Closed sceniclife closed 2 years ago
I second this request if it will work without a paid Arlo subscription.
I would be happy to help with this, but I don't own any Arlo devices with local storage. If you can provide actual http calls with all headers and bodies, in order, I can most likely work out the code.
I can help if you tell me how to list the http calls.
Okay. I am using Proxyman to snoop the https calls. When you say actual http calls, what do you mean? So when you set up local storage, you have some options on accessing it.
Currently, I am using option 3.
When you video Arlo App -> Library, with local storage enabled, at the top of your screen you should see Cloud
with a dropdown to select NAMEOFLOCALSTORAGE
. If you click the local storage, the screen of videos is similar to Cloud videos, with play button icons instead of thumbnails. You can click on the videos to download them.
I believe the http request is in order the way I specified above. It's just get token, then with that token, you can click list, download, do what you want.
Here is a curl:
curl 'https://myapi.arlo.com/hmsweb/users/device/ratls/token/A6C10REDACTED' \ -H 'Host: myapi.arlo.com' \ -H 'Auth-Version: 2' \ -H 'Connection: keep-alive' \ -H 'Accept: application/json' \ -H 'User-Agent: (iPhone12,3 iOS 15_1) iOS Arlo 3.5.10' \ -H 'Accept-Language: en-US' \ -H 'Authorization:
' \ -H 'Content-Type: application/json;charset=UTF-8' \ --cookie ' '
The Authorization is the same as other API calls. (do your login to get token then use the function GetLocalStorageToken
above) - this LocalStorageToken is then used in your API calls to your basestation ip.
Example, note I am using option 3 port forwarding. The port number goes in port
here:
curl 'https://my.base.station.ip:port/hmsls/list/20220110/20220110' \ -H 'Host: my.base.station.ip:port' \ -H 'Auth-Version: 2' \ -H 'Connection: keep-alive' \ -H 'Accept: application/json' \ -H 'User-Agent: (iPhone12,3 iOS 15_1) iOS Arlo 3.5.10' \ -H 'Accept-Language: en-US' \ -H 'Authorization: Bearer
' \ -H 'Content-Type: application/json;charset=UTF-8'
I'll test what happens when I turn off port forwarding and try these API calls on same LAN. Curious if the API call still using a port?
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
Please answer these questions before submitting your issue. Thanks!
What version of Python are you using (
python -V
)?Python 3.8.3 64-bit
What operating system and processor architecture are you using (
python -c 'import platform; print(platform.uname());'
)?uname_result(system='Windows', node='XX', release='10', version='10.0.19041', machine='AMD64', processor='AMD64 Family 21 Model 2 Stepping 0, AuthenticAMD')
Which Python packages do you have installed (run the
pip freeze
orpip3 freeze
command and paste output)?Which version of ffmpeg are you using (
ffmpeg -version
)?Which Arlo hardware do you have (camera types - [Arlo, Pro, Q, etc.], basestation model, etc.)?
Arlo Ultra 2, VMB5000
Feature Request
Hello, I am looking to use this fantastic library to hopefully access my basestation's localstorage (sdcard) and download the files I have there. Currently, my basestation is set up to portforward. (I understand there is a VPN option to do this, also you can access your videos locally without needing either)
I have used Proxyman to try to sniff what APIs are being used and I think I have them. After auth and establishing token and headers... then getting the basestation name via GetDevices, you'll want to get the token to authorize to the basestation.
That API call is
https://{self.BASE_URL}/hmsweb/users/device/ratls/token/{device_name}'
And I made a function in arlo.py:
After you get the token, you'll want to create request with the Authorization Header
Bearer token
.Here are some examples of API calls I found.
to_date
andfrom_date
format is YYYYMMDD. In the download API URL, I don't know what the numbers stand for.Did it work?
Not quite, when I run it, I get an HTTPSConnectionPool SSL Error.
Okay, so this is where I need help. I am not the greatest at SSL Certs. I understand that the phone applications have certs baked in and they probably only trust system certs. (I could get around this by rebaking them to accept user certs, aka apk-mitm... but that only really helps me debug the HTTPS calls with Proxyman, right?)
Somehow I need to use the certs from my (our) phones, and apply them to the python request call via param
certs
. I think?Any help is appreciated!