Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sudden issue with "Refresh Strava Credentials" #8

Open
spongebyte opened this issue Nov 3, 2024 · 3 comments
Open

sudden issue with "Refresh Strava Credentials" #8

spongebyte opened this issue Nov 3, 2024 · 3 comments

Comments

@spongebyte
Copy link

Hi, I've been using your tool for a few months flawlessly.
I did not modify anything in the code and my credentials have remained the same for a while.
The "Refresh Strava Credentials" action just failed with the following:

Fetch credentials

Run eval "$(./scripts/refresh_strava_credentials.ts)"
error: Uncaught (in promise) Error: Could not acquire login form authenticity token.
  throw new Error("Could not acquire login form authenticity token.");
        ^
    at file:///home/runner/work/strava-heatmap-proxy/strava-heatmap-proxy/scripts/refresh_strava_credentials.ts:24:9
    at eventLoopTick (ext:core/01_core.js:175:7)
Warning: Can't add secret mask for empty string in ##[add-mask] command.
Warning: Can't add secret mask for empty string in ##[add-mask] command.

Write Strava creds to Cloudflare

Run cloudflare/wrangler-action@v3
🔍 Checking for existing Wrangler installation
📥 Installing Wrangler
🔑 Uploading secrets...
Error: Failed to upload secrets.
Error: 🚨 Action failed
@erik
Copy link
Owner

erik commented Nov 3, 2024

I've noticed the same on my own instance. Looks like they introduced AWS WAF on the login page to prevent scraping, which blocks the simple fetch-based implementation that worked before. Might be possible to get around by using Playwright/scrapy/something, but for now you'll have to update the credentials manually (you can log in from your browser and pull them from there)

Some details on the OSM Wiki for how to pull this https://wiki.openstreetmap.org/wiki/Strava#Manually

@spongebyte
Copy link
Author

Thanks for your response.
I understand I need to force-feed my STRAVA_ID (content of the strava_remember_id cookie) and STRAVA_COOKIES to (";"-joined concatenation of name=value with names being _strava4_session, CloudFront-Key-Pair-Id, CloudFront-Policy, and CloudFront-Signature) to the GH "Refresh Strava Credentials".
I'm just confused as to how to do that. I would greatly appreciate your guidance here.
Thank you 🙏

@Tijs-B
Copy link

Tijs-B commented Nov 14, 2024
edited
Loading

I'll chime in quickly: just open your devtools while having the strava global heatmap open while logged in. Then, in the network tab, find a network request towards heatmap-external-a.strava.com or heatmap-external-b.strava.com, and copy the complete value of the Cookie header. Put that value in the STRAVA_COOKIES secret in the settings of the worker in Cloudflare. The STRAVA_ID field can stay the same, I think.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@erik @Tijs-B @spongebyte