"eventType": "error", "code": "289"

[3052]

plugin.video.skyott/resources/lib/endpoints.py

Line 27 in 8ab2e00

'login': rango +'/signin/service/international',

it seems like some extra headers are required now:

POST https://rango.id.peacocktv.com/signin/service/international HTTP/2.0
content-type: application/x-www-form-urlencoded
q5vwyrl1ft-a: BNkVZI27NsmyFCLyQ5m96-pt08IWMe2yIzDGsqnyF3RI4NK3W1fEoNWdrjjKxcS8...
q5vwyrl1ft-b: -pcr5ty
q5vwyrl1ft-c: AIAjzVmOAQAA4DUuU7d92onTmzxKOdi03Rxv4LEP7u9BA5sqSkKmoQHIC5FD
q5vwyrl1ft-d: ABaAhIDBCKGFgQGAAYIQgISigaIAwBGAzvpCzi_33wdCpqEByAuRQwAAAAAYtt92...
q5vwyrl1ft-f: Axqi0VmOAQAAmmovVBDjSRGm5OSRPuecqrOuhYYSDZiFfvRw5HDsZUkwQSmgAUi1...
q5vwyrl1ft-z: q
x-skyott-device: COMPUTER
x-skyott-proposition: NBCUOTT
x-skyott-provider: NBCU
x-skyott-territory: US

password=PASSWORD&userIdentifier=EMAIL

otherwise you get this response:

{
  "class": [
    "error"
  ],
  "properties": {
    "eventType": "error",
    "code": "289"
  }
}

[Paco8]

If the extra headers are those q5vwyrl1ft-* then I'm afraid those come from a captcha verification and the addon can't generate them.
You'll need to use an application like this to get the login cookie:
https://github.com/Paco8/SkyExtractCookieAndroid

[Paco8]

I added a workaround in version 0.4.12.

[3052]

did you test this? with this code:

from lib.sky import SkyShowtime
hello = SkyShowtime('', 'peacocktv')
hello.login('EMAIL', 'PASSWORD')

I get the same 289 error

[Paco8]

It seems the workaround no longer works :(

[Paco8]

Try replacing PC with TELEVISION

-      headers['x-skyott-device'] = 'PC'
+      headers['x-skyott-device'] = 'TELEVISION'

[3052]

still fail for me:

{
    "Accept": "application/vnd.siren+json",
    "User-Agent": "PeacockAndroid-US/4.3.22-121040322",
    "x-skyott-activeterritory": "US",
    "x-skyott-client-version": "4.3.12",
    "x-skyott-device": "TELEVISION",
    "x-skyott-language": "en",
    "x-skyott-proposition": "NBCUOTT",
    "x-skyott-provider": "NBCU",
    "x-skyott-territory": "US",
    "content-type": "application/x-www-form-urlencoded"
}
login response: b'{\n  "class": [\n    "error"\n  ],\n  "properties": {\n    "eventType": "error",\n    "code": "289"\n  }\n}' retcode: 200

[Paco8]

Strange, it worked a few minutes ago.
I don't know.

[3052]

does it work for you now? also, I think I found something. I just captured the Android client, and it uses similar headers:

POST https://rango.id.peacocktv.com/signin/service/international?continuationUrl=https%3A%2F%2Frango.id.peacocktv.com%2Foauth%2Fauthorize%2Fservice%2Finternational%3Fresponse_type%3Dtoken%26client_id%3Dnbcu_android_phone%26redirect_uri%3Dnbcu%3A%2F%2Fauth%26api_id%3Doauth HTTP/2.0
content-type: application/x-www-form-urlencoded
k1qbesdhkq-a: qL3qGeu0_Dlj77510t--kpH7UnXcFUPaf2PDfno2N4UDc-q0LbJINv1LGkT16HdX...
k1qbesdhkq-b: -a9e76m
k1qbesdhkq-c: AKBrEdZ0AQAArVdTjn_SkoEWiTMVcNyrMH-1PCzhOG5UMM4HRYxVVcquZtH8
k1qbesdhkq-d: AAZAkAiQgrIAgACAAoAQ0EKACIGOAIxVVcquZtH8XgpXmJKKud4BuzjLK430oqPu...
k1qbesdhkq-e: b;RCiVUVSqyaa9PAE52r1XUryratGPIVM9jQ2k6aPMjmFoT08aztpmZQF3CgbQVI...
k1qbesdhkq-f: AyD0FdZ0AQAA6uu8Y3xGr49wcwYCDcxUpXCNuPWJLu7fBrzMSn8NEKkh8Xy_AawR...
k1qbesdhkq-z: q
x-skyott-device: MOBILE
x-skyott-proposition: NBCUOTT
x-skyott-provider: NBCU
x-skyott-territory: US

password=PASSWORD&userIdentifier=EMAIL

I searched the other requests for k1qbesdhkq and didn't find anything. then I searched online, and I did find this iOS request:

GET /signin/service/international?continuationUrl=https%3A%2F%2Frango.id.peacocktv.com%2Foauth%2Fauthorize%2Fservice%2Finternational%3Fresponse_type%3Dtoken%26client_id%3Dnowtv%26redirect_uri%3Dnowtv%3A%2F%2Fauth%26api_id%3Doauth HTTP/1.1
Host: rango.id.peacocktv.com
Content-Type: application/x-www-form-urlencoded
k1QbeSDhKQ-a: fH=KYMy5xzjbTuZtCTnOmqbviRz9XkARWUd8487I8nxr3Sf01vOdcGep1ycjsG8W...
k1QbeSDhKQ-b: wq608u
k1QbeSDhKQ-c: AGAx9sdyAQAAts_Msl1E8io7ggbDZkUnpSqi2YYTrgSb5P_sxabw9c-_wilW
k1QbeSDhKQ-d: AAYAoAqAAKAAgACAAIAQwAKIAAGm8PXPv8IpVqRAge4E21AJAHs-kJfZmS70evyC...
k1QbeSDhKQ-e: b;u2-uVGERbmX6pnB01b2h7qbOh3eHOYDtiAF0A_FvYXXPGNQ8KaGFEImDKXd5E3...
k1QbeSDhKQ-f: A0Wi-cdyAQAANDFsvDPlCy930XRA7ZU0ZSiCHgjmUMEN8kBTla2qoTyXwAeWAawR...
k1QbeSDhKQ-z: q
x-skyott-device: MOBILE
x-skyott-proposition: NBCUOTT
x-skyott-provider: NBCU
x-skyott-territory: US

https://freetexthost.net/gLTgbHQ

notice its the same headers, but they are mixed case. so I searched again for k1QbeSDhKQ, and found this:

https://www.peacocktv.com/android/native-app/update

which has the same value (note I removed some of the JSON below):

{
  "kernelId": "A08VCl6OAQAAq7e8OaQ7eGFmkyhLze1_FbMySJOf9qu7hs9BfluL1Alc2Rc8AUi1B9EAAAAAAABgfTJdYD2ykA==",
  "dl": 0,
  "nativeSignalHeaderPrefix": "k1QbeSDhKQ-",
  "uriBypass": [],
  "enableCVM": false,
  "urlChecksumLength": 1024,
  "bodyChecksumLength": 1024,
  "id": "android_config",
  "updateTimeout": 60000,
  "rtd": 255,
  "maxUpdateInterval": 28800000,
  "kernel": "(function o(E){var DR={},Dq={};var DK=ReferenceError,Dy=TypeErr...",
  "ck": {},
  "ttl": 86400000,
  "uriBypass2": [],
  "version": "1.1",
  "storePID": true,
  "updateInterval": 14400000,
  "updateURL": "https://www.peacocktv.com/android/native-app/update",
  "updateHeaderName": "x-17Dzmhep",
  "updateURLMap": {
    "qa": "https://www.stable-int.peacocktv.com/android/native-app/update",
    "default": "https://www.peacocktv.com/android/native-app/update",
    "prod": "https://www.peacocktv.com/android/native-app/update"
  },
  "support": 255,
  "enableNHC": false
}

[Paco8]

The problem is how to find out the values for those k1QbeSDhKQ- headers. I think they come from a captcha.

[Fffrank]

This repo has solved for it for southwest. It uses a headless browser but that's a flag that can be easily changed so that it loads a graphical chromium instance as long as you're running in an environment that would support it. https://github.com/jdholtz/auto-southwest-check-in

[Paco8]

Right now it seems login works again, with no changes (version 0.4.11).

[3052]

OK it worked once but now its failing again, not sure whats going on

[Paco8]

It's still working for me.

[3052]

OK I will test it again after work. I know my credentials are valid, because I can use the idsession cookie on its own and it works fine

[Paco8]

I guess due to so many login attempts, both Peacock and SkyShowtime forced me to reset my password.

[3052]

does the code work after the reset? I can try a reset on mine but I don't know if that's the issue

[Paco8]

Yes, I could log in with no problems using the addon.

[3052]

@Paco8 are you able to capture the TV app? if so looks like we can use the TV login:

https://peacocktv.com/activate
https://peacocktv.com/tv

[Paco8]

No, unfortunately I don't know how to capture from the TV app.

[3052]

it seems they are A/B testing, because using everything exactly the same, I will get 9/10 success and 1/10 failure. I will close for now, but in the future email/password login might be impossible