Worx hosts their cloud API server with Cloudflare, and appears to have enabled Cloudflare Turnstile to intercept connection attempts from flagged IP addresses. How those IP addresses are flagged is unclear. The effect is that, for some requestors, instead of directly connecting to the API, HTTP status 403 is returned, with an error page that's full of Javascript, with the intention that a normal browser would successfully execute a challenge and be forwarded to the actual API endpoint. Unfortunately, this interception will of course result in an exception here:
https://github.com/MTrab/pyworxcloud/blob/eb4a38f489d9f9ff49406d1c2bcf9a37b45c44f0/pyworxcloud/utils/requests.py#L56-L70
Solving it programmatically in this library might be possible, but would be pretty clunky, for example by running a JS engine to process the challenge. Instead, I'm hoping that with your open dialog with Worx, you might be able to find a way to work through it -- whether using specific headers to identify this library and bypass Turnstile, or some other approach mutually agreeable with them.
For reference, I'm attaching logs showing the results of curl -v https://id.worx.com/login from a client that's being intercepted by Turnstile, and one that is allowed to connect unimpeded.
worx-clear.logworx-cloudfare-turnstile.log
Worx hosts their cloud API server with Cloudflare, and appears to have enabled Cloudflare Turnstile to intercept connection attempts from flagged IP addresses. How those IP addresses are flagged is unclear. The effect is that, for some requestors, instead of directly connecting to the API, HTTP status 403 is returned, with an error page that's full of Javascript, with the intention that a normal browser would successfully execute a challenge and be forwarded to the actual API endpoint. Unfortunately, this interception will of course result in an exception here: https://github.com/MTrab/pyworxcloud/blob/eb4a38f489d9f9ff49406d1c2bcf9a37b45c44f0/pyworxcloud/utils/requests.py#L56-L70
Solving it programmatically in this library might be possible, but would be pretty clunky, for example by running a JS engine to process the challenge. Instead, I'm hoping that with your open dialog with Worx, you might be able to find a way to work through it -- whether using specific headers to identify this library and bypass Turnstile, or some other approach mutually agreeable with them.
For reference, I'm attaching logs showing the results of
curl -v https://id.worx.com/login
from a client that's being intercepted by Turnstile, and one that is allowed to connect unimpeded. worx-clear.log worx-cloudfare-turnstile.log