SharkIQ authentication error

[jnooraga]

The problem

Receiving an error while loading the Shark IQ integration after updating to 2024.8.0:

I have verified my login works through the sharkclean.com website.

What version of Home Assistant Core has the issue?

core-2024.8.0

What was the last working version of Home Assistant Core?

core-2024.7.4

What type of installation are you running?

Home Assistant OS

Integration causing the issue

Shark IQ

Link to integration documentation on our website

https://www.home-assistant.io/integrations/sharkiq

Diagnostics information

No response

Example YAML snippet

No response

Anything in the logs that might be useful for us?

2024-08-08 11:08:33.730 ERROR (MainThread) [homeassistant.config_entries] Error setting up entry <email> for sharkiq
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/config_entries.py", line 604, in async_setup
    result = await component.async_setup_entry(hass, self)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 67, in async_setup_entry
    if not await async_connect_or_timeout(ayla_api):
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 40, in async_connect_or_timeout
    await ayla_api.async_sign_in()
  File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 106, in async_sign_in
    self._set_credentials(resp.status, await resp.json())
  File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 84, in _set_credentials
    self._access_token = login_result["access_token"]
                         ~~~~~~~~~~~~^^^^^^^^^^^^^^^^
KeyError: 'access_token'
2024-08-08 11:08:43.983 DEBUG (MainThread) [homeassistant.components.sharkiq] Initialize connection to Ayla networks API
2024-08-08 11:08:44.253 ERROR (MainThread) [homeassistant.config_entries] Error setting up entry <email> for sharkiq
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/config_entries.py", line 604, in async_setup
    result = await component.async_setup_entry(hass, self)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 67, in async_setup_entry
    if not await async_connect_or_timeout(ayla_api):
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 40, in async_connect_or_timeout
    await ayla_api.async_sign_in()
  File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 106, in async_sign_in
    self._set_credentials(resp.status, await resp.json())
  File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 84, in _set_credentials
    self._access_token = login_result["access_token"]
                         ~~~~~~~~~~~~^^^^^^^^^^^^^^^^
KeyError: 'access_token'

Additional information

No response

[home-assistant[bot]]

Hey there @jeffresc, @funkybunch, mind taking a look at this issue as it has been labeled with an integration (sharkiq) you are listed as a code owner for? Thanks!

Code owner commands

Code owners of `sharkiq` can trigger bot actions by commenting: - `@home-assistant close` Closes the issue. - `@home-assistant rename Awesome new title` Renames the issue. - `@home-assistant reopen` Reopen the issue. - `@home-assistant unassign sharkiq` Removes the current integration label and assignees on the issue, add the integration domain after the command. - `@home-assistant add-label needs-more-information` Add a label (needs-more-information, problem in dependency, problem in custom component) to the issue. - `@home-assistant remove-label needs-more-information` Remove a label (needs-more-information, problem in dependency, problem in custom component) on the issue.

_{^{(message by CodeOwnersMention)}}

---

sharkiq documentation sharkiq source _{^{(message by IssueLinks)}}

[wnaylor]

Same problem here. Won't work after updating to HA core-2024 8.0

[craig0r]

Yep, also seeing the exact same problem here!

[JeffResc]

I am also able to reproduce this. It looks like the backend API used by the integration had some changes made and I'm having trouble finding any public documentation for this. I can confirm that this doesn't have to do with any specific HA core version and has to do with the upstream sharkiq pypi package. I can also confirm that the app ID and app secret constants still seem to be correct

It looks like the previously working call to /users/sign_in.json is now resulting in a 403 with the error "You are forbidden to perform this operation" with no reason as to why this API call is no longer functioning as it originally was. I will continue to look into this, but I'm not seeing an immediate resolution without reverse engineering the login logic is and re-implementing it in the upstream dependency.

Issue created on upstream repo: JeffResc/sharkiq#51

[funkybunch]

Worth noting that this does not seem to affect all installations. Additional analysis is being done to determine the root cause.

Instead of simply responding "yeah its happening to me too" please include your logs, model, and region to help us get to the bottom of the issue, otherwise it is not helpful.

Likewise, if you have a working installation, please do leave a comment with your model and region to help us determine if there is a pattern.

Finally, some users have reported despite successfully logging into the app with the same credentials, both the app and HA worked after resetting their password. Please try this and let us know if it worked for you as well. Any and all data points are helpful at this stage.

[craig0r]

The integration is broken for me in Canada. I have both a Shark IQ and a Shark AI device integrated and previously both working perfectly. Below is the log when I attempt to reload the integration:

Logger: homeassistant.config_entries
Source: config_entries.py:604
First occurred: August 19, 2024 at 4:57:12 PM (2 occurrences)
Last logged: 11:44:54 AM

Error setting up entry craig.webster@gmail.com for sharkiq
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/config_entries.py", line 604, in async_setup
    result = await component.async_setup_entry(hass, self)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 67, in async_setup_entry
    if not await async_connect_or_timeout(ayla_api):
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 40, in async_connect_or_timeout
    await ayla_api.async_sign_in()
  File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 106, in async_sign_in
    self._set_credentials(resp.status, await resp.json())
  File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 84, in _set_credentials
    self._access_token = login_result["access_token"]
                         ~~~~~~~~~~~~^^^^^^^^^^^^^^^^
KeyError: 'access_token'

[craig0r]

I apologize that I didn't attempt this in my previous comment, but I've just tried resetting my password and it didn't work. however, it is now giving me a different error log. Hope this helps!

Logger: homeassistant.components.sharkiq
Source: components/sharkiq/config_flow.py:59
integration: Shark IQ (documentation, issues)
First occurred: 1:34:24 PM (2 occurrences)
Last logged: 1:35:40 PM

string indices must be integers, not 'str'

I'd be curious to know how to change the existing credentials on the integration, as I could only figure out how to input my updated password by using "Add Entry" on the integration config. and SharkIQ is not available in the "Application Credentials" page. Just to be sure, I also deleted my (backed up) existing SharkIQ integration and re-added it with the new password, but the log output is the same.

[Sleeepy2]

Not sure if mine is the same problem however I can not set it up Model is UR1410ZWCA In North America

Logger: homeassistant.config_entries
Source: config_entries.py:604
First occurred: 2:43:25 pm (2 occurrences)
Last logged: 2:47:26 pm

Error setting up entry sleeepy2@gmail.com for sharkiq
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/config_entries.py", line 604, in async_setup
    result = await component.async_setup_entry(hass, self)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 72, in async_setup_entry
    shark_vacs = await ayla_api.async_get_devices(False)
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 222, in async_get_devices
    devices = [SharkIqVacuum(self, d, europe=self.europe) for d in await self.async_list_devices()]
                                                                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 208, in async_list_devices
    devices = await resp.json()
              ^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/helpers/aiohttp_client.py", line 80, in json
    return await super().json(*args, loads=loads, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/site-packages/aiohttp/client_reqrep.py", line 1199, in json
    raise ContentTypeError(
aiohttp.client_exceptions.ContentTypeError: 0, message='Attempt to decode JSON with unexpected mimetype: text/html;charset=utf-8', url='https://ads-field-39a9391a.aylanetworks.com/apiv1/devices.json

[vaeron]

I began having failures immediately upon upgrading my HA to 2024.08.0. I am running on an Ubuntu VM. Region is US. Without thinking I removed the configuration and this is what I was met with when I tried to set it back up. Logs from my first attempted logon:

Traceback (most recent call last):

File "/usr/src/homeassistant/homeassistant/config_entries.py", line 604, in async_setup

result = await component.async_setup_entry(hass, self)

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 67, in async_setup_entry

if not await async_connect_or_timeout(ayla_api):

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 40, in async_connect_or_timeout

await ayla_api.async_sign_in()

File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 106, in async_sign_in

self._set_credentials(resp.status, await resp.json())

^^^^^^^^^^^^^^^^^

File "/usr/src/homeassistant/homeassistant/helpers/aiohttp_client.py", line 80, in json

return await super().json(*args, loads=loads, **kwargs)

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

File "/usr/local/lib/python3.12/site-packages/aiohttp/client_reqrep.py", line 1199, in json

raise ContentTypeError(

aiohttp.client_exceptions.ContentTypeError: 0, message='Attempt to decode JSON with unexpected mimetype: ', url='https://user-field-39a9391a.aylanetworks.com/users/sign_in.json'

I then reset my password and was met with a failed to connect and this in the logs (I did verify that I can connect to sharkclean's website with the new password):

Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/components/sharkiq/config_flow.py", line 57, in _validate_input
    await ayla_api.async_sign_in()
  File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 106, in async_sign_in
    self._set_credentials(resp.status, await resp.json())
  File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 84, in _set_credentials
    self._access_token = login_result["access_token"]
                         ~~~~~~~~~~~~^^^^^^^^^^^^^^^^
KeyError: 'access_token'

[tombrant]

My Robot model is RV2520A0US. The latest integration fails with the access_token error and a 403 response code as reported above. I started using the HA integration in May 2024 (and successfully extended it for room specific cleaning with a custom integration based on the logic in jeffresc/sharkiq). Prior to May, I started running into problems using the Google Assistant with the SharkClean skill. I had been using it to schedule room-based cleaning successfully, but it suddenly stopped working. Alexa's SharkClean skill also failed to work, so I had no solution to schedule specific rooms for cleaning. The reason I mention the above is that I just unlinked and relinked the skills on Alexa and Google Assistant. There was a hint in the link skill page in the Alexa app that says under the heading 'What's new' that they 'replaced the web authorization URI'. There was no information like that on Google Assistant's skill, but when I tried it to perform a room-specific cleaning operation, it worked.

[craig0r]

My Robot model is RV2520A0US. The latest integration fails with the access_token error and a 403 response code as reported above. I started using the HA integration in May 2024 (and successfully extended it for room specific cleaning with a custom integration based on the logic in jeffresc/sharkiq). Prior to May, I started running into problems using the Google Assistant with the SharkClean skill. I had been using it to schedule room-based cleaning successfully, but it suddenly stopped working. Alexa's SharkClean skill also failed to work, so I had no solution to schedule specific rooms for cleaning. The reason I mention the above is that I just unlinked and relinked the skills on Alexa and Google Assistant. There was a hint in the link skill page in the Alexa app that says under the heading 'What's new' that they 'replaced the web authorization URI'. There was no information like that on Google Assistant's skill, but when I tried it to perform a room-specific cleaning operation, it worked.

I imagine that'll be helpful, although I looked into the Google Home integration a bit, and it seems like it authenticates against a google-specific URL.... and I've just checked Alexa and it does the same; you actually log into https://alexa-account-linking.iot-sharkninja.com/?client_id=RANDOMTEXT

So, I dunno if it would be possible to leverage the Google/Alexa integrations, but it's definitely interesting to know they had to change their configs as well. Hopefully that's a good sign that there's a way forwards for us too.

[funkybunch]

@tombrant do you happen to have that new URL?

[Frazou1]

Same problem here in Canada

[dakoellis]

Getting the same KeyErorr: 'Access Token' issue in US, Model is RV2520A0US. @funkybunch I think the one for Alexa at least is the link posted by @craig0r : https://alexa-account-linking.iot-sharkninja.com/?client_id=RANDOMTEXT

[tombrant]

@tombrant do you happen to have that new URL?

No, unfortunately I don’t but perhaps @craig0r is onto something that can help make progress.

Can you @craig0r elaborate on the form that RANDOMTEXT follows? Is it symmetric with the google specific URL?

[craig0r]

@tombrant, @funkybunch

Nope, they're a bit different. I've changed a couple letters at the end of each URL to avoid potential privacy/security issues, but here's what I get when I attempt to authenticate to each:

Google https://gaccount-linking.iot-sharkninja.com/?response_type=code&client_id=d08c597f811c2650242ccc36859d9c40b57250964babcdf9a21568ec3fbfc569&redirect_uri=https://oauth-redirect.googleusercontent.com/r/shark-field&state=APvkAzG-NNA4N1JxBC1svz_fGq12iUi4-TdZp_Goc4xaLhQFYluaKv2L-o9Mxq_5IGxas1F0SK1zevKEFARwmpsotQnFAdIk5jDF16euHxGpWlGK5BusUFhBrG2HprjUS9K06Y4eaNlfVejPpFqIJ0R2Fap9DIIugzpG-bh2xqpNvbx69MW4ENe7bKsdzU3bB-yM0tioQ5TDvgjXGlWWcES4Qhtpc_WCee1cn4uP_Q3Gl6FYoYUqODunyOGIDDW919NRFOcbn0HSIfMBYrZRJxgXJf08SfbqkiYbsrHfseFHeHLhBlxiRVPBIeAgPG8YrI6joRYSOZ63m9BxKP2OZ7QKzR85mKYyerQqTFw4MoRSwz1DUxyVOpRhOxM0QMw0CQLREN1chvDk6pGk0TT6rwLp6LgdeFqTuFmwulsMqdj_Wgf02tzePLZ4iGp5Hm0vjwnPBeUSOwhIZwCpBjBkUFnIDg

Alexa https://alexa-account-linking.iot-sharkninja.com/?client_id=9651aaaa8db120b87499939262d138cca75c11fa632db549f755e4a796eba447&response_type=code&scope=device+user&redirect_uri=https%3A%2F%2Fpitangui.amazon.com%2Fapi%2Fskill%2Flink%2FM39CMXRVRKC8C0&state=AmaseyJ2YWxpZGF0aW9uQ29kZSI6IklJN1NGd0VvS0NPVDh3bUsrbDFWMW92d2laUTVTQkJUNmlKdnRBVCtQRms9IiwiZGlyZWN0ZWRJZCI6ImFtem4xLmFjY291bnQuQUc1N1JIUktER7ZYQ0dXU1VKM1Q0V0pQN1dGUSIsInBhcnRuZXJJZCI6IlB6SlRNdmNtRkdEUGxld3RaQmxCRlhJSXQiLCJhcHBsaWNhdGlvbkRvbWFpbiI6IkFMRVhBX1NLSUxMUyIsImFwcGxpY2F0aW9uRG9tYWlucyI6WyJBTEVYQV9TS0lMTFMiLCJBTEVYQV9DT0hPIl0sImV4cGlyYXRpb25UaW1lSW5NaWxsaXMiOjE3MjQ3MDg3MDM2MTcsInVzZXJTdGF0ZSI6W3siayI6InJlcXVlc3RSZWFsbSIsInYiOiJ1cy1lYXN0LTEifSx7ImsiOiJza2lsbElkIiwidiI6ImFtem4xLmFzay5za2lsbC41NzFkYTRjZS03NDFhLTQxN2YtYTVmMS01YjFmYzE4ZWQ2NmMifSx7ImsiOiJjc3JmVG9rZW4iLCJ2IjoiMTY4Nzk1Mzc4In0seyJrIjoicmVxdWVzdEluZ3Jlc3MiLCJ2Ijoic2hvd0VuYWJsZVNraWxsIn0seyJrIjoiY3VzdG9tZXJJZCIsInYiOiJBMUJIQ1ZSVEVIRUg2ViJ9LHsiayI6InJlcXVlc3REZXZpY2VGYW1pbHkiLCJ2IjoiQ29tcEFwcEFuZHJvaWQifSx7ImsiOiJyZXF1ZXN0U3RhZ2UiLCJ2IjoicHJvZCJ9LHsiabI6InNraWxsU3RhZ2UiLCJ2IjoibGl2ZSJ9LHsiayI6InJlcXVlc3RTdGFydFRpbWUiLCJ2IjoiMTcyNDcwNDkwMzYxMyJ9XSwiZGlyZWN0ZWRJZFR5cGUiOiJPQkZVU0NBVEVEX0NVU1RPTUVSX0lEIiwiZ3JhbnRlZFNjb3Blc0luY2x1ZGVkIjpmYWxzZX0BBBBBBBBAAAAAAAAAABQwEVUg_dgVSwzvAW8cAauIQAAAAAAEACngf6ibVUaAWmc6F5PaqyKY-EQaVegl6_Ly58b8nZAekM%3D

[JOHLC]

I am seeing this as well. Region is US/North America and model is RV1100A.

HA Version: 2024.8.3 Install type: Home Assistant OS

Logs:

2024-09-01 12:16:37.455 DEBUG (MainThread) [homeassistant.components.sharkiq] Initialize connection to Ayla networks API
2024-09-01 12:16:37.861 ERROR (MainThread) [homeassistant.config_entries] Error setting up entry Shark for sharkiq
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/config_entries.py", line 604, in async_setup
    result = await component.async_setup_entry(hass, self)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 67, in async_setup_entry
    if not await async_connect_or_timeout(ayla_api):
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 40, in async_connect_or_timeout
    await ayla_api.async_sign_in()
  File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 106, in async_sign_in
    self._set_credentials(resp.status, await resp.json())
  File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 84, in _set_credentials
    self._access_token = login_result["access_token"]
                         ~~~~~~~~~~~~^^^^^^^^^^^^^^^^
KeyError: 'access_token'

[tombrant]

From the look of the Google and Alexa auth urls and the arguments being supplied, this appears to be an OAuth Client Credentials Grant flow. In this case, the applications engaged in the API activity to control the device are running on the Google or Alexa hosted servers and are granted authentication through a token exchange with the SharkClean IOT authentication endpoints. This doesn't appear to involve any user-specific credentials being supplied. The fact that the HA authentication is now returning a 403 seems to me to indicate that the original username and password API flow has been explicitly disabled and only registered applications can interact. Does this sound like a valid conclusion to draw based on the information known? Can someone make an inquiry with SharkNinja to see if they would entertain an HA registration?

[rmuehler]

From the look of the Google and Alexa auth urls and the arguments being supplied, this appears to be an OAuth Client Credentials Grant flow. In this case, the applications engaged in the API activity to control the device are running on the Google or Alexa hosted servers and are granted authentication through a token exchange with the SharkClean IOT authentication endpoints. This doesn't appear to involve any user-specific credentials being supplied. The fact that the HA authentication is now returning a 403 seems to me to indicate that the original username and password API flow has been explicitly disabled and only registered applications can interact. Does this sound like a valid conclusion to draw based on the information known? Can someone make an inquiry with SharkNinja to see if they would entertain an HA registration?

This seems to be true. It seems the API can still authenticate email/password through the current endpoint so I don't think the URL is dead. The 403 makes me think they disabled auth token generation through the ""Shark-Android-field-id" app_id that HA integration has been using. The is a similar "Shark-iOS-field-id" app_id + app_secret that used to work that returns a 403 now.

They probably reworked the mobile apps since 2020 or whenever these app details were first posted and now finally got around to disabling auth token generation from the old app ids. My integration was working fine until yesterday when my token must have expired and I lost client access to the underlying APIs.

[Frazou1]

Any news yet ?

[craig0r]

Any news yet ?

I wouldn't hold your breath. It seems like Shark are deliberately locking out anyone who isn't Google, Amazon, or Apple. My guess is to avoid excess API calls, which is frustrating since other companies deal with this by simply limiting the external API calls (see Ecobee for a good example; they only allow 1 API call per minute, or something along those lines.)

I was able to (mostly) recreate my Shark automations with Google Home via their website at home.google.com/automations (note that you can't do this in the Android/iOS app)

Here's a sample of one of mine:

metadata:
  name: Vacuum Hallway
  description: At 11am on Tuesdays and Thursdays,vacuum the hallway
    vacuum
automations:
  - starters:
      - type: time.schedule
        at: 11:00
        weekdays:
          - TUE
          - THU
    actions:
      - type: assistant.command.OkGoogle
        devices:
          - Dining Room speaker - Dining Room
        okGoogle: Start main vacuum in hallway

This is asking Google Assistant via my device "Dining Room Speaker" to simply run a voice command, and it runs on Tuesdays and Thursdays at 11:00am. I built it using the Gemini assistant built into the site.

I may, however, actually end up adjusting my exiting Home Assistant automations so that instead of interacting directly with the Shark integration, they will simply ask the Google Assistant integration to run "Start main vacuum in hallway." Then at least Home Assistant is still doing the scheduling, even though it can't tell me the status of the vacuums anymore.

[tombrant]

re latest comment from @craig0r

I have reverted to using the Google Home automations as well. They were broken for me early this year which is why I ended up adapting the jeffresc/sharkiq HA integration for my own use. Now that HA auth is broken and I'm back on Google Home automations (which can be scheduled) I see that they only work for one room at a time. I had successfully adapted Jeff's integration to support more than one room per cleaning. I'm not sure why the Google automation can't handle more than one room. Also, Alexa automations apparently ignore all room-specific commands and just start cleaning. @craig0r you mention Apple as a supported Shark assistant. That's not in Homekit, is it?

[ghost]

This is all very unfortunate, as I bought two new shark's the week this went down, after integrating my previous shark for the last year without issue. Sucks because I was on the fence with new shark's or Roborocks.

It's not ideal, but I did the same with google. Made a bubble-card pop-up with various rooms and commands, and it works pretty good.

[craig0r]

re latest comment from @craig0r

I have reverted to using the Google Home automations as well. They were broken for me early this year which is why I ended up adapting the jeffresc/sharkiq HA integration for my own use. Now that HA auth is broken and I'm back on Google Home automations (which can be scheduled) I see that they only work for one room at a time. I had successfully adapted Jeff's integration to support more than one room per cleaning. I'm not sure why the Google automation can't handle more than one room. Also, Alexa automations apparently ignore all room-specific commands and just start cleaning. @craig0r you mention Apple as a supported Shark assistant. That's not in Homekit, is it?

@tombrant I'm not sure, I just assumed Shark works with Apple devices. I don't have one of my own to check.

[lishan89uc]

Last I checked shark devices only work through apple via app. No homekit, not even siri shortcuts.

[400HPMustang]

I just rebooted my HA install and had this happen to me. I'm in the US, have two robots. One RV1000A and one RV2800AF. I have core-2024.9.1, HAOS.

Logger: homeassistant.config_entries
Source: config_entries.py:604
First occurred: 3:21:48 PM (2 occurrences)
Last logged: 3:22:06 PM

Error setting up entry *************@gmail.com for sharkiq
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/config_entries.py", line 604, in async_setup
    result = await component.async_setup_entry(hass, self)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 67, in async_setup_entry
    if not await async_connect_or_timeout(ayla_api):
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 40, in async_connect_or_timeout
    await ayla_api.async_sign_in()
  File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 106, in async_sign_in
    self._set_credentials(resp.status, await resp.json())
  File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 84, in _set_credentials
    self._access_token = login_result["access_token"]
                         ~~~~~~~~~~~~^^^^^^^^^^^^^^^^
KeyError: 'access_token'

[400HPMustang]

re latest comment from @craig0r

I have reverted to using the Google Home automations as well. They were broken for me early this year which is why I ended up adapting the jeffresc/sharkiq HA integration for my own use. Now that HA auth is broken and I'm back on Google Home automations (which can be scheduled) I see that they only work for one room at a time. I had successfully adapted Jeff's integration to support more than one room per cleaning. I'm not sure why the Google automation can't handle more than one room. Also, Alexa automations apparently ignore all room-specific commands and just start cleaning. @craig0r you mention Apple as a supported Shark assistant. That's not in Homekit, is it?

Sorry for what might be a really dumb question but since I have Apple devices and use HomeKit, how would I set up the Google Home automations for my Shark robots? I assume there's a way without having a Google device, but I have no idea. I just want to be able to use HA to automate my vacuums again.

[craig0r]

re latest comment from @craig0r I have reverted to using the Google Home automations as well. They were broken for me early this year which is why I ended up adapting the jeffresc/sharkiq HA integration for my own use. Now that HA auth is broken and I'm back on Google Home automations (which can be scheduled) I see that they only work for one room at a time. I had successfully adapted Jeff's integration to support more than one room per cleaning. I'm not sure why the Google automation can't handle more than one room. Also, Alexa automations apparently ignore all room-specific commands and just start cleaning. @craig0r you mention Apple as a supported Shark assistant. That's not in Homekit, is it?

Sorry for what might be a really dumb question but since I have Apple devices and use HomeKit, how would I set up the Google Home automations for my Shark robots? I assume there's a way without having a Google device, but I have no idea. I just want to be able to use HA to automate my vacuums again.

You'll want to get the Google Home app for your iphone, then sign in with your Google account. From there you can add "Works with Google" devices and services, and you would just search for Shark (it may be called SharkNinja or something similar) and follow the prompts.

Once your Shark vacuum is part of your Google Home profile, you should be able to control your vacuum from the app. Once you've confirmed that, you'll need to use a web browser and go to home.google.com/automations to set up the shark automations.

[mlauweri]

Thanks for the tip regarding pairing the vacuum with Google Home, now I'm able to automate it again via home assistant.

It's a bit of a detour, but it works.

[Frazou1]

Do you get the status like this ?

[mlauweri]

Yes that's possible, but you'll need to switch to the custom google assistant integration to be able to receive the responses in text format, see example below:

action: google_assistant_sdk_custom.send_text_command
data:
  command: Is my vacuum docked?

responses:
  - text: Vacuum is docked.

[cool-enough-for-you]

My version of a work around also using the Google Assistant SDK action. I'm using a script with a custom field called Action that is a list of valid google/shark commands e.g. ask the vacuum to... stop, dock, clean the office (where "office" is a room name I set up in the shark app). I then use the Action field as a variable in my Google Assistant SDK 'Send text command' action. This allows me to use one script to do most of what I need. Lastly, I'm adding buttons to my dashboard, setting the tap action to calling the script with the action specified. I'll also use action:call script in Node Red for automations.

Next thing to figure out is how to get the status of the vacuum. @mlauweri 's answer about getting the response back to find out if it's docked is interesting. In the Google Home app it knows if it is cleaning or docked but "is my vacuum cleaning" or "what is the current status of my vacuum?" didn't work. I also don't always use HA to start the vacuum so I couldn't use an input booleans/another select to set the status when the script is called. I wonder if google's advanced automation editor thing can use the vacuum status change as a trigger?

[hacscred]

I think Home Assistant is slightly misleading people by not clearly marking this integration as unofficial (in particular using an unofficial library from 2020). Many components are not official, but people might think a particular robot is "supported", when in fact it is not.

The error message is just saying that a particular attribute is not returned in some API call, where it previously was returning that. So, that means the company either doesn't have any idea what it is doing (not likely) or it's intentional. As someone already mentioned, it's likely intentional.

I don't have this particular model myself, but indeed there is a war on local access, so if you want to have some security that tomorrow "your" robot still works use Valetudo or one of its forks.

To fix such issues in general, you would have to buy a cheap phone, connect to it using some remote desktop protocol (some laptops have a feature for syncing more natively with a phone) and control it from your server. That way, you are running it in a "supported" way. Of course, once Android version XX (similar argument for iOS) is released your vacuum app will still stop working because of planned obsolescence.

For some applications you might be able to run Android on your server, but it's just an API call away ro remove that ability.

The best step to take is to just accept you made a worthless purchase and buy something with value.

Note that Valetudo is a project that turns a useless robot (a cloud enabled one) into a useful robot. Buying robots without any cloud features to begin with, would be even better. Vote with your wallet.

[Frazou1]

Yes that's possible, but you'll need to switch to the custom google assistant integration to be able to receive the responses in text format, see example below:

action: google_assistant_sdk_custom.send_text_command
data:
  command: Is my vacuum docked?

responses:
  - text: Vacuum is docked.

Do you think its possible to reintegrated a lovelace with vaccuum card when we receive the answer, stock into a switch on off ?

[hacscred]

2022: AI is going to change the world 2024: I use AI to check whether vacuum is docked (using approximately four orders of magnitude more energy, just because nobody wanted to supply an API).

I am sorry, but that's really, really funny.

[Frazou1]

@JeffResc I dont know if they can help. i try to modify a little the librairy and i got this error now : Status code: 404 Response content: b'<!DOCTYPE html>\n<html>\n<head>\n <title>The page you were looking for doesn\'t exist (404)</title>\n <style type="text/css">\n body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }\n div.dialog {\n width: 25em;\n padding: 0 4em;\n margin: 4em auto 0 auto;\n border: 1px solid #ccc;\n border-right-color: #999;\n border-bottom-color: #999;\n }\n h1 { font-size: 100%; color: #f00; line-height: 1.5em; }\n </style>\n</head>\n\n<body>\n <!-- This file lives in public/404.html -->\n <div class="dialog">\n <h1>The page you were looking for doesn\'t exist.</h1>\n <p>You may have mistyped the address or the page may have moved.</p>\n </div>\n</body>\n</html>\n' La réponse n'est pas un JSON valide, voici la réponse brute : b'<!DOCTYPE html>\n<html>\n<head>\n <title>The page you were looking for doesn\'t exist (404)</title>\n <style type="text/css">\n body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }\n div.dialog {\n width: 25em;\n padding: 0 4em;\n margin: 4em auto 0 auto;\n border: 1px solid #ccc;\n border-right-color: #999;\n border-bottom-color: #999;\n }\n h1 { font-size: 100%; color: #f00; line-height: 1.5em; }\n </style>\n</head>\n\n<body>\n <!-- This file lives in public/404.html -->\n <div class="dialog">\n <h1>The page you were looking for doesn\'t exist.</h1>\n <p>You may have mistyped the address or the page may have moved.</p>\n </div>\n</body>\n</html>\n' Tentative de connexion avec les données : {'user': {'email': 'XXX', 'password': 'XXX', 'application': {'app_id': 'Shark-Android-field-id', 'app_secret': 'Shark-Android-field-XXX'}}} Réponse de l'API : 401, b'{"error":"Invalid Username, Origin oem or password."}' Erreur pendant l'exécution des commandes Shark: string indices must be integers, not 'str'

[BobMac57]

Valetudo

Unfortunately, Valetudo doesn't support the Shark... looking at the Roborock now since I wanted mop capabilities... my daughter will get the Shark...

[ssorgatem]

I had to reset my password (wouldn't let me login into the Shark app) and now the integration has stopped working.

So far going through google home is the only possible solution?

[nappa85]

Sorry to late-jump into the discussion, how it's possible that everything is banned except android app and google home? I mean, if the android app works it means they aren't checking the IP, right?

[craig0r]

Sorry to late-jump into the discussion, how it's possible that everything is banned except android app and google home? I mean, if the android app works it means they aren't checking the IP, right?

It wouldn't be by IP. Given the collective size of Amazon, Google, and Apple, that would be a logistical nightmare to maintain. They'll be using some other security/authentication method, like a key pair or something, and unless we can get a spy a job at Shark, I don't see us overcoming that obstacle any time soon. Perhaps one day Shark will partner with Home Assistant the way that they have with Google, Amazon, and Apple, but I wouldn't hold your breath. Alternatively, if Shark ever enabled a website where we could control our vacuums, that would solve the problem too.

[nappa85]

It wouldn't be by IP. Given the collective size of Amazon, Google, and Apple, that would be a logistical nightmare to maintain. They'll be using some other security/authentication method, like a key pair or something, and unless we can get a spy a job at Shark, I don't see us overcoming that obstacle any time soon. Perhaps one day Shark will partner with Home Assistant the way that they have with Google, Amazon, and Apple, but I wouldn't hold your breath. Alternatively, if Shark ever enabled a website where we could control our vacuums, that would solve the problem too.

Ok, but the app still works, and I doubt it's heavily secured (safetynet, certificate pinning and so on), so we can decompile it, look inside and understand how it works, no? Maybe I'm a bit out of the world, I used to do it like 10 years ago, I don't know if things have changed...

[craig0r]

It wouldn't be by IP. Given the collective size of Amazon, Google, and Apple, that would be a logistical nightmare to maintain. They'll be using some other security/authentication method, like a key pair or something, and unless we can get a spy a job at Shark, I don't see us overcoming that obstacle any time soon. Perhaps one day Shark will partner with Home Assistant the way that they have with Google, Amazon, and Apple, but I wouldn't hold your breath. Alternatively, if Shark ever enabled a website where we could control our vacuums, that would solve the problem too.

Ok, but the app still works, and I doubt it's heavily secured (safetynet, certificate pinning and so on), so we can decompile it, look inside and understand how it works, no? Maybe I'm a bit out of the world, I used to do it like 10 years ago, I don't know if things have changed...

Please give it a shot! I'd be very curious as to what you find, and would be willing to help as well (with a little direction, decomping android apps is something I haven't even thought about since Android was a beta OS.)

[nappa85]

Please give it a shot! I'd be very curious as to what you find, and would be willing to help as well (with a little direction, decomping android apps is something I haven't even thought about since Android was a beta OS.)

10 years ago all you needed was apktool, I'll give it a shot in my free time and let you know if I find something

[tombrant]

Sorry to late-jump into the discussion, how it's possible that everything is banned except android app and google home? I mean, if the android app works it means they aren't checking the IP, right?

Which Android app are you referring to?

[nappa85]

Which Android app are you referring to?

This one

[tombrant]

Which Android app are you referring to?

This one

That’s the SharkClean app written by the manufacturer and they have an iOS one too. The problem here is that they modified their authentication flow (which now uses OAuth) to only succeed for registered apps. Google home, Alexa and of course the SharkClean app are supported and all others now fail authentication with a 403 permission failure.

[nappa85]

That’s the SharkClean app written by the manufacturer and they have an iOS one too. The problem here is that they modified their authentication flow (which now uses OAuth) to only succeed for registered apps. Google home, Alexa and of course the SharkClean app are supported and all others now fail authentication with a 403 permission failure.

So it's a signature problem, right?

[tombrant]

That’s the SharkClean app written by the manufacturer and they have an iOS one too. The problem here is that they modified their authentication flow (which now uses OAuth) to only succeed for registered apps. Google home, Alexa and of course the SharkClean app are supported and all others now fail authentication with a 403 permission failure.

So it's a signature problem, right?

I'm not sure what you mean by signature problem. Let me elaborate a bit to describe my understanding of the problem. I don't claim to know this with certainty, but it makes sense to me, so hopefully it helps...

The Home Assistant integration for SharkNinja robot vacuums was working fine until something changed a few months ago. The problem manifests by a failure to authenticate. The home assistant integration used an API for accessing the robot functionality. The details of the usage of the API was determined I believe through reverse engineering the way the manufacturer's app interacts with the same API. An update to the manufacturer's app coincided roughly with the time that the HA integration code started getting a 403 during authentication. The fact that it's a 403 gives a clue that SharkNinja was trying to restrict who can use the API. The google home and alexa skills for supporting Shark robot vacuums also were modified at about the same time and there was a comment about the update for the Alexa skill that they changed the skill to accommodate a different authentication URL.

You can tell by looking at the parameters passed in the URL that alexa and, distinctly, google are using is part of a multistep OAuth consent flow. This kind of authentication flow typically involves a server-side key/secret <-> auth token exchange which would not be possible to reverse engineer just by looking at device network traffic with some mitm sniffing. By virtue of this authentication scheme, SharkNinja can - and it appears does - restrict the supply of valid authentication tokens to only the agents it wants to allow to use the API.

[DiGiSoUL84]

@JeffResc @funkybunch As of last night (10/24) I am participating in a beta test of SharkNinja's latest version of their Android app. I had to delete the current app and download/install the beta app that was sent to me. Upon doing this the integration immediately started failing giving me the same access token error every one else is getting. The new app looks and acts just like the old one minus some updates to the UI & look of the app. So far the only new feature I've found is scheduling. I don't know how the backend is functioning or what is different but I want to help get this integration back up and running. I'll create an issue with the development team I am working with and see if I can get some help or something. Will keep everyone updated as best I can.

[tombrant]

Does the beta Android app support scheduling beyond running a clean over the entire house (i.e., room-specific cleaning)?

That has been missing as a feature forever. The iPhone app has supported scheduling for cleaning the entire house for a long time too.

Just as a note, as of about three weeks ago, the Google home skill for SharkClean stopped working with room-specific cleaning voice commands. It appears to me that they have conflated the phrases in a command that are intended to target specific rooms with the home app’s own logic to determine which Google-home-assigned room a device is located in.

So, until there is a way to workaround all these issues, there is no way to schedule room-specific cleaning. I got it working in my own customized version of the HA SharkClean integration. That broke. Had to fallback to Google home voice commands. That broke.

Perhaps the beta app is offering some new hope to support this feature?

From: Chris Smith @.> Sent: Friday, October 25, 2024 3:44 PM To: home-assistant/core @.> Cc: tombrant @.>; Mention @.> Subject: Re: [home-assistant/core] Integration load error in 2024.8.0 (Issue #123392)

@JeffResc https://github.com/JeffResc @funkybunch https://github.com/funkybunch As of last night (10/24) I am participating in a beta test of SharkNinja's latest version of their Android app. I had to delete the current app and download/install the beta app that was sent to me. Upon doing this the integration immediately started failing giving me the same access token error every one else is getting. The new app looks and acts just like the old one minus some updates to the UI & look of the app. So far the only new feature I've found is scheduling. I don't know how the backend is functioning or what is different but I want to help get this integration back up and running. I'll create an issue with the development team I am working with and see if I can get some help or something. Will keep everyone updated as best I can.

— Reply to this email directly, view it on GitHub https://github.com/home-assistant/core/issues/123392#issuecomment-2438977657 , or unsubscribe https://github.com/notifications/unsubscribe-auth/ADEEYQZ46PBQ2BY6F5CTYGLZ5LCTRAVCNFSM6AAAAABMHAPEBSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMZYHE3TONRVG4 . You are receiving this because you were mentioned. https://github.com/notifications/beacon/ADEEYQZL27QKCOH2SVX7MCTZ5LCTRA5CNFSM6AAAAABMHAPEBSWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTURL7MHS.gif Message ID: @. @.> >