search

splitbrain / ReMarkableAPI

Docs and implementation of the reMarkable file sync API
https://www.splitbrain.org/blog/2018-02/02_file_sync_for_remarkable_tablet
MIT License
374 stars 27 forks source link

authentication endpoints respond in html #23

Closed DrNik closed 3 years ago

DrNik commented 3 years ago

Hi, I did few tests in the past days with these api but all of a sudden since yesterday the authentication endpoints started to respond in html instead of normal string responses. I did my tests with Insomnia client, did not change the requests and everything was working fine but when I resumed my work yesterday I started to receive these html response (of which the rendered preview is empty).

The other endpoints seem to respond as usual.

Am I doing or did I do something wrong? Anyone else facing the same problem?

Thanks, Nik

pouwerkerk commented 3 years ago

I have also been seeing this:

Request:

## Request
curl -X "POST" "https://my.remarkable.com/token/json/2/device/new" \
     -H 'Content-Type: text/plain; charset=utf-8' \
     -d $'{
  "code": "********",
  "deviceDesc": "desktop-macos",
  "deviceID": "adad96a1-8889-4a18-9b79-60221a3e403f"
}'

Response: 

HTTP/1.1 200 OK
Connection: close
Cache-Control: cache-control: public, max-age=0, must-revalidate
Content-Security-Policy: default-src 'none'; script-src 'self' https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://remarkable.imgix.net https://www.google-analytics.com; worker-src blob:; child-src blob:; connect-src https://web.cloud.remarkable.com https://auth.remarkable.com https://sentry.io https://www.google-analytics.com; manifest-src 'self'; font-src 'self'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; object-src 'none'; frame-src https://auth.remarkable.com;
Content-Type: text/html; charset=utf-8
Etag: "e3b21e316300cd1a9d0a156e41a2152fa09248e29c0155632e35f82196aae3f7"
Last-Modified: Tue, 04 May 2021 06:53:07 GMT
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31556926
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Accept-Ranges: bytes
Date: Thu, 20 May 2021 20:54:26 GMT
X-Served-By: cache-pwk4960-PWK
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1621544067.611626,VS0,VE72
Vary: x-fh-requested-host, accept-encoding
transfer-encoding: chunked

<!doctype html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1,user-scalable=no,minimum-scale=1,maximum-scale=1"><title>reMarkable &bull; Device Activation</title><link rel="shortcut icon" href="/assets/favicon.ico"><link rel="icon" type="image/png" sizes="16x16" href="/assets/favicon-16x16.png"><link rel="icon" type="image/png" sizes="32x32" href="/assets/favicon-32x32.png"><link rel="icon" type="image/png" sizes="48x48" href="/assets/favicon-48x48.png"><link rel="manifest" href="/assets/manifest.json"><meta name="mobile-web-app-capable" content="yes"><meta name="theme-color" content="#fff"><meta name="application-name" content="cloud-webapp-frontend"><link rel="apple-touch-icon" sizes="57x57" href="/assets/apple-touch-icon-57x57.png"><link rel="apple-touch-icon" sizes="60x60" href="/assets/apple-touch-icon-60x60.png"><link rel="apple-touch-icon" sizes="72x72" href="/assets/apple-touch-icon-72x72.png"><link rel="apple-touch-icon" sizes="76x76" href="/assets/apple-touch-icon-76x76.png"><link rel="apple-touch-icon" sizes="114x114" href="/assets/apple-touch-icon-114x114.png"><link rel="apple-touch-icon" sizes="120x120" href="/assets/apple-touch-icon-120x120.png"><link rel="apple-touch-icon" sizes="144x144" href="/assets/apple-touch-icon-144x144.png"><link rel="apple-touch-icon" sizes="152x152" href="/assets/apple-touch-icon-152x152.png"><link rel="apple-touch-icon" sizes="167x167" href="/assets/apple-touch-icon-167x167.png"><link rel="apple-touch-icon" sizes="180x180" href="/assets/apple-touch-icon-180x180.png"><link rel="apple-touch-icon" sizes="1024x1024" href="/assets/apple-touch-icon-1024x1024.png"><meta name="apple-mobile-web-app-capable" content="yes"><meta name="apple-mobile-web-app-status-bar-style" content="black-translucent"><meta name="apple-mobile-web-app-title" content="cloud-webapp-frontend"><meta name="msapplication-TileColor" content="#fff"><meta name="msapplication-TileImage" content="/assets/mstile-144x144.png"><meta name="msapplication-config" content="/assets/browserconfig.xml"><script defer="defer" src="/app-ba470786acc62586d7bd.js"></script><link href="/app-8985a0472c889581283a.css" rel="stylesheet"></head><body><div id="root"></div></body></html>

The response appears to be a client-side redirect to a login page, but once you log in it just shows you your active clients/devices (no client tokens). The redirect URL has code and state query parameters, for what it's worth.

tkukurin commented 3 years ago

Auth URL has changed, sent PR to fix. See e.g. https://github.com/juruen/rmapi/issues/177

DrNik commented 3 years ago

It does fix it, nice!

Thank you