Worx Landroid login is broken

[MTrab]

Issue just for info and tracking of code-changes.

Worx Landroid login is as of now broken, need to investigate what have changed. This is NOT related to the integration iitself rather the connector module: https://github.com/MTrab/pyworxcloud/issues/83

[zsolti80]

unfortunately I can't log in either, I can't use the integration.

[MTrab]

Correct - EVERYONE has this issue

[danielp370]

FYI - I was on 2022.8.7 and it also has the login issue (same behavior as 2022.9)

[Boeng01]

Hey Marlene, hope you can fix this soon. If there's anything one can do to support, just ask.

[MTrab]

Unfortunately my oldest son is graduating his education this week, so won't be able to find time to find the changes until at earliest in a week or so

[DocSpider]

Hey Marlene, another note if it helps: no more access via the desktop APP (Eisha DeskApp.).

[MTrab]

Has nothing to do with me, but as that program uses same URLS and auth methods, then yes

[teshiburu2020]

Appreciate you are busy with Graduation things this week figured I would tag this on here, I'm having similar issues but with a different error code

This error originated from a custom integration.

Logger: custom_components.landroid_cloud
Source: custom_components/landroid_cloud/utils/logger.py:126
Integration: Landroid Cloud (documentation, issues)
First occurred: 11:30:04 (1 occurrences)
Last logged: 11:30:04

(API) Endpoint for XXXXX@gmail.com was not found.

[anasiot]

same here unable to login for worx

[MTrab]

Appreciate you are busy with Graduation things this week figured I would tag this on here, I'm having similar issues but with a different error code

This error originated from a custom integration.

Logger: custom_components.landroid_cloud
Source: custom_components/landroid_cloud/utils/logger.py:126
Integration: Landroid Cloud (documentation, issues)
First occurred: 11:30:04 (1 occurrences)
Last logged: 11:30:04

(API) Endpoint for XXXXX@gmail.com was not found.

Same error

[MTrab]

same here unable to login for worx

As written in one of the first comments Correct - EVERYONE has this issue

[roofburner]

I'm able to log in at https://id.eu.worx.com/ to check my username/password. I can not login at https://www.worx.com/customer/account/login/. This is the error I get: "The account sign-in was incorrect or your account is disabled temporarily. Please wait and try again later." I tried resetting my password via https://www.worx.com/customer/account/forgotpassword/, but I never received an email. Maybe there is a Worx auth server down?

[MTrab]

Nothing is down - they have moved to a new auth server

[RickieCZ]

I'm able to log in at https://id.eu.worx.com/ to check my username/password. I can not login at https://www.worx.com/customer/account/login/. This is the error I get: "The account sign-in was incorrect or your account is disabled temporarily. Please wait and try again later." I tried resetting my password via https://www.worx.com/customer/account/forgotpassword/, but I never received an email. Maybe there is a Worx auth server down?

As i know .... www.worx.com is dedicated for US users eu.worx.com is for EU users

[MTrab]

Just need to sniff the changed parameters. The URL I have found already

[Makana80]

Same Issue

Logger: custom_components.landroid_cloud.config_flow Source: custom_components/landroid_cloud/utils/logger.py:126 Integration: Landroid Cloud (documentation, issues) First occurred: 10:30:36 (1 occurrences) Last logged: 10:30:36

(Config) Unexpected exception:

[shawwellpete]

Unfortunately my oldest son is graduating his education this week, so won't be able to find time to find the changes until at earliest in a week or so

Came on to see if there was an issue, found out there was.

Congratulatiuons to your son! Mine is also graduating this year, good luck to yours in the next chapter of life.

[MTrab]

Did a little research and doesn't seem to be an easy fix, and I might need some help. I have found that the ioBroker integrationg got fixed, unfortunately I don't speak JavaScript that well to be able to decipher what they are doing:

https://github.com/iobroker-community-adapters/ioBroker.worx/blob/master/main.js#L118

Anyone?

[ebolam]

Didn't dive too far into it, but it looks like it's sending a request to a url with a bunch of parameters (client ID and token). The response is a form. Looks the the code fills out the username/password on the form and sends it back with a header. Then it's doing the final oauth to another url with the token from the form submittal's return.

[Zanoroy]

@MTrab I had a quick look, it doesnt appear to be too hard:

1. Create a "code_verifier" and "codeChallenge" (I'll use the names from oiBroker) by:

   • Creating an alpha numeric string of a random 64 characters
   • code_verify = base64 string of the new random string
   • codeChallenge = a SHA256 hash of code_verify

2. Make a web client request (https://id.eu.worx.com/oauth/authorize?) with the following query string variables

   • response_type=code
   • client_id=013132A8-DB34-4101-B993-3C8348EA0EBC (this appears to be hard coded, but its possible that this is requested from worx? like an app_id)
   • redirect_uri=com.worxlandroid.landroid://oauth-callback/ (again: this appears to be hard coded)
   • scope=user:manage%20data:products%20mower:pair%20mower:update%20mower:lawn%20mower:view%20user:certificate%20user:profile%20mower:unpair%20mobile:notifications%20mower:warranty%20mower:firmware%20mower:activity_log&state=-u8vt3mPPBuugVgUpr4CD53MkzsyTeKP-x528sQ8
   • code_challenge=(The challenge code produced in step 1)
   • code_challenge_method=S256
   • suggested_authentication_flow=login

The "scope" appears to be just url encoded data/value pairs in a json 'ish' format.

The above client request 'get' is sent using the headers: accept: "text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8", "user-agent": this.userAgent, "accept-language": "de-de" I would expect you could change the language but hey, if it works why play wth it.

The response is captured into a variable (loginForm in the oibroker code) and the 'form' data is extracted into json (so basically find all form objects and create a json string of all the name/values pairs).

The form data object's email address and password fields are updated and a web client 'post' is sent to https://id.eu.worx.com/login with the post data is the updated 'form data'.

The following headers are used for the POST: accept: "text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8", "content-type": "application/x-www-form-urlencoded", "accept-language": "de-de", "user-agent": "ioBroker 1.6.7", <- (I assume you will want to change this to something else)

The response to the above post is captured to a variable named codeResponse (it shoudl be json data if not something went wrong) this is going to be used in the final step below.

The "token" is then requested by a 'post' request to https://id.eu.worx.com/oauth/token? with the following: Post data (json): { client_id: "013132A8-DB34-4101-B993-3C8348EA0EBC", code: codeResponse.code, <- (this is the data returned from the last post) redirect_uri: "com.worxlandroid.landroid://oauth-callback/", code_verifier: code_verifier, <- (created as part of step 1) grant_type: "authorization_code", }

Sent with the following web client headers: accept: "application/json", "content-type": "application/json", "user-agent": "ioBroker 1.6.7", <- (I assume you will want to change this to something else) "accept-language": "de-de",

If no errors where returned, you now have the auth token.

If you need a hand to get it into python let me know (I hate writing code in python) but I do love all the work you have put in, so I am happy to help if you need it.

Cheers P.S. All of the above steps can be manually tested using postman if you are so inclined.

[MTrab]

The unexpected has happend!! I woke up to an invite from Positec (those who is behind the Landroid brand) to gain access to their private repo to see how to generate the login and how to do the communication with the backend.

I do feel a little special now - they have ALWAYS turned down my requests for this.

This will help me ALOT in repairing the integration. Already got the token generation sorted the right way (and not the hacky way that ioBroker uses)

[Fettkeewl]

they have ALWAYS turned my requests down.

Haha! I bet you that the person responsible for turning you down before is a frequent user of your integration by now and is pulling their hair now that it does not work.

[MTrab]

Haha - perhaps :) But it is SO nice.

Think I'll post a quickfix for the current version and then during winter do another complete rebuild based on these new informations.

[fra87]

I'm glad they recognized the great work you are doing (and that they are supporting your efforts). After all, your work is then converted in a better user experience for their customers.

Keep up the great work 😊

[teocannata]

I updated and trying to add Landroid Cloud integration I get an error loading config flow, "undefined". Am I the only one?

(I didn't reach login pop-up)

[MTrab]

Try reinstalling. Just went thru the full experience on the latest HA release without any issues

[stefxx]

Hi @MTrab, nice work! Are you willing to share what's changed? I have an integration (in dotnet) for HomeSeer and would love to learn. Thanks!

[teocannata]

Try reinstalling. Just went thru the full experience on the latest HA release without any issues

Worked! Remove and install again. Thanks!

[MTrab]

@stefxx all changes are visible in the pyWorxCloud repo

[tomkruhlmann]

Works like a charm - U rock @MTrab

[stefxx]

@stefxx all changes are visible in the pyWorxCloud repo

Thanks. I got most of it working, thanks to your updated code.

One question; the token expires every 60 minutes. However, using MQTT there is no need to ever refresh the token as all commands are send and received through MQTT? But even if I try, it fails with a "400 Bad Request". Could it be that the "grant_type" should be set to something else than "password"?

[stefxx]

Just tested; setting the grant_type to "refresh_token" does the trick. You might want to update your code.

Thanks again!

[MTrab]

Haven't build in the correct token refresh routine yet. But correct, as long as the MQTT session is active there should be no need for refreshing the token

[MTrab]

As written - the code doesn't even use that one right now ;) Just prepared the function

[roofburner]

What Lovelace card do you use? I had Landroid Cloud 2.0.3, because I used https://github.com/Barma-lej/halandroid. As I'm using 2.3.2 now, that card stopped working (as mentioned by the repo: does not work with Landroid Cloud > 2.0.3). Do you use this https://github.com/Barma-lej/landroid-card?

[MTrab]

I use standard entity card. Nothing fancy

[moelloman]

Do you use this https://github.com/Barma-lej/landroid-card?

@roofburner I use the card and it works fine.

[roofburner]

I'm trying to install the Barma-lej card, but I'm getting this error: "Custom element doesn’t exist: landroid-card."

I'm using Lovelace in YAML mode.

I have installed the custom repo of Barma-lej. It appears in my HACS - Frontend as "Landroid Cloud" (capitals, no dash, is that OK?)

I included this in my ui-lovelace.yaml (landroid-card.js is here: /usr/share/homeassistant/www/community/landroid-card/landroid-card.js)

resources:
  - url: /local/community/landroid-card/landroid-card.js
    type: module

My Landroid Cloud seems to work (@MTrab: Thx!), as the entity vacuum.mower appears in my Developer Tools

I ran a debug, but it doesn't seem to throw an error on the card setup/usage... What are my options?

[MTrab]

Go to the correct repo and ask ;) You are better off asking on Barma-Lej repo

[MTrab]

@stefxx could you please provide an email adress i can forward to Positec?

[roofburner]

@MTrab You're right! Thx again...

[moelloman]

I'm trying to install the Barma-lej card, but I'm getting this error: "Custom element doesn’t exist: landroid-card."

I'm using Lovelace in YAML mode.

I have installed the custom repo of Barma-lej. It appears in my HACS - Frontend as "Landroid Cloud" (capitals, no dash, is that OK?)

I included this in my ui-lovelace.yaml (landroid-card.js is here: /usr/share/homeassistant/www/community/landroid-card/landroid-card.js)

resources:
  - url: /local/community/landroid-card/landroid-card.js
    type: module

My Landroid Cloud seems to work (@MTrab: Thx!), as the entity vacuum.mower appears in my Developer Tools

I ran a debug, but it doesn't seem to throw an error on the card setup/usage... What are my options?

I installed the new card via HACS wtihout problems. Have you removed the include for the old card in the configuration?

homeassistant:
  packages: !include_dir_named packages

[roofburner]

Dear moelloman,

I have removed the old card and replaced it with the new one. To be sure, I removed "packages" line you mentioned, but it did not help. I've opened a ticket in the repo of Barma-lej...

Thx!

[danielp370]

Thanks for the fix - donated a couple of coffees :)

On Tue, 4 Oct 2022, 10:05 pm Malene Trab, @.***> wrote:

Closed #259 https://github.com/MTrab/landroid_cloud/issues/259 as completed via #266 https://github.com/MTrab/landroid_cloud/pull/266.

— Reply to this email directly, view it on GitHub https://github.com/MTrab/landroid_cloud/issues/259#event-7515260174, or unsubscribe https://github.com/notifications/unsubscribe-auth/AB7I6UKLIT3VMFAFKZ6KKXLWBQFQ7ANCNFSM6AAAAAAQWRJGNQ . You are receiving this because you commented.Message ID: @.***>

[zsolti80]

Thank you how he managed to solve the integration. I am glad about him very much, the lawnmower works! I selected this type because of this mainly because it is possible to integrate. I did not integrate the card yet,but the entity works. Good luck in the future. Congratulations! :)