search

wylanswets / homebridge-icontrol-platform

Enables iControl home security systems and other accessories in Homebridge for homekit
4 stars 2 forks source link

Xfinity Home is not working, resuting with the following error #7

Open whitespaceit opened 4 years ago

whitespaceit commented 4 years ago

There was an error while communicating with iControl. Status code was 200 and error was: Error: Bad status code 200 at iControl. (/usr/local/lib/node_modules/homebridge-icontrol-platform/node_modules/icontrol-api/index.js:242:20) at Request.self.callback (/usr/local/lib/node_modules/homebridge-icontrol-platform/node_modules/request/request.js:185:22) at Request.emit (events.js:315:20) at Request. (/usr/local/lib/node_modules/homebridge-icontrol-platform/node_modules/request/request.js:1154:10) at Request.emit (events.js:315:20) at IncomingMessage. (/usr/local/lib/node_modules/homebridge-icontrol-platform/node_modules/request/request.js:1076:12) at Object.onceWrapper (events.js:421:28) at IncomingMessage.emit (events.js:327:22) at endReadableNT (_stream_readable.js:1221:12) at processTicksAndRejections (internal/process/task_queues.js:84:21) Stack:Error: at iControl._notifyError (/usr/local/lib/node_modules/homebridge-icontrol-platform/node_modules/icontrol-api/index.js:494:181) at iControl. (/usr/local/lib/node_modules/homebridge-icontrol-platform/node_modules/icontrol-api/index.js:243:12) at Request.self.callback (/usr/local/lib/node_modules/homebridge-icontrol-platform/node_modules/request/request.js:185:22) at Request.emit (events.js:315:20) at Request. (/usr/local/lib/node_modules/homebridge-icontrol-platform/node_modules/request/request.js:1154:10) at Request.emit (events.js:315:20) at IncomingMessage. (/usr/local/lib/node_modules/homebridge-icontrol-platform/node_modules/request/request.js:1076:12) at Object.onceWrapper (events.js:421:28) at IncomingMessage.emit (events.js:327:22) at endReadableNT (_stream_readable.js:1221:12) Response: <!DOCTYPE html>

<html lang="en" class="light da" data-resource-package-id="res-responsive-login-page"

Sign in to Xfinity 
                    <script src="//assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js"></script>

    <script type="text/javascript" src="https://static.cimcontent.net/data-layer/"></script>

    <script type="tracking-data-digitalData">
            {
                    "page" : {
                            "pageInfo" : {
                                    "screenName" : "sign in",
                                    "language" : "en",
                                    "referrerId" : "oauth"
                             },
                             "category" : {
                "primaryCategory" : "login",
                "designType" : "responsive",
                "businessType" : "resi",
                "siteType" : "selfservice"
            },
            "affiliate" : {
                "name": "comcast",
                "channel" : "web"
            },
            "codebase" : {
                "name" : "cima login"
            }
                    },
                    "user" : [{
                            "profile" : [{
                                    "profileInfo" : {
                                            "authenticationType" : "unauthenticated",
                                            "recognizationType" : "unrecognized"
markcsegal commented 4 years ago

Seeing the same thing. That said I am trying with a partner of Comcast (Rogers) to try and see if this works.

whitespaceit commented 4 years ago

thanks Mark. let me know if anything works for you. Appreciate the help..

tetra-fox commented 4 years ago

So I'm having this issue too, and it seems that Xfinity updated something on their end, breaking this plugin. The issue seems to be with the login flow in icontrol-api. Reading through the response, it looks like Xfinity doesn't support certain browsers anymore because the error given is Your browser is not supported. I tried modifying a local copy of icontrol-api to spoof the user agent with a modern browser (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36) and this time, I get a different error: The Xfinity ID or password you entered was incorrect. Please try again., even though my login information is correct. Not sure if @wylanswets is still actively working on this, but if I come up with a fix before they do, I'll submit a PR to the API repository-- though I'm still not really sure why Xfinity thinks my login information is incorrect.

whitespaceit commented 4 years ago

thanks @tetra-fox for updating this thread. Please do let me know if you find any solution for this problem.

cmb991 commented 4 years ago

I’m still actively using this plugin with Xfinity and the only issue I have is with accessories once in a while. You guys are signing in with a separate account than your main, who you gave access to your home security section and set them up with a pin? Also have 2fa disabled on that account?

whitespaceit commented 4 years ago

@cmb991 it was working until i upgraded the rasp OS. I had to reinstall and configure all the plugins that I had earlier. Everthing is fine but the xfinity. I dont have 2fa enables and I have only one account which is the primary.

wylanswets commented 4 years ago

Hey all. I am still maintaining this plugin as time allows, but things have been busy for me lately.

In the short-term Comcast has in fact changed their login flow. Basically before submitting the form, it looks like in-browser code injects a bunch of calculated fields with random names and very long encoded / encrypted values.

This means that either reverse-engineering of the login page is in order, or implementing something like jsdom might resolve it. I have been tinkering with jsdom in a tad of time I have had, and it's new to me so it's not moving quickly.

The good news is that after you are logged in their underlying API still uses the same Bearer access tokens / refresh tokens that the rest of my code already implements. If you were able to capture your Bearer token I would be able to modify the plugin to just start from that point. The downside is it is not very easy to capture these tokens, but I will look for any simpler methods I can find.

I do not like having to fall back to such a non-ideal method but to save time and keep people running it may be best that I look at those methods.

wylanswets commented 4 years ago

I have just pushed a minor update which will allow you to provide a "refresh_token" in the configuration file... I have updated the README with more information but let me know if you need more help to test this out. So far for me it is back up and running (mine broke while seeing if I could reproduce the issue you were having lol).

tetra-fox commented 4 years ago

Using a refresh token appears to work. Thank you! If anybody else needs help capturing the refresh token, capture your phone's network activity with a tool such as Burp Suite or Charles Proxy (what I used, since it works locally on my iPhone), log into the Xfinity Home app and look for a response from https://oauth.xfinity.com/oauth/token and copy the value from the refresh_token key.

xtrixterx commented 4 years ago

Using a refresh token appears to work. Thank you! If anybody else needs help capturing the refresh token, capture your phone's network activity with a tool such as Burp Suite or Charles Proxy (what I used, since it works locally on my iPhone), log into the Xfinity Home app and look for a response from https://oauth.xfinity.com/oauth/token and copy the value from the refresh_token key.

Any chance there's a free version/way of doing it? Maybe using Developer Mode in FireFox or something similar? Thanks!

wylanswets commented 4 years ago

Using a refresh token appears to work. Thank you! If anybody else needs help capturing the refresh token, capture your phone's network activity with a tool such as Burp Suite or Charles Proxy (what I used, since it works locally on my iPhone), log into the Xfinity Home app and look for a response from https://oauth.xfinity.com/oauth/token and copy the value from the refresh_token key.

Any chance there's a free version/way of doing it? Maybe using Developer Mode in FireFox or something similar? Thanks!

I was able to capture the refresh_token using Charles Proxy in the free trial. Also, thank you @tetra-fox for stepping up - my life has been overly hectic.

xtrixterx commented 4 years ago

Using a refresh token appears to work. Thank you! If anybody else needs help capturing the refresh token, capture your phone's network activity with a tool such as Burp Suite or Charles Proxy (what I used, since it works locally on my iPhone), log into the Xfinity Home app and look for a response from https://oauth.xfinity.com/oauth/token and copy the value from the refresh_token key.

Any chance there's a free version/way of doing it? Maybe using Developer Mode in FireFox or something similar? Thanks!

I was able to capture the refresh_token using Charles Proxy in the free trial. Also, thank you @tetra-fox for stepping up - my life has been overly hectic.

Ah, I didn't know about the free trial. Will give that a shot.

Sorry for the dumb question but I'm guessing I would install the app on my computer and then sign into xfinity.com with my credentials and look for the refresh_token key from https://oauth.xfinity.com/oauth/token ?

wylanswets commented 4 years ago

Not a dumb question - yes that's correct. During the sign-in process that is one of the endpoints that gets hit.

From memory though, if you don't see it while logging in from your computer you may need to try hooking up your phone to Charles Proxy (which requires the certificate be installed to decrypt the HTTPS traffic).

There is an iPhone app which I just found out about... purchased... and it's amazing and super easy to use but it is $8.99: https://apps.apple.com/us/app/charles-proxy/id1134218562

Or if you still want to use the free version using your phone and a laptop with the free trial, I found some good instructions on how to use Charles including with an iPhone and laptop and getting HTTPS set up: https://www.raywenderlich.com/1827524-charles-proxy-tutorial-for-ios#toc-anchor-004

xtrixterx commented 4 years ago

Thank you so much for the tip! I was able to get the refrsh_token using the steps you suggested! However, I'm now running into another issue:

My Homebridge no longer starts up and to resolve, I have to edit the config.json file and remove the iControl entry. Only then would it start back up. Here is the error I'm receiving.

[9/10/2020, 9:51:11 PM] TypeError [ERR_INVALID_ARG_TYPE]: The "data" argument must be of type string or an instance of Buffer, TypedArray, or DataView. Received undefined at Hash.update (internal/crypto/hash.js:82:11) at Object.generate (/usr/local/lib/node_modules/homebridge/node_modules/hap-nodejs/src/lib/util/uuid.ts:9:11) at iControlPlatform.registerPanelAccessory (/homebridge/node_modules/homebridge-icontrol-platform/index.js:190:24) at iControlPlatform.addAccessories (/homebridge/node_modules/homebridge-icontrol-platform/index.js:144:26) at /homebridge/node_modules/homebridge-icontrol-platform/index.js:52:34 at /homebridge/node_modules/homebridge-icontrol-platform/node_modules/icontrol-api/index.js:425:7 at /homebridge/node_modules/homebridge-icontrol-platform/node_modules/icontrol-api/index.js:401:7 at iControl. (/homebridge/node_modules/homebridge-icontrol-platform/node_modules/icontrol-api/index.js:481:7) at Request.self.callback (/homebridge/node_modules/homebridge-icontrol-platform/node_modules/request/request.js:185:22) at Request.emit (events.js:315:20) [9/10/2020, 9:51:11 pm] [SmartThings-v2] ERROR: uncaughtException: The "data" argument must be of type string or an instance of Buffer, TypedArray, or DataView. Received undefined TypeError [ERR_INVALID_ARG_TYPE]: The "data" argument must be of type string or an instance of Buffer, TypedArray, or DataView. Received undefined at Hash.update (internal/crypto/hash.js:82:11) at Object.generate (/usr/local/lib/node_modules/homebridge/node_modules/hap-nodejs/src/lib/util/uuid.ts:9:11) at iControlPlatform.registerPanelAccessory (/homebridge/node_modules/homebridge-icontrol-platform/index.js:190:24) at iControlPlatform.addAccessories (/homebridge/node_modules/homebridge-icontrol-platform/index.js:144:26) at /homebridge/node_modules/homebridge-icontrol-platform/index.js:52:34 at /homebridge/node_modules/homebridge-icontrol-platform/node_modules/icontrol-api/index.js:425:7 at /homebridge/node_modules/homebridge-icontrol-platform/node_modules/icontrol-api/index.js:401:7 at iControl. (/homebridge/node_modules/homebridge-icontrol-platform/node_modules/icontrol-api/index.js:481:7) at Request.self.callback (/homebridge/node_modules/homebridge-icontrol-platform/node_modules/request/request.js:185:22) at Request.emit (events.js:315:20) [9/10/2020, 9:51:11 pm] [SmartThings-v2] NOTICE: Temperature Unit is Now: (F) [9/10/2020, 9:51:11 pm] [SmartThings-v2] NOTICE: Updating Global Values | HubIP: 192.168.1.140 | UseLocal: false [9/10/2020, 9:51:11 pm] [SmartThings-v2] WARN: Devices to Remove: (0) [] [9/10/2020, 9:51:11 pm] [SmartThings-v2] INFO: Devices to Update: (26) [9/10/2020, 9:51:11 pm] [SmartThings-v2] GOOD: Devices to Create: (0) [] [9/10/2020, 9:51:11 pm] [SmartThings-v2] ALERT: Total Initialization Time: (1 seconds) [9/10/2020, 9:51:11 pm] [SmartThings-v2] NOTICE: Unknown Capabilities: ["Outlet"] [9/10/2020, 9:51:11 pm] [SmartThings-v2] INFO: SmartThings DeviceCache Size: (26) [9/10/2020, 9:51:11 pm] [SmartThings-v2] INFO: WebServer Initiated... [9/10/2020, 9:51:11 pm] [SmartThings-v2] INFO: Sending StartDirect Request to SmartThings | SendToLocalHub: (false) [9/10/2020, 9:51:11 pm] [SmartThings-v2] INFO: Direct Connect Active | Listening at 192.168.1.222:8000 [9/10/2020, 9:51:11 PM] Got SIGTERM, shutting down Homebridge...

wylanswets commented 4 years ago

Great! I think you're really close. The plugin is at a point where it's attempting to register the accessories from iControl to homebridge / HomeKit.

From what I can see in that error log... both SmartThings and iControl are spitting out "TypeError [ERR_INVALID_ARG_TYPE]". From the searching I did related to that error where "Hash.update (internal/crypto/hash.js:82:11)" is the main start point for the errors, it looks like some people had success updating homebridge to a newer version. I'd start there, if that doesn't work it may need nodejs to be updated too.

Hope that helps, and let me know if you get it working!

xtrixterx commented 4 years ago

Great! I think you're really close. The plugin is at a point where it's attempting to register the accessories from iControl to homebridge / HomeKit.

From what I can see in that error log... both SmartThings and iControl are spitting out "TypeError [ERR_INVALID_ARG_TYPE]". From the searching I did related to that error where "Hash.update (internal/crypto/hash.js:82:11)" is the main start point for the errors, it looks like some people had success updating homebridge to a newer version. I'd start there, if that doesn't work it may need nodejs to be updated too.

Hope that helps, and let me know if you get it working!

Thanks for the quick reply! Sadly, still running into the same error. My Homebridge is v 1.1.6 and nodejs is v12.18.3. I'm running Homebridge on Synology. Homebridge was the latest prior to troubleshooting but I went ahead and delete, re-downloaded the latest from Docker and set it back up, but no luck unfortunately.

wylanswets commented 4 years ago

Sure thing!

Okay, well I don't know a lot about how Synology implemented Docker, but I'd say also make sure this plugin is the latest version too.

Looking at my code... one reason it could be happening is if the panel registered to your account does not have a serial number. Do you happen to have one of those number keypads or is it the touch screen display?

xtrixterx commented 4 years ago

Sure thing!

Okay, well I don't know a lot about how Synology implemented Docker, but I'd say also make sure this plugin is the latest version too.

Looking at my code... one reason it could be happening is if the panel registered to your account does not have a serial number. Do you happen to have one of those number keypads or is it the touch screen display?

Thanks, I believe I'm running the latest version of the plugin as well (v0.2.8).

With regards to the keypad or touchscreen, I have both on my account.

wylanswets commented 4 years ago

Okay. I'm not sure if I've ever encountered one of those numeric keypads. I don't have one on my account, so I don't know what it calls itself in the API. Either way, it looks like on your account there's a "panel" accessory which may not have a serial number which is what I used to uniquely identify each accessory. That's the best theory I have for now...

Really the only thing I could offer from here is if you are comfortable giving me a login to your Xfinity Home via some direct communication (email, wickr, etc), I could check on it and potentially update the plugin to handle that issue in the future. What I'd recommend if you are good with it, is create a new user account on your account to give me so it can be deleted when I am able to fix the issue.

xtrixterx commented 4 years ago

Okay. I'm not sure if I've ever encountered one of those numeric keypads. I don't have one on my account, so I don't know what it calls itself in the API. Either way, it looks like on your account there's a "panel" accessory which may not have a serial number which is what I used to uniquely identify each accessory. That's the best theory I have for now...

Really the only thing I could offer from here is if you are comfortable giving me a login to your Xfinity Home via some direct communication (email, wickr, etc), I could check on it and potentially update the plugin to handle that issue in the future. What I'd recommend if you are good with it, is create a new user account on your account to give me so it can be deleted when I am able to fix the issue.

I thought all the security systems that Xfinity sold came with a touchscreen and keypad? Not sure if this helps but when I look at my Xfinity account online, under the Devices tab, I do see the touchscreen listed but no SN is attached to it which is weird. I called them up to ask why and they said that is weird but everything looks fine on the backend.

If you're up for it, I'd be happy to support this! Could do email, don't have Wickr but I've got Telegram if that's easier too. Let me know how we can do this. I'll have a new account ready for you to go shortly.

wylanswets commented 4 years ago

Gotcha, no mine is only the touch panel. The keypad was an extra I would have needed to buy. I'm actually fine by that because since having this plugin to control it I almost never touch the panel. Between automations when leaving / arriving home and being able to pull up my phone it's way faster and I know that I use the system way more than I would because it's right along with the rest of my homekit accessories.

If you're good with it, email is probably fastest - wylan.swets@gmail.com

KCFT23 commented 4 years ago

Using a refresh token appears to work. Thank you! If anybody else needs help capturing the refresh token, capture your phone's network activity with a tool such as Burp Suite or Charles Proxy (what I used, since it works locally on my iPhone), log into the Xfinity Home app and look for a response from https://oauth.xfinity.com/oauth/token and copy the value from the refresh_token key.

I was able to capture the refresh token using these instructions and my panel was loaded into HomeKit. However, it seems the refresh_token expired - probably after I logged off Xfinity Home on my phone. I am using a separate account for Homekit as suggested, so then I logged off my phone and rejoined with my own account. Is this not the way it should be done? Can you elaborate on the sequence of events to prevent the token to expire? Thanks

wylanswets commented 4 years ago

Hey @KCFT23 glad you initially got things working!

By opening the app again / interacting with the app you may trigger the app to use the refresh token itself, thereby invalidating it. What I find to be most effective honestly is to capture the refresh token and then immediately uninstall the app from your phone (which logs you out). Then you can safely re-install it and sign in to a different account.

Hope this helps!

KCFT23 commented 4 years ago

Yes, immediately deleting the Home App from my home (after getting the token) and then reinstalling the app and signing in as myself seems to do the trick. Thanks for the tip!