Second Phase Connect to mysubaru.com Failing

[ifyouwouldplease]

Hello and thanks for subarulink. I'm getting an error when using the CLI, whether it's doing the initial interactive setup or when sending a command. My accounts were set up a week ago on 3/12. The process did demand that I set up 2-factor authentication. I do get data back from https://mobileapi.prod.subarucs.com , but there is an error on trying to connect to mysubaru.com:

... 'vehicleName': '2022 Crosstrek Limited', 'vin': 'JFXXXXXXXXXXXXXXX', 'zip': None}, 'dataName': 'vehicle', 'errorCode': None, 'success': True} 2022-03-19 16:26:43,386 - subarulink.connection - DEBUG - Authorizing device via web API 2022-03-19 16:26:43,387 - subarulink.connection - DEBUG - POST: https://www.mysubaru.com/login, params=None, json_data=None 2022-03-19 16:26:43,646 - subarulink.connection - ERROR - RequestInfo(url=URL('https://www.mysubaru.com/login'), method='POST', headers=<CIMultiDictProxy('Host': 'www.mysubaru.com', 'Accept': '/', 'Accept-Encoding': 'gzip, deflate', 'User-Agent': 'Python/3.9 aiohttp/3.8.1', 'Content-Length': '77', 'Content-Type': 'application/x-www-form-urlencoded')>, real_url=URL('https://www.mysubaru.com/login')) 2022-03-19 16:26:43,783 - subarulink.connection - ERROR - ('\r\n' '\r\n' '\r\n' ...

...plus the remainder of the raw HTML of the response, then:

'\r\n') 2022-03-19 16:26:43,785 - subarulink - ERROR - Unable to connect: HTTP 500: <Cli entResponse(https://www.mysubaru.com/login) [500 ]>

Could the 2-factor be causing the problem? I don't find any way to disable it.

[stboch]

I noticed the other day that my web login was getting 2f as well not exactly when they started will need to see if the app has an new endpoints for us to hit to get past it. Not uncommon event the Tesla team experienced the same issues.

[G-Two]

Yes, it appears to be 2-factor getting in the way of new device authorization. Existing authorizations seem to be unaffected (everything works fine on my end, unless I delete my config file, which removes the device_id). So this issue will affect anyone setting up subarulink (or the HA integration) for the first time, or after clearing the config data. It appears to be a straightforward 2FA flow, so I'll just need to add a means to input the 2FA response to subarulink as well as the HA config flow process. Thanks for letting me know, I had a feeling this would become an issue eventually.

Until this is fixed, a temporary workaround is to authorize your browser to the web application https://www.mysubaru.com/, and then go to Developer Tools in your browser and examine Local Storage for the site. Find a key that is CWP_DEVICE_ID_<your_email> and note the numerical value paired with it (it's a unix timestamp in milliseconds). Copy that value and paste it into the device_id field of the CLI config file subarulink.cfg. When this id is presented upon login, the Subaru API will treat the application as something that has been already been authorized via 2FA, and the CLI will work. This is obviously not a great workflow, so I'll try to fix as soon as I can.

[ifyouwouldplease]

Confirming that by using the CWP_DEVICEID* from a browser session I was able make the additional mysubaru.com connection.

Also, great workflow is best, but working workflow is way greater than broken, so thanks.

[G-Two]

There is now a prerelease that supports 2FA within the CLI:

pip install subarulink==0.5.0.dev0