apkeep/issues/151#issuecomment-1703998639
any solution connecting to Google Play directly, with username and password, is using an old Android 4.4 from 2013. back then you could authenticate with just a password, as long as you could mimic the TLS signature of an Android device. since Android 5 (2014), thats no longer the case. I would again strongly recommend that APKeep either drop username/password login to Google Play outright, or update the code to support the current JavaScript login (probably impossible), or support cookie header authentication, as my project does:
@3052 Yes thanks, but I still don't understand why the 0.15.0
binary from this Github repository works and not the exact same version when compiled from source.
Google migrated to the Play API v3, which is supported in 0.16.0. This should be fixed.
just to clarify the above, password login is NOT supported anymore with Apkeep, same as my code. instead, you have to provide OAuth token or Aas token
I use two factor auth. Created app password at https://myaccount.google.com/apppasswords but apkeep says that it's incorrect. Same with my real password