Closed vance closed 4 years ago
same. I have to use token instead
same. I have to use token instead
@TANJX How did you obtain a token?
@chadwhitaker I honestly don't know how to do it programmatically. However, you can find one by opening your Robinhood Web, and it's in the request header in any XHR request.
The token is the long string without the Bearer
prefix
Confirmed this is broken for me too. I believe the fix is adding a device_token
property to the login payload. Unsure how we would go about generating a valid device_token
other than logging in via the webapp and copying the value which appears to be working for me at the moment.
looks like they figured out how to generate a valid device_token here https://github.com/Jamonek/Robinhood/issues/176
javascript:
const generateDeviceToken = () => {
const rands = [];
for (let i = 0; i < 16; i++) {
const r = Math.random();
const rand = 4294967296.0 * r;
rands.push(
(rand >> ((3 & i) << 3)) & 255
);
}
let id = '';
const hex = [];
for (let i = 0; i < 256; ++i) {
hex.push(Number(i + 256).toString(16).substring(1));
}
for (let i = 0; i < 16; i++) {
id += hex[rands[i]];
if (i == 3 || i == 5 || i == 7 || i == 9) {
id += "-";
}
}
return id;
};
looks like you have to pass in "challenge_type": "sms"
and I have not gotten past that step yet.
I was able to fix this previously by sending a device and client id with the authentication.
You can get your auth token by logging in to the web client, inspect any network request while on page, look for the authorization
header.
I'm going to close this as the issue seems to be obtaining the token and not so much the library itself.
Although it seems like we should add this to the Readme, if anyone has a definitive way to authenticate it would be great if you could send a PR adding that.
// Below is an issue template, feel free to modify it
Code being executed:
just authenticating
Expected result
get JWT
Actual behaviour
token not found {"statusCode":400,"body":{"detail":"This version of Robinhood is no longer supported. Please update your app or use Robinhood for Web to log in to your account."},"headers":{"date":"Thu, 02 May 2019 16:04:30 GMT","content-type":"application/json","content-length":"137","connection":"keep-alive","server":"nginx","allow":"POST, OPTIONS","x-robinhood-api-version":"0.0.0","content-security-policy":"default-src 'none'","x-frame-options":"SAMEORIGIN","x-content-type-options":"nosniff","x-xss-protection":"1; mode=block"},"request":{"uri":{"protocol":"https:","slashes":true,"auth":null,"host":"api.robinhood.com","port":443,"hostname":"api.robinhood.com","hash":null,"search":null,"query":null,"pathname":"/oauth2/token/","path":"/oauth2/token/","href":"https://api.robinhood.com/oauth2/token/"},"method":"POST","headers":{"Accept":"*/*","Accept-Encoding":"gzip, deflate","Accept-Language":"en;q=1, fr;q=0.9, de;q=0.8, ja;q=0.7, nl;q=0.6, it;q=0.5","Content-Type":"application/x-www-form-urlencoded; charset=utf-8","Connection":"keep-alive","X-Robinhood-API-Version":"1.152.0","User-Agent":"Robinhood/5.32.0 (com.robinhood.release.Robinhood; build:3814; iOS 10.3.3)","content-length":146}}}
Reproducing
// Please provide a bit of context for the code snippet, were you authenticated? had logged in on web on same machine, so I know my IP is good.