Closed pdev77 closed 1 year ago
Just had the same issue, but not sure if it's hive having problems.
Trying to login to their web portal:
URL redirects to: https://sso.hivehome.com/?client=v3-web-prod&redirect=https://my.hivehome.com And page simply displays: {"message":"Forbidden"}
So it may be hive having problems. (Tested 28/june 13:04 BST)
It seems that hive are blocking based on ip/subnet!
Access is blocked (as I might expect) via surfshark vpn ({"message":"Forbidden"}) However my code was running from OracleCloud - where it has run for months & months. However I cannot even curl to https://sso.hivehome.com/ (returns {"message":"Forbidden"}) from there now. Works fine when running from home PC - so problem solved. Hope this info might help others.
testing this further, it's not just my home broadband IP block (I work for an ISP so have the ability to test from large subnets) - Testing from other subnets in our ISP range, most seem to give this Forbidden, so it doesn't appear to be something I specifically have done, it seems they're blocking huge UK ranges.
Further, I have found that if you are logged in/authenticated, you should be fine. If you logout or need to re-auth that is the issue as it's only the sso.hivehome.com address that is carrying out the IP ban/filter. The actual https://my.hivehome.com/dashboard lets you in (I tested this by proxying my connection, authenticated then switched off the proxy. My auth cookies remained working/logged in)
I've finally found somebody at Hive who can understand the issue and comment, unfortunately it's not a fix.
"The platform team have looked into this. It looks like its has been blocked by AWS WAF HostingProviderIPList rule. This rule inspects for a list of IP addresses from hosting and cloud providers, which are less likely to source end-user traffic. For security reasons, we reject traffic originating from IP addresses classified as cloud hosting provider IPs."
So the answer is if you are coming from an IP listed by Amazon AWS WAF HostingProviderIPList then you will get the forbidden. Only way round it is to try and get your IP/block removed from HostingProviderIPList by Amazon AWS. I'm attempting this but don't see much future.
We may need to look at using a web proxy somehow in the integration to work around this?
Describe the bug Using pyhiveapi with 2FA(SMS) and device registration - all was working fine for a couple of weeks. Then unable to retrieve information via the tokens. Having retried the login script which is as simple as this:
it throws:
Expected behavior The registration step provides: devicegroupkey & authdevicekey & authdevicepasswd
This is using the latest pyhiveapi - with the session.py modifications as per https://github.com/Pyhass/Pyhiveapi/issues/57
I cant figure out how to enable more verbose debugging - pyhiveapi_error.log contains only the above info