does not work with python 3.9?

[andgineer]

it works with python 3.11 and python 3.10 but in my conda env with python 3.9 it fails to connect to Garmin:

File "/usr/local/Caskroom/miniconda/base/lib/python3.9/site-packages/garminconnect/__init__.py", line 243, in login return self.authenticate() File "/usr/local/Caskroom/miniconda/base/lib/python3.9/site-packages/garminconnect/__init__.py", line 363, in authenticate response = self.sso_rest_client.post( File "/usr/local/Caskroom/miniconda/base/lib/python3.9/site-packages/garminconnect/__init__.py", line 110, in post raise GarminConnectConnectionError(f"Forbidden url: {url}") from err garminconnect.GarminConnectConnectionError: Forbidden url: https://sso.garmin.com/sso/signin

[cyberjunky]

The forbidden url response sometimes pops up, usually when you do testing, multiple requests or try to access wrong urls. It's some kind of request threshold that is triggered (apart from the 427 too many request response) You can also see this sometimes while using the example.py script, when you then logout (option Z) and log back in, it works again.

[andgineer]

Well I know - I saw that too

But this is something different - I try on conda env with python 3.9 - the error I switch to conda env with python 3.10 - it works I tried that a number of times

Of cause may be the cause in some other package but I just pip install garminconnect to both conda env, they are both freshly created (no more than two weeks ago)

[cyberjunky]

I would like to get the forbidden url issue sorted as a whole, but could not find cause yet.

Can you check the version of these packages on both enviroments?

"requests","cloudscraper"

Also maybe enable debugging especially for requests/urlllib to see what is sent/received...

[andgineer]

requests==2.28.1 requests-oauthlib==1.3.1 requests-toolbelt==0.10.1 cloudscraper==1.2.66

urllib debug is below(I change my password with ***) [redacted]

[cyberjunky]

Do you see differences in package versions between the two environments, and significant change in debug output?

I remove the output because of possible token info.

[andgineer]

ok thank you - I thought the token is temp thing

well in good environment this is

cloudscraper==1.2.66 requests==2.28.1 requests-oauthlib==1.3.1 requests-toolbelt==0.10.1 types-requests==2.28.11.7

exactly the same may be some difference in certs packagers but at least certs also the same

[andgineer]

I compared urlib debugs Of cause a lot of differences - different sessions, csrf etc

but some strange header in the FAILED request that I do not see in good one

header: X-Frame-Options: SAMEORIGIN header: Referrer-Policy: same-origin

and in GOOD one I see headers that are not in the FAILED

header: Access-Control-Allow-Credentials: true header: Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers header: Access-Control-Allow-Methods: GET,POST,OPTIONS

[cyberjunky]

These last ones are probably the result of a proper login, but not the cause. cloudscraper has newer version, but only typo fixes. And I can image the other package behave differently between Python verions, but of course this can be the case. What about things like date/time settings on the 3.9 hosts, mabe off by hours having the cert failed?

[andgineer]

No more I can reproduce that