search

jleclanche / python-bna

Python implementation of the mobile Blizzard Authenticator (TOTP)
https://eu.battle.net/support/en/article/24520
MIT License
250 stars 38 forks source link

Error: HTTP Status 302 When Using --restore Parameter #7

Closed CampinCarl closed 8 years ago

CampinCarl commented 8 years ago

jleclanche,

I'm trying to use the --restore parameter to determine the secret key for my previously existing authenticator but I'm getting a 302 status. Here's what I'm seeing...

root@BNA:~/python-bna/bin# python3 bna --restore [SERIAL] [RESTORE CODE]
Traceback (most recent call last):
  File "bna", line 295, in <module>
    exit(main())
  File "bna", line 291, in main
    return authenticator.run()
  File "bna", line 242, in run
    self.restore_serial(*self.args.restore)
  File "bna", line 127, in restore_serial
    secret = bna.restore(serial, code)
  File "/root/python-bna/bin/../bna.py", line 222, in restore
    challenge = initiate_paper_restore(serial)
  File "/root/python-bna/bin/../bna.py", line 260, in initiate_paper_restore
    return get_server_response(serial, host, path)
  File "/root/python-bna/bin/../bna.py", line 63, in get_server_response
    raise HTTPError("%s returned status %i" % (host, response.status), response)
bna.HTTPError: mobile-service.blizzard.com returned status 302

It looks like the script isn't handling a site redirection when restoring.

The point of all this is I would like to expose the secret for an authenticator that I can use with another TOTP application, specifically the TOTP plugin for KeePass. I tried doing this with a newly generated authenticator (using your app) but couldn't get the secret to work with that plugin.

Thoughts?

Thanks for your work on this.

jleclanche commented 8 years ago

Does the app you want to transfer the secret to support this PR from earlier today? Otherwise, the secret is in ~/.config/bna.

CampinCarl commented 8 years ago

Okay, the --optauth-url parameter from the pull request worked great!

As it turns out, I didn't understand how the secret was stored in the ~/.config/bna/bna.conf file. When I first attempted to use it I tried to convert the string directly into Base32, failing to realize that it was a Hex encoded string that needed to be decoded first.

Once I did STRING > HEX DECODE > BASE32 ENCODE I got the same secret as the --optauth-url parameter and everything worked as expected. Thanks for your help!

As to the original error, is there anything I can help test with the --restore parameter? As far as I can tell it still isn't working due to the 302 HTTP status error.

If not, I've got what I needed so you can certainly close the issue.

Thoughts?

jleclanche commented 8 years ago

@CampinCarl I just need to figure out why it's redirecting and what it's redirecting to, I'll fix it in a moment :)

CampinCarl commented 8 years ago

@jleclanche Sounds good, thanks again for your help.

jleclanche commented 8 years ago

Ok, I don't get it, it's redirecting to http://mobile-service.blizzard.com/enrollment/en/initiate_paper_restore.htm which is a 404.

jleclanche commented 8 years ago

Fixed & tested! :)

CampinCarl commented 8 years ago

Excellent!