simon-weber/gpsoauth

AttributeError: module 'urllib3.util.ssl_' has no attribute 'DEFAULT_CIPHERS'

artickl opened this issue · 4 comments

When I'm running get_tokens.py which is using gpsoauth, the issue with ssl_.DEFAULT_CIPHERS occur in line:

context.set_ciphers(ssl_.DEFAULT_CIPHERS)

Traceback (most recent call last):
  File "/home/artickl/git/github/gist/get_tokens.py", line 90, in <module>
    master_token = get_master_token(USERNAME, PASSWORD, device_id)
  File "/home/artickl/git/github/gist/get_tokens.py", line 22, in get_master_token
    res = perform_master_login(username, password, android_id)
  File "/home/artickl/.local/lib/python3.9/site-packages/gpsoauth/__init__.py", line 143, in perform_master_login
    return _perform_auth_request(data, proxy)
  File "/home/artickl/.local/lib/python3.9/site-packages/gpsoauth/__init__.py", line 78, in _perform_auth_request
    session.mount(AUTH_URL, AuthHTTPAdapter())
  File "/home/artickl/.local/lib/python3.9/site-packages/requests/adapters.py", line 155, in __init__
    self.init_poolmanager(pool_connections, pool_maxsize, block=pool_block)
  File "/home/artickl/.local/lib/python3.9/site-packages/gpsoauth/__init__.py", line 68, in init_poolmanager
    context.set_ciphers(ssl_.DEFAULT_CIPHERS)
AttributeError: module 'urllib3.util.ssl_' has no attribute 'DEFAULT_CIPHERS'
$ pip list
Package            Version
------------------ --------
async-timeout      4.0.2
certifi            2023.5.7
cffi               1.15.1
charset-normalizer 3.1.0
cryptography       41.0.1
ghome              0.0.3
glocaltokens       0.2.3
gpsoauth           1.0.2
grpcio             1.31.0
grpcio-tools       1.31.0
gyp                0.1
idna               3.4
ifaddr             0.2.0
pip                20.3.4
protobuf           3.20.3
pycparser          2.21
pycryptodomex      3.18.0
pyOpenSSL          23.2.0
python-nmap        0.7.1
requests           2.31.0
retrying           1.3.4
setuptools         52.0.0
simplejson         3.19.1
six                1.16.0
urllib3            2.0.2
wheel              0.34.2
zeroconf           0.63.0

This sounds like what #51 addresses. In the meantime you should be able to downgrade urllib3.

Thank you @simon-weber ! Solution worked!

Sorry for not checking existing pull requests, just checked open issues, but may be for somebody else it will be useful too.

$ pip3 install urllib3\<=2
Successfully installed urllib3-1.26.16

$ pip list urllib3
Package            Version
------------------ --------
async-timeout      4.0.2
certifi            2023.5.7
cffi               1.15.1
charset-normalizer 3.1.0
cryptography       41.0.1
ghome              0.0.3
glocaltokens       0.2.3
gpsoauth           1.0.2
grpcio             1.31.0
grpcio-tools       1.31.0
gyp                0.1
idna               3.4
ifaddr             0.2.0
pip                20.3.4
protobuf           3.20.3
pycparser          2.21
pycryptodomex      3.18.0
pyOpenSSL          23.2.0
python-nmap        0.7.1
requests           2.31.0
retrying           1.3.4
setuptools         52.0.0
simplejson         3.19.1
six                1.16.0
urllib3            1.26.16
wheel              0.34.2
zeroconf           0.63.0

$ python3 get_tokens.py

This script generates tokens that can be used when making requests to the Google Home Foyer API.
There are 2 kinds of tokens used here:

1. Master token - Is in the form `aas_et/***` and is long lived. Needs Google username and password.
2. Access token - Is in the form `ya29.***` and lasts for an hour. Needs Master token to generate.

If you do not want to store the Google account password in plaintext,
get the master token once, and set it as an override value.

It's safer/easier to generate an app password and use it instead of the actual password.
It still has the same access as the regular password, but still better than using the real password while scripting.
(https://myaccount.google.com/apppasswords)

[*] Getting master token...
[*] Master token: aas_et/************

[*] Getting access token...
[*] Access token: ya29.***************

[*] Done.

Looks like I was lucky before and this particular trick (downgrading urllib3) worked only because I had OpenSSL 1.1.1 there (Debian 11)

But on Ubuntu 22.04 with OpenSSL 3.0.2 running to #48 issue...

So, looks like currently no workaround for systems with OpenSSL 3...

I think this was fixed by #51 but I forgot to close it.

You're right that there's no fix for the openssl v3 issue yet. I haven't looked into it much but it doesn't look easy to debug.