Authentication Failed

[meavydev]

Hi, I haven't made any changes to my Arlo username / password, but for the last day or so I have only been seeing authentication failed:

2022-02-20 18:34:21,542 - pyaarlo - DEBUG - request-headers= {'Accept': 'application/json, text/plain, /', 'Auth-Version': '2', 'Referer': 'https://my.arlo.com', 'Source': 'arloCamWeb', 'User-Agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 11_1_2 like Mac OS X) ' 'AppleWebKit/604.3.5 (KHTML, like Gecko) Mobile/15B202 ' 'NETGEAR/v1 (iOS Vuezone)'} 2022-02-20 18:34:21,548 - urllib3.connectionpool - DEBUG - Starting new HTTPS connection (1): ocapi-app.arlo.com:443 2022-02-20 18:34:21,821 - urllib3.connectionpool - DEBUG - https://ocapi-app.arlo.com:443 "POST /api/auth HTTP/1.1" 403 None 2022-02-20 18:34:21,823 - pyaarlo - DEBUG - request-end=403 2022-02-20 18:34:21,824 - pyaarlo - ERROR - authentication failed 2022-02-20 18:34:21,824 - pyaarlo - DEBUG - failed to log in failed to login(authentication failed)

If I try and use the ocapi URL in Chrome, then I get: Error 1020 Ray ID: 6e09dc9f6bc588aa • 2022-02-20 18:40:10 UTC Access denied What happened? This website is using a security service to protect itself from online attacks.

I guess Chrome might be expected to be blocked, but is anyone else having authentication problems?

[twrecked]

That is strange. Was there any debug before this?

Can you try playing with the user agent and hosts file as described here.

[mikerossoft]

This issue is affecting other Arlo API integrations as well. I think Cloudflare rules might have changed. Not sure what specifically they are blocking on.

[pfcurtis]

I am seeing this issue as well. I would alter the 'user-agent' as suggested above, but I'm not sure what it should look like.

[twrecked]

Of course it's still working fine for me... I'll double check the headers I pass in and make sure everything looks good.

One question, how are you using pyaarlo? Are you staying logged in or constantly logging in and out?

[pfcurtis]

I'm using pyaarlo, and I'm staying logged in.

I tested with the other options for user_agent in "constants.py", and all of them produce the same error.

I stopped the service (my code) today to add something, and upon starting it again, these errors came up.

[pfcurtis]

2022-02-24 10:56:20,237 - pyaarlo - DEBUG - login attempt #3 2022-02-24 10:56:20,237 - pyaarlo - DEBUG - request-url=https://ocapi-app.arlo.com/api/auth 2022-02-24 10:56:20,237 - pyaarlo - DEBUG - request-params= {'EnvSource': 'prod', 'email': 'xxx@yyy.zzz', 'language': 'en', 'password': 'hahahahaha'} 2022-02-24 10:56:20,238 - pyaarlo - DEBUG - request-headers= {'Accept': 'application/json, text/plain, /', 'Auth-Version': '2', 'Referer': 'https://my.arlo.com', 'Source': 'arloCamWeb', 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, ' 'like Gecko) Chrome/88.0.4324.96 Safari/537.36'} 2022-02-24 10:56:20,260 - urllib3.connectionpool - DEBUG - https://ocapi-app.arlo.com:443 "POST /api/auth HTTP/1.1" 403 None 2022-02-24 10:56:20,261 - pyaarlo - DEBUG - request-end=403 2022-02-24 10:56:21,262 - pyaarlo - ERROR - authentication failed

[scuc]

I'm having the same authentication issue, it started sometime on February 17. Has anyone determined how exactly we need to alter the user-agent/host file in order to get it working again?

[pfcurtis]

I am still receiving the same error. In looking at the TCP traffic from my phone (which works), there are two new IP addresses involved. 104.18.0.211 seems to be the one the phone contacted when logging into the Arlo service. Also 104.18.1.211

[twrecked]

What version of Pyaarlo are you running? Your headers looks wrong, mine look like this:

2022-02-28 23:17:57,268 - pyaarlo - DEBUG - request-headers=                                                                                     
{'Accept': 'application/json, text/plain, */*',                                                                                                  
 'Accept-Language': 'en-US,en;q=0.9',                                                                                                            
 'Origin': 'https://my.arlo.com',                                                                                                                
 'Referer': 'https://my.arlo.com/',                                                                                                              
 'Source': 'arloCamWeb',                                                                                                                         
 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, '                                                                     
               'like Gecko) Chrome/88.0.4324.96 Safari/537.36'}

There is no Auth-Version and I have an Origin header.

[pfcurtis]

pyaarlo-0.7.1.2

I am pulling via "pip" into Python 3.9

[pfcurtis]

NOTE: I cloned the repo, and re-ran the basic "test.py". This seems to work properly, so there is something incorrect about the PyPi build that is retrieved via "pip". "pip" shows version 0.7.1.2" "Successfully installed pyaarlo-0.7.1.2"

Using the cloned repo, I get the correct headers as you have indicated in the above comment.

2022-03-03 06:12:42,399 - pyaarlo - DEBUG - request-params= {'EnvSource': 'prod', 'email': 'xx@yy.zz', 'language': 'en', 'password': 'hahahahaha'} 2022-03-03 06:12:42,400 - pyaarlo - DEBUG - request-headers= {'Accept': 'application/json, text/plain, /', 'Accept-Language': 'en-US,en;q=0.9', 'Origin': 'https://my.arlo.com', 'Referer': 'https://my.arlo.com/', 'Source': 'arloCamWeb', 'User-Agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 11_1_2 like Mac OS X) ' 'AppleWebKit/604.3.5 (KHTML, like Gecko) Mobile/15B202 ' 'NETGEAR/v1 (iOS Vuezone)'}

[twrecked]

Damn, I forgot about PyPi. I'll push a fix for this to 0.7.

[meavydev]

Thanks. The latest version seems to be working for me again, so closing.