cannot login BadAuthentication

jr3074 commented 4 years ago

error cannot login, BadAuthentication i use latest version 0.4.4

kallix commented 4 years ago

For what it's worth... Usually, when I face this problem, It can be solved by moving to a machine with very up-to-date software, login through googleplay-api with email and pass, obtain gsfid and authSubToken and move those back where it belongs.

I suspect (completely untested) that Google Play is a bit touchy with the system TLS lib.

spljaa commented 4 years ago

@kallix Could you elaborate a bit that info about modern system? For me it fails - thus if you could name a Linux OS, I would run that auth inside some image/container. Python version? Requests library version? Regards Jan

therealssj commented 4 years ago

same issue here. could you elaborate more by what you mean up-to-date software @kallix ty

kallix commented 4 years ago

First, let's clarify the two login methods: 1) Login with email and password (and no gsfId and no authSubToken); 2) Login with gsfId and authSubToken (and no email and no password)

The only reason to use the first login method is to obtain the gsfId and authSubToken (which seem to expire after some time and/or some number of actions).

For login method 2), I've never had any issue related with software versions. However, I have a few machines where login method 1) will reliably fail. Those machines are an old Debian 9 (stretch), and an old FreeBSD 11.2.

For those machines, when it's time to renew gsfId and authSubToken (i.e., when login method 2 fails for several hours for those google accounts), the only way I found is to:

Perform login method 1) from my laptop (which runs a constantly updated Debian SID, and frequently updated python3.8 modules from pip)
Get the new gsfId and authSubToken
Move the new gsfId and authSubToken to my old machine -> at that point, login method 1) works again

I think that login method 1) has a fair bit of extra checking on Google's side.

If you're still stuck, please describe which login methods you tried, how old are your gsfId and authSubToken, etc. Also, check on Google's Account security page if settings there are OK. I think unless you activated 2FA with an app specific password, login method 1) will require the "enable insecure apps" (or something like that). Note this "insecure apps" thing regularly auto-deactivates itself. I highly recommend the 2FA + specific app password which made it much simpler and much more reliable for me.

kaowul commented 4 years ago

error cannot login, "server says: BadAuthentication"

NoMore201 / googleplay-api

cannot login BadAuthentication #125