SharkIQ authentication error #123392
Comments
|
Hey there @JeffResc, @funkybunch, mind taking a look at this issue as it has been labeled with an integration ( Code owner commandsCode owners of
(message by CodeOwnersMention) sharkiq documentation |
|
Same problem here. Won't work after updating to HA core-2024 8.0 |
|
Yep, also seeing the exact same problem here! |
|
I am also able to reproduce this. It looks like the backend API used by the integration had some changes made and I'm having trouble finding any public documentation for this. I can confirm that this doesn't have to do with any specific HA core version and has to do with the upstream sharkiq pypi package. I can also confirm that the app ID and app secret constants still seem to be correct It looks like the previously working call to Issue created on upstream repo: JeffResc/sharkiq#51 |
|
Worth noting that this does not seem to affect all installations. Additional analysis is being done to determine the root cause. Instead of simply responding "yeah its happening to me too" please include your logs, model, and region to help us get to the bottom of the issue, otherwise it is not helpful. Likewise, if you have a working installation, please do leave a comment with your model and region to help us determine if there is a pattern. Finally, some users have reported despite successfully logging into the app with the same credentials, both the app and HA worked after resetting their password. Please try this and let us know if it worked for you as well. Any and all data points are helpful at this stage. |
|
The integration is broken for me in Canada. I have both a Shark IQ and a Shark AI device integrated and previously both working perfectly. Below is the log when I attempt to reload the integration: |
|
I apologize that I didn't attempt this in my previous comment, but I've just tried resetting my password and it didn't work. however, it is now giving me a different error log. Hope this helps! I'd be curious to know how to change the existing credentials on the integration, as I could only figure out how to input my updated password by using "Add Entry" on the integration config. and SharkIQ is not available in the "Application Credentials" page. Just to be sure, I also deleted my (backed up) existing SharkIQ integration and re-added it with the new password, but the log output is the same. |
|
Not sure if mine is the same problem however I can not set it up |
|
I began having failures immediately upon upgrading my HA to 2024.08.0. I am running on an Ubuntu VM. Region is US. Without thinking I removed the configuration and this is what I was met with when I tried to set it back up. Logs from my first attempted logon: I then reset my password and was met with a failed to connect and this in the logs (I did verify that I can connect to sharkclean's website with the new password): |
|
My Robot model is RV2520A0US. The latest integration fails with the access_token error and a 403 response code as reported above. I started using the HA integration in May 2024 (and successfully extended it for room specific cleaning with a custom integration based on the logic in jeffresc/sharkiq). Prior to May, I started running into problems using the Google Assistant with the SharkClean skill. I had been using it to schedule room-based cleaning successfully, but it suddenly stopped working. Alexa's SharkClean skill also failed to work, so I had no solution to schedule specific rooms for cleaning. The reason I mention the above is that I just unlinked and relinked the skills on Alexa and Google Assistant. There was a hint in the link skill page in the Alexa app that says under the heading 'What's new' that they 'replaced the web authorization URI'. There was no information like that on Google Assistant's skill, but when I tried it to perform a room-specific cleaning operation, it worked. |
I imagine that'll be helpful, although I looked into the Google Home integration a bit, and it seems like it authenticates against a google-specific URL.... and I've just checked Alexa and it does the same; you actually log into https://alexa-account-linking.iot-sharkninja.com/?client_id=RANDOMTEXT So, I dunno if it would be possible to leverage the Google/Alexa integrations, but it's definitely interesting to know they had to change their configs as well. Hopefully that's a good sign that there's a way forwards for us too. |
|
@tombrant do you happen to have that new URL? |
|
Same problem here in Canada |
|
Getting the same |
|
Nope, they're a bit different. I've changed a couple letters at the end of each URL to avoid potential privacy/security issues, but here's what I get when I attempt to authenticate to each: |
|
I am seeing this as well. Region is US/North America and model is RV1100A. HA Version: 2024.8.3 Logs: |
|
From the look of the Google and Alexa auth urls and the arguments being supplied, this appears to be an OAuth Client Credentials Grant flow. In this case, the applications engaged in the API activity to control the device are running on the Google or Alexa hosted servers and are granted authentication through a token exchange with the SharkClean IOT authentication endpoints. This doesn't appear to involve any user-specific credentials being supplied. The fact that the HA authentication is now returning a 403 seems to me to indicate that the original username and password API flow has been explicitly disabled and only registered applications can interact. Does this sound like a valid conclusion to draw based on the information known? |
This seems to be true. It seems the API can still authenticate email/password through the current endpoint so I don't think the URL is dead. The 403 makes me think they disabled auth token generation through the ""Shark-Android-field-id" app_id that HA integration has been using. The is a similar "Shark-iOS-field-id" app_id + app_secret that used to work that returns a 403 now. They probably reworked the mobile apps since 2020 or whenever these app details were first posted and now finally got around to disabling auth token generation from the old app ids. My integration was working fine until yesterday when my token must have expired and I lost client access to the underlying APIs. |
|
Any news yet ? |
I wouldn't hold your breath. It seems like Shark are deliberately locking out anyone who isn't Google, Amazon, or Apple. My guess is to avoid excess API calls, which is frustrating since other companies deal with this by simply limiting the external API calls (see Ecobee for a good example; they only allow 1 API call per minute, or something along those lines.) I was able to (mostly) recreate my Shark automations with Google Home via their website at home.google.com/automations (note that you can't do this in the Android/iOS app) Here's a sample of one of mine: This is asking Google Assistant via my device "Dining Room Speaker" to simply run a voice command, and it runs on Tuesdays and Thursdays at 11:00am. I built it using the Gemini assistant built into the site. I may, however, actually end up adjusting my exiting Home Assistant automations so that instead of interacting directly with the Shark integration, they will simply ask the Google Assistant integration to run "Start main vacuum in hallway." Then at least Home Assistant is still doing the scheduling, even though it can't tell me the status of the vacuums anymore. |
|
re latest comment from @craig0r I have reverted to using the Google Home automations as well. They were broken for me early this year which is why I ended up adapting the jeffresc/sharkiq HA integration for my own use. Now that HA auth is broken and I'm back on Google Home automations (which can be scheduled) I see that they only work for one room at a time. I had successfully adapted Jeff's integration to support more than one room per cleaning. I'm not sure why the Google automation can't handle more than one room. Also, Alexa automations apparently ignore all room-specific commands and just start cleaning. @craig0r you mention Apple as a supported Shark assistant. That's not in Homekit, is it? |
|
This is all very unfortunate, as I bought two new shark's the week this went down, after integrating my previous shark for the last year without issue. Sucks because I was on the fence with new shark's or Roborocks. It's not ideal, but I did the same with google. Made a bubble-card pop-up with various rooms and commands, and it works pretty good.
|
@tombrant I'm not sure, I just assumed Shark works with Apple devices. I don't have one of my own to check. |
|
Last I checked shark devices only work through apple via app. No homekit, not even siri shortcuts. |
Awesome thank you! Have you noticed your robots as offline a lot? I can add them via GoogleHome fine, but they never show up as online even when I can clearly see them connected to the Wifi. |
Where does this go? HA Automation? Doesn't accept it.
|
It's a script, not an automation. |
I don't believe so. I did have some initial connectivity issues but, after disabling my pi hole ad blocker, I haven't noticed any. |
|
I ended up digging through the APK and running some http intercepts.
Urls;
Other things of note from the apk; They may have moved to using cognito on the backend, I see it in the APK and they (ayla networks) are primarily on AWS. Shark is Akami and Ayla is using Route53. Which means its highly likely they are also using WAF and/or Api Gateway. Happy to test with the token I can scrape from the app, just need a modified HA integration to do it with. (Access token now gets passed for the requests as "authorization: auth_token TOKENHERE" in the header) EDIT: Can confirm the access token works to hit the apiv1/devices.json via postman when passed via header. Looks like access token is good for 24 hours so a bit painful to get atm but once captured shouldn't be hard to keep from expiring. also access token != auth token, access token is from the /oauth/token response. auth token is what is passed to that endpoint. even though the header name says auth_token they want the access token. Edit 2; can grab the api url (ads-apiv1-sharkue1.aylanetworks.com) from the apiv1/dsns/DEVICEDSNHERE.json which is found in apiv1/devices.json |
This comment was marked as spam.
This comment was marked as spam.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as spam.
This comment was marked as spam.
Okay well TLDR for anyone who doesn't have time to read about the issue they're commenting on: it's being worked on, and unless you can contribute towards a fix, all you can do is wait. |
This comment was marked as spam.
This comment was marked as spam.
|
@voron69-bit please review the Home Assistant code of conduct prior to commenting https://github.com/home-assistant/core/blob/dev/CODE_OF_CONDUCT.md If you’re so impatient to get this working again we’d love for you to submit a PR and help out. Everyone responsible for this fix is a volunteer and your disregard for that is not a welcome contribution. Either be productive here or do not engage. |
This comment was marked as abuse.
This comment was marked as abuse.
|
@voron69-bit please stop responding and respect our processes. People are working on figuring out the new API which can take time. |
|
The
It looks like the aylane networks oath api has a "refresh token" for "keep alive" type workflows. https://docs.aylanetworks.com/reference/authentication |
I did not realize they had this API accessible and documented! I'm going to create an account and do some testing this weekend. |
|
The aylanetworks api is presumably the same one that the original, now failing codebase for this project in GitHub used. Is this investigation intended to find a way to authenticate differently from the now broken codebase? |
I mean I personally want to confirm that the login flow is the same from what I scrapped from the APK. I'm curious what the state value passed via the android app is and if it's even necessary. Still happy to beta test any code changes but my skillsets lie more in info gathering and debugging. |
|
I would be so stoked if this gets fixed! |
|
I'm willing to help in any way I can to assist in getting Shark vacuums working with HA. |
|
If anyone is wanting to see how to implement the workaround, please check out this video I posted! I am working on posting an article about the yaml scripts. Please let me know if you have any questions! |
Watched the video, but didn't see the workaround. It starts with integration already installed. Most of us are stuck where it won't even link with our account. |
|
Yes that's where I'm stuck. Won't even link to the Shark account. |
Hello,thank you for your feedback and for taking the time to watch the video! I apologize for not including the prerequisites in the video. To address this, I’ve written an article that outlines all the necessary steps to get started, including the integration process. You can check it out here: Please feel free to reach out if you have any questions or run into issues. I’d also like to note that this solution is intended as a workaround until the original Home Assistant Shark integration is restored. |
|
RV1001AE 025-01-27 04:39:20.398 DEBUG (MainThread) [homeassistant.components.sharkiq] Initialize connection to Ayla networks API |
I don't suppose there's any way to work around the inability to know when the robot docks? I used to trigger lights turning off when the robot docks and now my robot just vacuums in the dark. |
I would do something like this at home.google.com. Shark implements a "starter" for the vacuum docking, and you can expose a helper scene or button from Home Assistant to activate your lights. You can also do this for when the robot starts. - starters:
# Trigger when the robot docks
- type: device.state.Dock
device: Shark Vacuum Name
state: isDocked
is: true
actions:
# Activate the "Vacuum Docked" scene exposed from HA
- type: device.command.ActivateScene
activate: true
devices: Vacuum Docked |
Hmm...yeah I don't actually know how to do that. I can create an input boolean like input_boolean.robot_docked but I have no clue how to get it exposed to google home. |
|
Any update? I'm getting the error too... |
and others
The problem
Receiving an error while loading the Shark IQ integration after updating to 2024.8.0:
I have verified my login works through the sharkclean.com website.
What version of Home Assistant Core has the issue?
core-2024.8.0
What was the last working version of Home Assistant Core?
core-2024.7.4
What type of installation are you running?
Home Assistant OS
Integration causing the issue
Shark IQ
Link to integration documentation on our website
https://www.home-assistant.io/integrations/sharkiq
Diagnostics information
No response
Example YAML snippet
No response
Anything in the logs that might be useful for us?
2024-08-08 11:08:33.730 ERROR (MainThread) [homeassistant.config_entries] Error setting up entry <email> for sharkiq Traceback (most recent call last): File "/usr/src/homeassistant/homeassistant/config_entries.py", line 604, in async_setup result = await component.async_setup_entry(hass, self) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 67, in async_setup_entry if not await async_connect_or_timeout(ayla_api): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 40, in async_connect_or_timeout await ayla_api.async_sign_in() File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 106, in async_sign_in self._set_credentials(resp.status, await resp.json()) File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 84, in _set_credentials self._access_token = login_result["access_token"] ~~~~~~~~~~~~^^^^^^^^^^^^^^^^ KeyError: 'access_token' 2024-08-08 11:08:43.983 DEBUG (MainThread) [homeassistant.components.sharkiq] Initialize connection to Ayla networks API 2024-08-08 11:08:44.253 ERROR (MainThread) [homeassistant.config_entries] Error setting up entry <email> for sharkiq Traceback (most recent call last): File "/usr/src/homeassistant/homeassistant/config_entries.py", line 604, in async_setup result = await component.async_setup_entry(hass, self) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 67, in async_setup_entry if not await async_connect_or_timeout(ayla_api): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/src/homeassistant/homeassistant/components/sharkiq/__init__.py", line 40, in async_connect_or_timeout await ayla_api.async_sign_in() File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 106, in async_sign_in self._set_credentials(resp.status, await resp.json()) File "/usr/local/lib/python3.12/site-packages/sharkiq/ayla_api.py", line 84, in _set_credentials self._access_token = login_result["access_token"] ~~~~~~~~~~~~^^^^^^^^^^^^^^^^ KeyError: 'access_token'Additional information
No response
The text was updated successfully, but these errors were encountered: