Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

403 Forbidden Response #55

Closed
mjpoo opened this issue Sep 26, 2023 · 18 comments
Closed

403 Forbidden Response #55

mjpoo opened this issue Sep 26, 2023 · 18 comments

Comments

@mjpoo
Copy link

mjpoo commented Sep 26, 2023

I've been able to retrieve activities for many months but this morning I get a 403 response when I call GCClient.getActivities.

The body does not contain an array of activities, it contains this error object:
{ clientMessage: 'Reference Error ID in error logs for further information', errorId: 'e6b09f8b-b515-4307-bd10-2e07c065f515', error: 'WebApplicationException' }

The stacktrace is:

Unhandled rejection StatusCodeError: 403 - "{\"clientMessage\":\"Reference Error ID in error logs for further information\",\"errorId\":\"48588b72-47c0-4ddb-bfc7-7356464e41a7\",\"error\":\"WebApplicationException\"}" at new StatusCodeError (D:\foo\node_modules\request-promise-core\lib\errors.js:32:15) at plumbing.callback (D:\foo\node_modules\request-promise-core\lib\plumbing.js:104:33) at Request.RP$callback [as _callback] (D:\foo\node_modules\request-promise-core\lib\plumbing.js:46:31) at self.callback (D:\foo\node_modules\request\request.js:185:22) at onRequestComplete (D:\foo\node_modules\cloudscraper\index.js:629:3) at onRequestResponse (D:\foo\node_modules\cloudscraper\index.js:207:5) at Request.<anonymous> (D:\foo\node_modules\cloudscraper\index.js:149:7) at Object.onceWrapper (node:events:628:26) at Request.emit (node:events:513:28) at Request.<anonymous> (D:\foo\node_modules\request\request.js:1154:10) at Request.emit (node:events:513:28) at IncomingMessage.<anonymous> (D:\foo\node_modules\request\request.js:1076:12) at Object.onceWrapper (node:events:627:28) at IncomingMessage.emit (node:events:525:35) at endReadableNT (node:internal/streams/readable:1359:12) at process.processTicksAndRejections (node:internal/process/task_queues:82:21)

I ran an npm update and changed to using @garmin/fitsdk (rather than the deprecated @garmin-fit/sdk) but the 403 error still exists.

I have no issues logging into Garmin Connect with the same credentials.
@wscourge
Copy link
Contributor

Same issue

@lukasz-mordawski
Copy link

Same here

@lukasz-mordawski
Copy link

I tried to debug it for a while. Unforunately I don't know how exactly is GC website working.

First I added few constants to Urls.ts:
export const GARMIN_SSO_PORTAL = ${GARMIN_SSO_ORIGIN}/portal
export const SIGNIN_URL = ${GARMIN_SSO_PORTAL}/sso/en-US/sign-in?clientId=GarminConnect&service=https%3A%2F%2Fconnect.garmin.com%2Fmodern;
export const LOGIN_URL = ${GARMIN_SSO_PORTAL}/api/login?clientId=GarminConnect&locale=en-US&service=https%3A%2F%2Fconnect.garmin.com%2Fmodern%2F;

Then I found is that when I copied this call: 'https://connect.garmin.com/modern/preference/[GUID]' to postman and change url to 'https://connect.garmin.com/modern/currentuser-service/user/info' I successfully got user info data. Using the library is not possible. Maybe some cookie is missing or so.

@gooin
Copy link
Contributor

gooin commented Sep 27, 2023
edited
Loading

Garmin has changed the login authentication method, and the previous method is no longer work. I found a great library: Garth (thanks author's hard work), but it is written in Python. I have tried to implement its approach using JavaScript, and it works. I am currently attempting to use its method to modify this library. Once completed, I will submit a merge request.

@gooin
Copy link
Contributor

gooin commented Sep 27, 2023

Here is a initial version where I have rewritten the login method in GarminConnect.ts. In the last step of the login method, I successfully logged in and obtained a token. The next step is to refactor other methods based on this token.
Note: the OAUTH_CONSUMER constant in GarminConnect.ts is from Garth's this line
Here is my commit:
gooin@5d98de1

@Abasz
Copy link

Abasz commented Oct 1, 2023
edited
Loading

I have tested this code, and it worked well. I was able to query list of activities, download, edit the activity, etc. Thanks for sharing.

I have one question: I suppose this implementation does not handle MFA right? I can see that the accept-mfa-tokens param is set to true on step 4 but, but I dont see any kind of handler for it.

Also, maintainer of Garth recommends fetching the consumer key/secret rather than hard coding it, I suppose it could change philosowaffle/peloton-to-garmin#524 (comment)

@gooin
Copy link
Contributor

gooin commented Oct 1, 2023

I have one question: I suppose this implementation does not handle MFA right? I can see that the accept-mfa-tokens param is set to true on step 4 but, but I dont see any kind of handler for it.

For a quick test, MFA is ignored, and consumer key is also hard coded , so I need time to polish it :-)

@tderflinger tderflinger mentioned this issue Oct 1, 2023
Closed
@gooin
Copy link
Contributor

gooin commented Oct 2, 2023
edited
Loading

I have added a PR to fix most features, waiting for author review and merge it. See #56. I will publish a temporary package to npm, https://www.npmjs.com/package/@gooin/garmin-connect, hope this can help you. @Abasz

@Abasz
Copy link

Abasz commented Oct 4, 2023

I have added a PR to fix most features, waiting for author review and merge it. See #56. I will publish a temporary package to npm, https://www.npmjs.com/package/@gooin/garmin-connect, hope this can help you. @Abasz

Thanks! It helped a lot, I have updated both my .NET and TS projects :)

@mjpoo
Copy link
Author

mjpoo commented Oct 19, 2023

Hi @Pythe1337N Do you have any plans to integrate the fixes that @gooin came up with?

@Pythe1337N
Copy link
Owner

Thanks for all the effort put into this package and sorry for being unresponsive. I'll check #56 and do a release asap.

@mjpoo
Copy link
Author

mjpoo commented Oct 19, 2023

Thanks @Pythe1337N that is very much appreciated.

@Pythe1337N
Copy link
Owner

Changes from #56 are now merged and released!
Enjoy
https://www.npmjs.com/package/garmin-connect/v/1.6.0

@gooin
Copy link
Contributor

gooin commented Oct 19, 2023

Changes from #56 are now merged and released! Enjoy https://www.npmjs.com/package/garmin-connect/v/1.6.0

Thanks @Pythe1337N happy to see this merged~

@mjpoo
Copy link
Author

mjpoo commented Oct 19, 2023

Many thanks to everyone who helped fix this. I can confirm it fixed the issue.

@mjpoo mjpoo closed this as completed Oct 19, 2023
@pauly
Copy link

pauly commented Oct 20, 2023
edited
Loading

This did completely change the interface though didn't it? I'm no longer sure how to use this.
I saw the message "getSteps() is not implemented", I thought it was just not implemented yet. also GCClient.get() is gone. Was this intentional?
I do appreciate that you made this and updated it, and obviously with no input from me.
It was mostly get() that I was using, I will try and work it out and submit a pr, thanks.

@loic294
Copy link
Contributor

loic294 commented Oct 20, 2023

@pauly I opened a PR to fix the "getSteps" #58. @Pythe1337N Can you take a look when you have time?

@Pythe1337N
Copy link
Owner

Pythe1337N commented Oct 20, 2023
edited
Loading

@pauly general methods seems to be missing, yes. I think you can use GCClient.client.get or copy these lines into a PR:

garmin-connect/src/garmin/GarminConnect.ts

Line 610 in 39ae27e

async get<T>(url: string, data?: any) {

Not sure if the session handling is still required though

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@pauly @loic294 @mjpoo @gooin @wscourge @Abasz @Pythe1337N @lukasz-mordawski