2-factor login broke
madchap opened this issue · 20 comments
Hi,
It's been a while since I actually logged in with 2FA, but it used to work. I am guessing there was a change on Evernote's side? Here is what I have now with the latest pull.
$ geeknote login
Login: xxxxxxx
Password:
Two-Factor Authentication Code: 658323
>>> : Allow Access...Traceback (most recent call last):
File "/home/fblaise/.local/lib/python2.7/site-packages/geeknote/geeknote.py", line 1389, in main
>> : Allow Access... User().login(**ARGS)
File "/home/fblaise/.local/lib/python2.7/site-packages/geeknote/geeknote.py", line 40, in wrapper
return func(*args, **kwargs)
File "/home/fblaise/.local/lib/python2.7/site-packages/geeknote/geeknote.py", line 582, in login
if self.getEvernote().auth():
File "/home/fblaise/.local/lib/python2.7/site-packages/geeknote/geeknote.py", line 201, in auth
self.authToken = GNA.getToken()
File "/home/fblaise/.local/lib/python2.7/site-packages/geeknote/oauth.py", line 179, in getToken
self.allowAccess()
File "/home/fblaise/.local/lib/python2.7/site-packages/geeknote/oauth.py", line 288, in allowAccess
token = "&" + urlencode({ 'csrfBusterToken': tree.xpath("//input[@name='csrfBusterToken']/@value")[0]}) + "&" + urlencode({ 'csrfBusterToken': tree.xpath("//input[@name='csrfBusterToken']/@value")[1]})
IndexError: list index out of range
Thanks,
Best.
fred
Evernote has an application password section for when you can't use 2FA with an app. I didn't have any luck getting it to work (maybe it needs to be active for more than 5 minutes). Not the optimal solution but might be an OK workaround until it gets fixed.
If it is helpful: I discovered this same issue with a clean install and an old install (same problem on two different machines).
This is the version I am using (which is the master branch on github)
https://aur.archlinux.org/packages/geeknote-improved-git/
geeknote
Version: 2.0.10
Geeknote - a command line client for Evernote.
From the default master branch.
I also just tried the last release 2.0.9 (Nov 18th, 2016) Same thing.
I also just tested it against the 2.0.11 branch and same thing (attached is a screenshot)
Jeff, here is the debug log:
2017-04-17 01:41:35,611 geeknote main 1454 : App error: list index out of range
2017-04-17 01:49:24,126 geeknote wrapper 111 : Error: findNotebooks : EDAMUserException(errorCode=9, parameter='authenticationToken')
2017-04-17 01:50:27,166 geeknote main 1454 : App error: list index out of range
2017-04-17 01:58:53,759 oauth login 266 : Incorrect login or password
2017-04-17 01:58:53,760 oauth login 269 : Target URL was not found in the response on login
2017-04-17 02:57:52,538 geeknote main 1454 : App error: list index out of range
2017-04-17 03:19:06,822 geeknote main 1454 : App error: list index out of range
Leaving a comment here to mainly say I haven't forgotten about this bug, but Easter week-end made it ectic.
I reported the bug against a fresh install of master branch on a new machine, but had the same issue against an older build (on another machine) which worked just fine (Maybe 2.0.9); to test on the older build that worked, I actually logged out since I was logged in for months -- and could not re-login with the same error reported, which I why I first thought of a change Evernote side.
This is far from a fix, but to work around, one could substitute a developer token.
See oath.py, around line 172, and simply return a string with the dev token.
You can get your own dev token at https://www.evernote.com/api/DeveloperToken.action
def getToken(self):
# https://www.evernote.com/api/DeveloperToken.action
return "S=xx:U=xxx:E=xxxxxxxx:C=xxxxxxxxxxx:P=xxx:A=en-devtoken:V=2:H=xxxxxxxxxxxxxxxx"
Please do not commit a change with your dev token. It's private, like a password.
Hope this gets folks going while we search for a real fix.
Jeff, Thank you. Much appreciated!
+1, Thanks.
same problem here :(
Was bit by this bug as well. The code in oauth.py looks for the environment variable EVERNOTE_DEV_TOKEN. Setting that worked for me and should be more resilient to code changes than hardcoding it in the source file.
I've encounter the same problem and I found the problem is caused by this failure:
tree.xpath("//input[@name='csrfBusterToken']/@value")
This expression return a empty list.
And the recommendation prompted by @tjstankus and @jeffkowalski works.
It seems that the creation of developer tokens is currently disabled. Is that the only way to fix this still, besides disabling 2FA?
Not only the creation, and I don't know if that's a coincidence, but my dev token is no longer working... :-/
For those longingly hoping for the developer keys to come back...I think they have been disabled on a per user request basis (maybe it was being abused).
You have to create a support ticket, requesting that you require developer keys and that they be re-enabled for your account. I got a reply within 20 minutes with the feature re-enabled for my account (the link now allows me to create keys). Source: bordaigorl/sublime-evernote#194
One can then create an export EVERNOTE_DEV_TOKEN. It will then auto login with geeknote login.
Another option to get around this issue without requiring a developer key seems to be to disable 2FA, login to geeknote, and then allow geeknote as an "Application" in your Evernote settings, which I think should let you use geeknote for up to a year without having to re-log in. Then you can re-enable 2FA and geeknote should still work as long as you don't log out of it (logging back in will require a 2FA code).
Is there a permanent fix? I tried logging in with application password and it does not work either :-( I do not want to re-generate my 2fa tokens..