Recaptcha implemented on Medtronic website

[hhuitema]

My installation of the integration stopped working 24 hours ago. On the NightScout website i noticed issues and comments on people also having problems logging in.

No solution yet, hopefully we can find one soon.

https://github.com/nightscout/minimed-connect-to-nightscout/issues/47

[hhuitema]

Did some reading in the other repo's making a non official login. :)

Consensus seems that technically we should steer away with logging in all the time, and move to a session based token. i also found a nice bit of code that allows retrieval for the Captcha token which i expect will now be part of the payload for logging in.

https://github.com/Hartman5/recaptchaV3-Bypass

i'm still quite a novice when it comes to Python development and a complete newbie for HomeAssistant integrations. :-) But i hope this helps. i will continu to monitor the other github repo's on this issue.

[Hofi1310]

Guten morgen . Meine Anmeldung funktioniert auch nicht. Hat jemand eine Lösung?

[hhuitema]

There might be a quick and dirty solution, it still needs some testing.

[MrRasmus]

There might be a quick and dirty solution, it still needs some testing.

How this?

[hhuitema]

Medtronic added extra parameters in their API. Basically the token number of the captcha function. However any value provided gives access.

[hhuitema]

i got it patched locally by adjusting the api.py file

Just add an extra line at row 202 with this content ""g-recaptcha-response":"abc","

This is certainly not a permanent solution, but it does get the job done for me.. (running 4 hours without problems)

[Hofi1310]

Habe das gerade gemacht . Funktionierte sofort. Danke . Werde es mal testen .

[ozaibi]

i got it patched locally by adjusting the api.py file

Just add an extra line at row 202 with this content ""g-recaptcha-response":"abc","

This is certainly not a permanent solution, but it does get the job done for me.. (running 4 hours without problems)

This didnt work for me .....

[hhuitema]

After the update a restart of home assistant is needed

[joints4all]

If you are copy and pasting copy this "g-recaptcha-response":"abc", and make a space in line 202 and paste it... SAVE THE FILE.... restart home assistant and if its already installed in devices... voila!!

[ozaibi]

[ozaibi]

even after multiple restarts

[ozaibi]

[hhuitema]

I think here the difference is that in my case i had a running installation with a valid config. From the screenshots it seems yours is a new installation. So this quick one line patch is not enough to make it consistent for new installations

[yo-han]

I just created release 2023.10.0 with this fix.

[ozaibi]

I think here the difference is that in my case i had a running installation with a valid config. From the screenshots it seems yours is a new installation. So this quick one line patch is not enough to make it consistent for new installations

actually been using for a long time, but it suddenly stopped and tried diffrent methods ( including deleteing it and reinstalling )

[ozaibi]

after the update, I cant reconnect again, even though i checked on other methods to loging (ipad / iphone) using

• AE country code

[yo-han]

Are there any errors in the logs? And what version of Home Assistant are you running?

[ozaibi]

Traceback (most recent call last): File "/usr/src/homeassistant/homeassistant/helpers/update_coordinator.py", line 290, in _async_refresh self.data = await self._async_update_data() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/config/custom_components/carelink/init.py", line 173, in _async_update_data recent_data["lastSG"] = recent_data.setdefault("lastSG", {}) ^^^^^^^^^^^^^^^^^^^^^^ AttributeError: 'NoneType' object has no attribute 'setdefault'

[ozaibi]

My version Home Assistant 2023.9.3 Supervisor 2023.09.2 Operating System 10.5 Frontend 20230911.0 - latest

[ozaibi]

auth_token = self.async_client.cookies[CARELINK_AUTH_TOKEN_COOKIE_NAME]
             ~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

File "/usr/local/lib/python3.11/site-packages/httpx/_models.py", line 1148, in getitem raise KeyError(name) KeyError: 'auth_tmp_token'

[Hofi1310]

Guten morgen . Seid heute morgen geht die Anmeldung wieder nicht mehr. Gibt es eine Lösung? Liebe Grüße hofi1310

[ozaibi]

the latest error 2023-10-06 12:10:43.219 ERROR (MainThread) [custom_components.carelink] Unexpected error fetching carelink data: 'auth_tmp_token' Traceback (most recent call last): File "/usr/src/homeassistant/homeassistant/helpers/update_coordinator.py", line 290, in _async_refresh self.data = await self._async_update_data() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/config/custom_components/carelink/init.py", line 149, in _async_update_data recent_data = await self.client.get_recent_data() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/config/custom_components/carelink/api.py", line 475, in get_recent_data if await self.__get_authorization_token() is not None: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/config/custom_components/carelink/api.py", line 437, in __get_authorization_token auth_token = self.async_client.cookies[CARELINK_AUTH_TOKEN_COOKIE_NAME]

  File "/usr/local/lib/python3.11/site-packages/httpx/_models.py", line 1148, in __getitem__
    raise KeyError(name)
KeyError: 'auth_tmp_token'

[yo-han]

@ozaibi It's seems the login fails. I'm not sure why but maybe you can try if you can make a dump of your data using https://github.com/ondrej1024/carelink-python-client. It's much easier to test your credentials and the login using ondrej's cli.

[ozaibi]

I will give it a try and get back to you

[hhuitema]

Sadly the python Client also does not work anymore. Probably Medtronic started checking the content of the captha_id

[ozaibi]

this is really sad as i am dependent on it as a critical alarm for the whole house

[yo-han]

I understand Medtronic is not ok with all the scraping on their api as it creates a lot of traffic. But they really should just open up their api for personal use. Every patient using Carelink should be able to use their own data in the application of their choice.

[yo-han]

@hhuitema Yes you're right. Medtronic is now checking the captcha. My local installation stopped working too.

Privacy wise this is really bad. Now Medtronic sends a lot of info about users login in at Carelink. I really do not want to share with google anything about my medical state or the tools I use to manage it. Why not add a Facebook pixel too?

[hhuitema]

Indeed Medtronic is limiting access to their carelink functions, probably because they think this might have a relationship to the issues they have a few months ago. my preference would also be to have a supported method for API use on personal basis.

As a side note on the captcha stuff, this is so basic in its function that the only thing that google would be able to see is that someone is using a captcha service from the medtronic domain, there are no user credentials shared and certainly not any medical information.

[yo-han]

I know they do not have any access to private data stored in the Medtronic database. But they know now who you are and that there is a relation between you and Medtronic. Another piece of the advertisement puzzle for them.

But that's not the issue at hand. Solving the recaptcha wil take a very well trained AI or an implementation in HA. Both are very time consuming and I do not have that spare time available at the moment. If anyone else want to take look, you're very welcome.

[MrRasmus]

There is some code for different recaptcha solvers for Python - Would this not be possible? Im not good enough with python to do it unfortunately

[ozaibi]

does anyone know what the repatch used in carelink so we can try to implement solvers via python

[joints4all]

https://2captcha.com/lang/python - https://geekpython.in/solve-captcha-in-python-using-2captcha - https://github.com/topics/captcha-solver?l=python <--- lol had to put it in... By the way it is recaptcha..... https://github.com/Artistrazh/recaptcha_v2_solver

[MrRasmus]

As I don't have the time either to implement this, I reached out to Medtronic and got this answer: API/SSO solution is on the way from Medtronic's side. We are missing the last thing within the legal (data processing agreement). When these things are finally in place, we can offer the solutions to our customers.

[yo-han]

@MrRasmus That sounds very good. If they provide an API endpoint we can fix it in a clean and safe way. Probably way better then the current implementation.

[AdhocAdam]

First and foremost my thanks to @yo-han for what you've created. This is the kind of innovation in this space that has made life just a little less difficult. 🙌

Like many in this thread, I've also been searching for an answer. I suspect I don't have much to add here other than what might already be known information. Once you get a token, (for example, log in via a browser, and then copy the token as well as its expiration out). That you can maintain a connection. Token seems to be good for 40 minutes before requiring a refresh. I say this having recently updated my own PowerShell module for CareLink. I've been running the last 14+ days now without a single disconnect in my terminal.

Once a token is obtained, its right back to API calls (only had to update a couple endpoints). I don't have much experience with Python or developing custom Home Assistant integrations (currently using an HA file sensor to pick up these values). But conceptually it seems like if the onboarding flow took a token + token expiration. Then a similar outcome could be achieved similar to what I'm doing in my PowerShell module and respective scripts. Not trying to hijack the thread or saying what has to be done, just thinking out loud and wanted to share in the event this helps someone.

[yo-han]

Thanks to @sedy89 we have a new and working release today. https://github.com/yo-han/Home-Assistant-Carelink/releases/tag/2023.12.1

Check the readme to retrieve your session token from the cookie set by the Medtronic website and you should be good to go! No more recaptcha's!

[yo-han]

I close this issue now we have a different way of logging in.

[ondrej1024]

@yo-han finally I had some time during Christmas holidays to implement the new version of the Carelink Client Python library based on the new API as used by the Carelink Connect app (which has been reverse engineered by @palmarci): carelink-python-client

This library does not implement the login procedure with reCapcha. For this you have to run the carelink_carepartner_api_login.py script on a PC with a screen. The script will produce the initial logindata.json file and should be needed to run only the very first time. After that the Carelink Client library will take care of refreshing the tokens and updating the file. So you might want to give it a try. Feedback is welcome,

The big advantage of this new library is that it uses a refresh token which can be used to get a new access token even after it has expired. So after initial manual login the Carelink client library should be able to run autonomously, just like the Carelink Connect app, even if it is offline for some days.