Closed JeffSteinbok closed 6 months ago
Ok, something seems up with the US endpoint. I can login with the EU endpoint, but not US. Oddly the iOS app still works, so wondering if they changed endpoint recently?
Just checked and I'm getting the same thing with the homebridge plugin. I'll get some newer logs from the app when I'm back in town tomorrow.
Thanks. I never did take the time to get Android Studio & Frida setup, else I'd have a look.
I think I got Frida working and all. App looks to be continually banging on the API and getting 403s back.
@zyonse - Looks like the URL changed to "website-api" and they have some new required headers: "ua": "dreo/2.5.12 (sdk_gphone64_x86_64;android 14;Scale/2.75)",
It's also not returning the region code like it used it.
You can find me on discord at @JeffStei.
I'm still struggling to get the app working right on the emulator. If you get it working, would love to understand the steps to see what I missed.
Thank you for working on this, @JeffSteinbok... much appreciated.
I tried website-api-us.dreo-cloud.com
with the new user agent, but no luck - still getting 403.
I can authenticate against the EU endpoint, but then I can't manage / get status of my US device.
Hi, just adding that I as well have the same issue now with a Dreo tower fan and I get:
[1/8/2024, 12:34:54 AM] [Dreo Platform] error retrieving token: AxiosError: Request failed with status code 403 at settle (/usr/lib/node_modules/homebridge-dreo/node_modules/axios/lib/core/settle.js:19:12) at IncomingMessage.handleStreamEnd (/usr/lib/node_modules/homebridge-dreo/node_modules/axios/lib/adapters/http.js:585:11) at IncomingMessage.emit (node:events:526:35) at endReadableNT (node:internal/streams/readable:1589:12) at processTicksAndRejections (node:internal/process/task_queues:82:21) { code: 'ERR_BAD_REQUEST', ... .... .... ... .... .... [1/8/2024, 12:34:54 AM] [Dreo Platform] Authentication error: Server returned invalid access_token [1/8/2024, 12:34:54 AM] [Dreo Platform] Make sure your email/password are correct
Many thanks for all your efforts on this great plugin!
I'm trying to get it all to work on the Android emulator, but so far, just get this loop of requests. Hopefully @zyonse can get it working so we can get a trace.
Thank you for working on this, @JeffSteinbok... much appreciated. I tried
website-api-us.dreo-cloud.com
with the new user agent, but no luck - still getting 403.I can authenticate against the EU endpoint, but then I can't manage / get status of my US device.
Same.
Same problem, except I can't even authenticate against the EU endpoint. I've been trying to use the website login to debug this, but haven't made any progress here either. It looks like there are a number of potential US-base hostnames that can be used - app-api-us.dreo-cloud.com, website-api-us.dreo-cloud.com . None of them seem to have any different behaviors.
Using chrome debugger, the JSON payload has a different client ID, client secret and himei, but otherwise is essentially the same.
Here's an example payload with my credentials redacted
{ "client_id": "6c2bfbdd497f4addbb77449edd3d73ec", "client_secret": "460df321de794ea08110cb3ed32c7452", "grant_type": "email-password", "scope": "all", "email": "REDACTED", "password": "REDACTED", "encrypt": "ciphertext", "himei": "4fe6a6e9d2968d7220f9708159cc93ba" }
Same problem, except I can't even authenticate against the EU endpoint. I've been trying to use the website login to debug this, but haven't made any progress here either. It looks like there are a number of potential US-base hostnames that can be used - app-api-us.dreo-cloud.com, website-api-us.dreo-cloud.com . None of them seem to have any different behaviors.
Using chrome debugger, the JSON payload has a different client ID, client secret and himei, but otherwise is essentially the same.
Here's an example payload with my credentials redacted
{ "client_id": "", "client_secret": "", "grant_type": "email-password", "scope": "all", "email": "REDACTED", "password": "REDACTED", "encrypt": "ciphertext", "himei": "" }
you're gonna wanna change your password asap now.
There's a web login? Got a link?
Same problem, except I can't even authenticate against the EU endpoint. I've been trying to use the website login to debug this, but haven't made any progress here either. It looks like there are a number of potential US-base hostnames that can be used - app-api-us.dreo-cloud.com, website-api-us.dreo-cloud.com . None of them seem to have any different behaviors. Using chrome debugger, the JSON payload has a different client ID, client secret and himei, but otherwise is essentially the same. Here's an example payload with my credentials redacted
{ "client_id": "", "client_secret": "", "grant_type": "email-password", "scope": "all", "email": "REDACTED", "password": "REDACTED", "encrypt": "ciphertext", "himei": "" }
you're gonna wanna change your password asap now.
I redacted it before posting and replaced it with the word "REDACTED"
There's a web login? Got a link?
Go to https://www.dreo.com and click on the little person icon on the top right, or try click on https://dreo.com/account/home
I tried to poke the iOS app network traffic via Charles SSL proxy - the app-api-us.dreo-cloud.com
connection is rejected with SSL handshake with client failed - Remote host terminated the handshake and the app fails to authenticate / retrieve any information. :(
SSL proxy settings seem correct as it is able to decode other https requests (like www.dreo-cloud.com
)
Unfortunately the app uses Cert Pinning so this doesn't work.
Right... just came to that conclusion
Pretty sure I just figured out what was wrong, the 'ua' string in the request header needed to be changed. Will push an update shortly.
Should be fixed in v3.2.3, please test it out and let me know.
I'm not using homebridge, so I can't test.
But I updated the ua
in my local environment and it seems to work.
Thank you @zyonse!
If you have the time, would you mind sharing some insights about how you managed to troubleshoot this?
@zyonse I just updated and it's working great here now. Thanks for the quick fix!
@zyonse Wanted to confirm that it is working again and really appreciate your quick fix!
@JeffSteinbok I'll also confirm it's working in HAOS again - thank you!
If you have the time, would you mind sharing some insights about how you managed to troubleshoot this?
@edabe The Dreo app also stopped connecting in the Android Studio emulator, so I figured they must have implemented some sort of server-side block. In the network requests we use, the most obvious difference between Homebridge/Emulator users and a normal app user is that 'ua' (AKA user agent) string. I just changed it from x86_64 to arm64 and it immediately started working.
Thank you @zyonse Also, thank you for pointing this out in the README: https://github.com/JeffSteinbok/hass-dreo/blob/main/contributing.md
It is helping me understand how to trace the network requests from the app and circumvent the SSL cert pinning
Describe Your Problem: I manage the HomeAssistant HACS integration and noticed today that logins started to fail. Wonder if you see the same thing and if you're able to get a new trace from the app to see what they may have changed?
Logs: