search

jeffreydwalter / arlo

Python module for interacting with Netgear's Arlo camera system.
Apache License 2.0
517 stars 123 forks source link

Feature Request - Local Storage file download #181

Closed sceniclife closed 2 years ago

sceniclife commented 2 years ago

Please answer these questions before submitting your issue. Thanks!

What version of Python are you using (python -V)?

Python 3.8.3 64-bit

What operating system and processor architecture are you using (python -c 'import platform; print(platform.uname());')?

uname_result(system='Windows', node='XX', release='10', version='10.0.19041', machine='AMD64', processor='AMD64 Family 21 Model 2 Stepping 0, AuthenticAMD')

Which Python packages do you have installed (run the pip freeze or pip3 freeze command and paste output)?

arlo                     1.2.57    Python Arlo is a library written in Python 2.7/3x which exposes the Netgear Arlo...
cachetools               4.2.4     Extensible memoizing collections and decorators
certifi                  2021.10.8 Python package for providing Mozilla's CA Bundle.
charset-normalizer       2.0.8     The Real First Universal Charset Detector. Open, modern and actively maintained ...
google-api-core          2.2.2     Google API client core library
google-api-python-client 2.31.0    Google API Client Library for Python
google-auth              2.3.3     Google Authentication Library
google-auth-httplib2     0.1.0     Google Authentication Library: httplib2 transport
google-auth-oauthlib     0.4.6     Google Authentication Library
googleapis-common-protos 1.53.0    Common protobufs used in Google APIs
httplib2                 0.20.2    A comprehensive HTTP client library.
idna                     3.3       Internationalized Domain Names in Applications (IDNA)
monotonic                1.6       An implementation of time.monotonic() for Python 2 & < 3.3
oauthlib                 3.1.1     A generic, spec-compliant, thorough implementation of the OAuth request-signing ...
pickle-mixin             1.0.2     Makes un-pickle-able objects pick-able.
protobuf                 3.19.1    Protocol Buffers
pyasn1                   0.4.8     ASN.1 types and codecs
pyasn1-modules           0.2.8     A collection of ASN.1-based protocols modules.
pyparsing                3.0.6     Python parsing module
pyreadline               2.1       A python implmementation of GNU readline.
pysocks                  1.7.1     A Python SOCKS client module. See https://github.com/Anorov/PySocks for more inf...
requests                 2.26.0    Python HTTP for Humans.
requests-oauthlib        1.3.0     OAuthlib authentication support for Requests.
rsa                      4.8       Pure-Python RSA implementation
six                      1.16.0    Python 2 and 3 compatibility utilities
sseclient                0.0.22    Python client library for reading Server Sent Event streams.
uritemplate              4.1.1     Implementation of RFC 6570 URI Templates
urllib3                  1.24      HTTP library with thread-safe connection pooling, file post, and more.

Which version of ffmpeg are you using (ffmpeg -version)?

n/a

Which Arlo hardware do you have (camera types - [Arlo, Pro, Q, etc.], basestation model, etc.)?

Arlo Ultra 2, VMB5000

Feature Request

Hello, I am looking to use this fantastic library to hopefully access my basestation's localstorage (sdcard) and download the files I have there. Currently, my basestation is set up to portforward. (I understand there is a VPN option to do this, also you can access your videos locally without needing either)

I have used Proxyman to try to sniff what APIs are being used and I think I have them. After auth and establishing token and headers... then getting the basestation name via GetDevices, you'll want to get the token to authorize to the basestation.

That API call is https://{self.BASE_URL}/hmsweb/users/device/ratls/token/{device_name}'

And I made a function in arlo.py:

def GetLocalStorageToken(self, device_name):
    """
    Returns the following:
    {
        'ratlsToken': 'XXXXXXXXXXXXX'
    }
    """
    return self.request.get(f'https://{self.BASE_URL}/hmsweb/users/device/ratls/token/{device_name}')['ratlsToken']

After you get the token, you'll want to create request with the Authorization Header Bearer token.

Here are some examples of API calls I found.

https://{BASESTATIONID}:{PORT}/hmsls/metadata/{to_date}/{from_date}
https://{BASESTATIONID}:{PORT}/hmsls/list/{to_date}/{from_date}
https://{BASESTATIONID}:{PORT}/hmsls/download/arlo/000022/NAMEOFCAMERA_00004487_YYYYMMDD_224758.mp4

to_date and from_date format is YYYYMMDD. In the download API URL, I don't know what the numbers stand for.

Did it work?

Not quite, when I run it, I get an HTTPSConnectionPool SSL Error.

Okay, so this is where I need help. I am not the greatest at SSL Certs. I understand that the phone applications have certs baked in and they probably only trust system certs. (I could get around this by rebaking them to accept user certs, aka apk-mitm... but that only really helps me debug the HTTPS calls with Proxyman, right?)

Somehow I need to use the certs from my (our) phones, and apply them to the python request call via param certs. I think?

Any help is appreciated!

kskenyon commented 2 years ago

I second this request if it will work without a paid Arlo subscription.

jeffreydwalter commented 2 years ago

I would be happy to help with this, but I don't own any Arlo devices with local storage. If you can provide actual http calls with all headers and bodies, in order, I can most likely work out the code.

kskenyon commented 2 years ago

I can help if you tell me how to list the http calls.

sceniclife commented 2 years ago

Okay. I am using Proxyman to snoop the https calls. When you say actual http calls, what do you mean? So when you set up local storage, you have some options on accessing it.

  1. If on the same network LAN - Arlo app can access the local storage videos
  2. If external network - Option: Set up router to VPN and set up same VPN on phone, then Arlo app can access local storage videos
  3. If external network - Option: Set up Port Forwarding in Arlo app, set up the port forwarding in router, Arlo app can access local storage videos

Currently, I am using option 3.

When you video Arlo App -> Library, with local storage enabled, at the top of your screen you should see Cloud with a dropdown to select NAMEOFLOCALSTORAGE. If you click the local storage, the screen of videos is similar to Cloud videos, with play button icons instead of thumbnails. You can click on the videos to download them.

I believe the http request is in order the way I specified above. It's just get token, then with that token, you can click list, download, do what you want.

Here is a curl:

curl 'https://myapi.arlo.com/hmsweb/users/device/ratls/token/A6C10REDACTED' \ -H 'Host: myapi.arlo.com' \ -H 'Auth-Version: 2' \ -H 'Connection: keep-alive' \ -H 'Accept: application/json' \ -H 'User-Agent: (iPhone12,3 iOS 15_1) iOS Arlo 3.5.10' \ -H 'Accept-Language: en-US' \ -H 'Authorization: ' \ -H 'Content-Type: application/json;charset=UTF-8' \ --cookie ''

The Authorization is the same as other API calls. (do your login to get token then use the function GetLocalStorageToken above) - this LocalStorageToken is then used in your API calls to your basestation ip.

Example, note I am using option 3 port forwarding. The port number goes in port here:

curl 'https://my.base.station.ip:port/hmsls/list/20220110/20220110' \ -H 'Host: my.base.station.ip:port' \ -H 'Auth-Version: 2' \ -H 'Connection: keep-alive' \ -H 'Accept: application/json' \ -H 'User-Agent: (iPhone12,3 iOS 15_1) iOS Arlo 3.5.10' \ -H 'Accept-Language: en-US' \ -H 'Authorization: Bearer ' \ -H 'Content-Type: application/json;charset=UTF-8'

I'll test what happens when I turn off port forwarding and try these API calls on same LAN. Curious if the API call still using a port?

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.