https://heroesofthestorm.com/en-us/blog/20152210/introducing-the-one-button-authenticator-6-16-2016/

jleclanche,

I'm trying to use the --restore parameter to determine the secret key for my previously existing authenticator but I'm getting a 302 status. Here's what I'm seeing...

root@BNA:~/python-bna/bin# python3 bna --restore [SERIAL] [RESTORE CODE]
Traceback (most recent call last):
  File "bna", line 295, in <module>
    exit(main())
  File "bna", line 291, in main
    return authenticator.run()
  File "bna", line 242, in run
    self.restore_serial(*self.args.restore)
  File "bna", line 127, in restore_serial
    secret = bna.restore(serial, code)
  File "/root/python-bna/bin/../bna.py", line 222, in restore
    challenge = initiate_paper_restore(serial)
  File "/root/python-bna/bin/../bna.py", line 260, in initiate_paper_restore
    return get_server_response(serial, host, path)
  File "/root/python-bna/bin/../bna.py", line 63, in get_server_response
    raise HTTPError("%s returned status %i" % (host, response.status), response)
bna.HTTPError: mobile-service.blizzard.com returned status 302

It looks like the script isn't handling a site redirection when restoring.

The point of all this is I would like to expose the secret for an authenticator that I can use with another TOTP application, specifically the TOTP plugin for KeePass. I tried doing this with a newly generated authenticator (using your app) but couldn't get the secret to work with that plugin.

Thoughts?

Thanks for your work on this.

hi, when i try to restore my token with bna, it show me below warning. is my operation isn't correct?

 bna restore serial code.

the error is here;

Traceback (most recent call last):
  File "/usr/local/bin/bna", line 4, in <module>
    __import__('pkg_resources').run_script('bna==4.1.0', 'bna')
  File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 658, in run_script
    self.require(requires)[0].run_script(script_name, ns)
  File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 1445, in run_script
    exec(script_code, namespace, namespace)
  File "/usr/local/lib/python3.6/dist-packages/bna-4.1.0-py3.6.egg/EGG-INFO/scripts/bna", line 281, in <module>
  File "/usr/lib/python3/dist-packages/click/core.py", line 722, in __call__
    return self.main(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/click/core.py", line 697, in main
    rv = self.invoke(ctx)
  File "/usr/lib/python3/dist-packages/click/core.py", line 1066, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/usr/lib/python3/dist-packages/click/core.py", line 895, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/usr/lib/python3/dist-packages/click/core.py", line 535, in invoke
    return callback(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/click/decorators.py", line 17, in new_func
    return f(get_current_context(), *args, **kwargs)
  File "/usr/local/lib/python3.6/dist-packages/bna-4.1.0-py3.6.egg/EGG-INFO/scripts/bna", line 225, in restore
  File "/usr/local/lib/python3.6/dist-packages/bna-4.1.0-py3.6.egg/bna/http.py", line 111, in restore
  File "/usr/local/lib/python3.6/dist-packages/bna-4.1.0-py3.6.egg/bna/http.py", line 127, in validate_paper_restore
  File "/usr/local/lib/python3.6/dist-packages/bna-4.1.0-py3.6.egg/bna/http.py", line 31, in get_server_response
bna.http.HTTPError: mobile-service.blizzard.com returned status 500

When attempting to register a new authenticator using bna new the given serial is not valid:

I've retried several times. The response from blizzard (export from dev tools):

{
    "timestamp": 1644569040108,
    "status": 999,
    "error": "None",
    "errors": [
        {
            "codes": [
                "Pattern.attachAuthenticatorCommand.serialNumber",
                "Pattern.serialNumber",
                "Pattern.java.lang.String",
                "Pattern"
            ],
            "arguments": [
                {
                    "codes": [
                        "attachAuthenticatorCommand.serialNumber",
                        "serialNumber"
                    ],
                    "arguments": null,
                    "defaultMessage": "serialNumber",
                    "code": "serialNumber"
                },
                [],
                {
                    "arguments": null,
                    "defaultMessage": "[A-Za-z0-9]{3,128}",
                    "codes": [
                        "[A-Za-z0-9]{3,128}"
                    ]
                }
            ],
            "defaultMessage": "error.authenticator.invalidSerial",
            "objectName": "attachAuthenticatorCommand",
            "field": "serialNumber",
            "rejectedValue": "EU-2202-1199-4827",
            "bindingFailure": false,
            "code": "Pattern"
        }
    ]
}

Reading the error more closely led me to try entering the serial number without dashes; this worked!

python3 bna
Traceback (most recent call last):
  File "/usr/local/bin/bna", line 4, in <module>
    __import__('pkg_resources').run_script('bna==4.1.0', 'bna')
  File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 739, in run_script
    self.require(requires)[0].run_script(script_name, ns)
  File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 1500, in run_script
    script_code = compile(script_text, script_filename, 'exec')
  File "/usr/local/lib/python3.5/dist-packages/bna-4.1.0-py3.5.egg/EGG-INFO/scripts/bna", line 66
    ctx.fail(f"No such authenticator: {serial}")
                                              ^
SyntaxError: invalid syntax

Why?

https://github.com/tadeck/onetimepass

When creating a new authenticator using bna new Blizzard assigns me a serial id in a "KR" region, which breaks this check.
I'm running this in Australia, but a workaround is using a VPN to place yourself in another country such as the US or UK.

It may be necessary for a "KR" region to be added to this list.

When I try to create a new authenticator I get the following error

Traceback (most recent call last):
  File "/usr/local/bin/bna", line 235, in <module>
    main()
  File "/usr/local/bin/bna", line 232, in main
    authenticator = Authenticator(sys.argv[1:])
  File "/usr/local/bin/bna", line 39, in __init__
    self.queryNewAuthenticator(args)
  File "/usr/local/bin/bna", line 145, in queryNewAuthenticator
    serial, secret = bna.requestNewSerial(self.args.region)
  File "/usr/local/lib/python2.7/dist-packages/bna.py", line 102, in requestNewSerial
    response = decrypt(enroll(e, host)[8:], otp)
  File "/usr/local/lib/python2.7/dist-packages/bna.py", line 64, in enroll
    return getServerResponse(data, host, path)
  File "/usr/local/lib/python2.7/dist-packages/bna.py", line 53, in getServerResponse
    conn.request("POST", path, data)
  File "/usr/lib/python2.7/httplib.py", line 1039, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python2.7/httplib.py", line 1073, in _send_request
    self.endheaders(body)
  File "/usr/lib/python2.7/httplib.py", line 1035, in endheaders
    self._send_output(message_body)
  File "/usr/lib/python2.7/httplib.py", line 879, in _send_output
    self.send(msg)
  File "/usr/lib/python2.7/httplib.py", line 841, in send
    self.connect()
  File "/usr/lib/python2.7/httplib.py", line 822, in connect
    self.timeout, self.source_address)
  File "/usr/lib/python2.7/socket.py", line 571, in create_connection
    raise err
socket.error: [Errno 111] Connection refused

Hello!

If I run bna show-url then the URL is missing : between the serial number and the ?:

$ bna show-url
otpauth://totp/Blizzard:EU123412341234?secret=ASFAS75ASDF75889G9AD7S69AS7697AS&issuer=Blizzard&digits=8

This URL results in an invalid QR code if generated via qrencode. The URL in the readme is correct, though.

Best Regards
Josef

PS: the readme is incorrect about the QR code genration. The readme still shows bna --otpauth-url which should be changed to bna show-url.

Hi there,
I'm trying to generate an OTP URL to replace the Blizzard Authenticator, but whenever I try the commands recommended in the README, I get this error

root@ubuntu:~/python-bna# bna --otpauth-url otpauth://totp/Battle.net:EU111111111111:?secret=ASFAS75ASDF75889G9AD7S69AS7697AS&issuer=Battle.net&digits=8
[1] 40979
[2] 40980
root@ubuntu:~/python-bna# Error: No such serial: 'OTPAUTH://TOTP/BATTLE.NET:EU111111111111:?SECRET=ASFAS75ASDF75889G9AD7S69AS7697AS'

[1]-  Exit 1                  bna --otpauth-url otpauth://totp/Battle.net:EU111111111111:?secret=ASFAS75ASDF75889G9AD7S69AS7697AS
[2]+  Done                    issuer=Battle.net

(I'm writing my correct serial, í've just edited it for here)

I tried it both on the Windows Subsystem for Linux and a real Ubuntu machine, but with no success. Am I doing something wrong? I already did the restore command, and that passed successfully.

Specifically, it crashes when an attempt is made to xor strings in the function decrypt(response, opt):

ret.append(c ^ e) # LINE 90: Bytes aren't supported in python 2.7

It'll probably also crash anywhere it uses the bytes(...) function.

Hi,

I'm packaging it for Fedora, hope you can add the license file into the tarball so we can make our life easier.

Thanks.

Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1001028

I'm using python 2.6.5 on ubuntu 10.04

Executing the following bna -n && bna with an empty config file gives the following error:

Traceback (most recent call last):
  File "/usr/local/bin/bna", line 217, in <module>
    main()
  File "/usr/local/bin/bna", line 214, in main
    authenticator = Authenticator(sys.argv[1:])
  File "/usr/local/bin/bna", line 68, in __init__
    self._secret = unhexlify(self._secret)
TypeError: a2b_hex() argument 1 must be string or read-only buffer, not bytearray

Making the following change at line 65:

• self._secret = self.getSecret(serial)
• self._secret = self.getSecret(serial).decode("utf-8")

seems to fix the issue.

I was trying to get bna to generate a URL, to create a QR code so I could add it to AndOTP.

However, the QR code wouldn't scan. AndOTP ('Invalid QR code'), Authy ('Invalid format, token format not supported') or FreeOTP ('The token specified was invalid') could use the QR code because of a missing colon. Google Authenticator scans it without issue.

The spec doesn't specify the colon is required.

As soon as the colon is added it works. The colon is present in the example in README.md under 'Getting an OTPAuth URL'.

Steps to reproduce:

1. Setup bna
2. Run bna show-url
3. You'll notice the code is missing the colon before the question mark. This means you can't import this URL into common TOTP apps.

For example: otpauth://totp/Blizzard:SERIAL?secret=SERCRET&issuer=Blizzard&digits=8
Should be: otpauth://totp/Blizzard:SERIAL:?secret=SERCRET&issuer=Blizzard&digits=8

You can verify this:

1. Install a QR code generator pip3 install qrcode[pil]
2. Run qr "PASTEURLHERE"
3. Try and scan the QR code. You'll notice you get an error.
4. Repeat step 2, but add the missing colon.
5. Try and scan the QR code. You'll notice it works this time.

I’m having a hard time. I am using the mobile Authenticator. I fed my provided serial number and the restore code into the bna python binary, and am getting an error that the serial or restore are incorrect.

I also tried feeding these things into another third party Authenticator and even that is saying that the codes are invalid. I’m curious if blizzard has changed something behind the scenes.

The official first party app is giving me codes but I want to be able to replicate/clone this just in case

Transcript of a Windows terminal session:

18:15 c:\etc\python>python --version
Python 3.12.0

18:16 c:\etc\python>pip install bna
Collecting bna
  Using cached bna-5.1.0-py3-none-any.whl (10 kB)
Requirement already satisfied: click<9.0.0,>=8.0.3 in c:\etc\python312\lib\site-packages (from bna) (8.1.7)
Requirement already satisfied: pyotp<3.0.0,>=2.6.0 in c:\etc\python312\lib\site-packages (from bna) (2.9.0)
Requirement already satisfied: colorama in c:\etc\python312\lib\site-packages (from click<9.0.0,>=8.0.3->bna) (0.4.6)
Installing collected packages: bna
Successfully installed bna-5.1.0

[notice] A new release of pip is available: 23.2.1 -> 23.3.2
[notice] To update, run: python.exe -m pip install --upgrade pip

18:16 c:\etc\python>bna new
Traceback (most recent call last):
  File "<frozen runpy>", line 198, in _run_module_as_main
  File "<frozen runpy>", line 88, in _run_code
  File "C:\Etc\Python312\Scripts\bna.exe\__main__.py", line 4, in <module>
  File "C:\Etc\Python312\Lib\site-packages\bna\__init__.py", line 10, in <module>
    import pkg_resources
ModuleNotFoundError: No module named 'pkg_resources'

18:16 c:\etc\python>

Note that trying to install the missing module fails:

18:16 c:\etc\python>pip install pkg_resources
ERROR: Could not find a version that satisfies the requirement pkg_resources (from versions: none)
ERROR: No matching distribution found for pkg_resources

[notice] A new release of pip is available: 23.2.1 -> 23.3.2
[notice] To update, run: python.exe -m pip install --upgrade pip

18:19 c:\etc\python>

Is this project still supported? Not sure how much you can do if the battlenet endpoints got changed, but maybe someone has an idea.

Traceback (most recent call last):
  File "/home/maximilian/.local/bin/bna", line 8, in <module>
    sys.exit(main())
  File "/home/maximilian/.local/lib/python3.8/site-packages/click/core.py", line 1130, in __call__
    return self.main(*args, **kwargs)
  File "/home/maximilian/.local/lib/python3.8/site-packages/click/core.py", line 1055, in main
    rv = self.invoke(ctx)
  File "/home/maximilian/.local/lib/python3.8/site-packages/click/core.py", line 1657, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/home/maximilian/.local/lib/python3.8/site-packages/click/core.py", line 1404, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/home/maximilian/.local/lib/python3.8/site-packages/click/core.py", line 760, in invoke
    return __callback(*args, **kwargs)
  File "/home/maximilian/.local/lib/python3.8/site-packages/click/decorators.py", line 26, in new_func
    return f(get_current_context(), *args, **kwargs)
  File "/home/maximilian/.local/lib/python3.8/site-packages/bna/cli.py", line 222, in restore
    secret = bna.restore(serial, restore_code)
  File "/home/maximilian/.local/lib/python3.8/site-packages/bna/http.py", line 129, in restore
    challenge = client.initiate_paper_restore(serial)
  File "/home/maximilian/.local/lib/python3.8/site-packages/bna/http.py", line 48, in initiate_paper_restore
    response = self.post("/enrollment/initiatePaperRestore.htm", data=serial)
  File "/home/maximilian/.local/lib/python3.8/site-packages/bna/http.py", line 32, in post
    raise HTTPError(
bna.http.HTTPError: mobile-service.blizzard.com returned status 502

Following a guide from aegis : https://github.com/beemdevelopment/Aegis/wiki
I'm unable to complete it, neither does reading how to use it from this repo
step 2 : "bna new" gives nothing
I did the pip install successfully
(pip3 list shows bna, click & pyotp)
I tried through regular windows command line & through python itself
I also did a search for "bna" and I only find it in libraries e.g. .\Python38\Lib\site-packages\bna*.py

I guess I'm too much of a newbie maybe ?

Thanks.

Line 136, self.config.set(serial, "secret", secret) fails on windows 10, python 3.7.3.

Quite a lot has changed already since 4.1.0:

CLI

• Storing secrets as base32 now, instead of hex. Old hex-formatted secrets are converted accordingly.
• Added dependency on PyOTP (#10), now using PyOTP to generate codes and otpauth uri
• Renamed all instances of Battle.net to Blizzard
• Fixed #12

API

• Split up bna.py into multiple modules under bna/
• Added typings
• Switched to consistent use of base32 whenever passing secrets (no longer expecting bytes)
• Dropped support for Python < 3.6
• Dropped get_token() (use PyOTP instead)

I want to switch the app to use click as well, and then I'll make a 5.0 release.

Attempting to restore crashes:

$ bna --restore EU123412341234 12345678
Traceback (most recent call last):
  File "/home/hugo/.local/share/virtualenvs/tmp/bin/bna", line 313, in <module>
    exit(main())
  File "/home/hugo/.local/share/virtualenvs/tmp/bin/bna", line 309, in main
    return authenticator.run()
  File "/home/hugo/.local/share/virtualenvs/tmp/bin/bna", line 251, in run
    serial, secret = self.restore_serial(*self.args.restore)
  File "/home/hugo/.local/share/virtualenvs/tmp/bin/bna", line 132, in restore_serial
    secret = bna.restore(serial, code)
  File "/home/hugo/.local/share/virtualenvs/tmp/lib/python3.5/site-packages/bna.py", line 224, in restore
    raise ValueError("invalid restore code (should be 10 bytes): %r" % (code))
ValueError: invalid restore code (should be 10 bytes): '12345678'

Including the dashes from the serial seems to make no difference:

$ bna --restore EU-1234-1234-1234 12345678
Traceback (most recent call last):
  File "/home/hugo/.local/share/virtualenvs/tmp/bin/bna", line 313, in <module>
    exit(main())
  File "/home/hugo/.local/share/virtualenvs/tmp/bin/bna", line 309, in main
    return authenticator.run()
  File "/home/hugo/.local/share/virtualenvs/tmp/bin/bna", line 251, in run
    serial, secret = self.restore_serial(*self.args.restore)
  File "/home/hugo/.local/share/virtualenvs/tmp/bin/bna", line 132, in restore_serial
    secret = bna.restore(serial, code)
  File "/home/hugo/.local/share/virtualenvs/tmp/lib/python3.5/site-packages/bna.py", line 224, in restore
    raise ValueError("invalid restore code (should be 10 bytes): %r" % (code))
ValueError: invalid restore code (should be 10 bytes): '12345678'

Relevant information:

$ python --version
Python 3.5.2
$ pip freeze
bna==4.1.0

I tried installing via pip, or the latest from master, and always got the same result.

I was really hoping this would be a good way to have a pc-based auth backup, since using my phone does not always suit my physical needs. So I used my mobile app's restore code and serial to "restore" it to bna, but none of the codes from it work. They're not the same as the mobile app nor do they work at all. I just get, "That authenticator code is invalid." But I didn't have any problem or errors setting it up. The restore code and serial look perfect and it spits out codes on command, just none of them work.

$ bna --version
bna, version 5.0.2
$ pip --version
pip 21.0.1 from /usr/lib/python3.8/site-packages/pip (python 3.8)
$ uname -a
Linux penguin-pc 5.10.27-gentoo #2 SMP PREEMPT Sat May 1 16:52:28 MST 2021 x86_64 AMD Ryzen 9 3900XT 12-Core Processor AuthenticAMD GNU/Linux

At first, bna new did not work, at all, as described in #20 . I tried to trick Python a bit, so I ran bna new --set-default. Then it broke by pulling up the old interface back. Now I could initialize a new authenticator with bna -n followed by bna EU-****-****-****.

# Before:
bna --help
Usage: bna [OPTIONS] COMMAND [ARGS]...

Options:
  --config TEXT  Path to a different config file to use
  --version      Show the version and exit.
  --help         Show this message and exit.

Commands:
  delete             Delete an authenticator from the configuration
  list               List all configured authenticators
  new                Request a new authenticator
  restore            Recover an authenticator from its restore code
  set-default        Set an authenticator as the default one to use for...
  show               Show the current authenticator code
  show-restore-code  Display an authenticator's restore code
  show-secret        Display an authenticator's secret
  show-url           Display an authenticator's OTPAuth URL (for QR codes)
# These do not work.

# After:
bna --help
usage: bna [-h] [-n] [--config CONFIG] [-d] [-i] [-l] [-r REGION]
           [--remaining] [--restore SERIAL CODE] [--restore-code]
           [--otpauth-url] [--set-default] [-v]
           [serial]

positional arguments:
  serial

optional arguments:
  -h, --help            show this help message and exit
  -n, --new             request a new authenticator
  --config CONFIG       specify config file to use
  -d, --delete          delete a stored serial and its matching secret
  -i, --interactive     interactive mode: updates the token as soon as it
                        expires
  -l, --list            list all your active serials and exit
  -r REGION, --region REGION
                        desired region for new authenticators
  --remaining           also print the remaining time until the token expires
  --restore SERIAL CODE
                        restores an existing authenticator
  --restore-code        prints a serial's restore code and exit
  --otpauth-url         Print standard otpauth URL for use with OTP apps
  --set-default         set authenticator as default (also works when
                        requesting a new authenticator)
  -v, --version         show program's version number and exit
# These do actually work.

Running the command "bna new" results in the following output

PS C:\Users\home> bna new
Traceback (most recent call last):
File "", line 198, in _run_module_as_main
File "", line 88, in run_code
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Scripts\bna.exe_main.py", line 7, in
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\site-packages\click\core.py", line 1157, in call
return self.main(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\site-packages\click\core.py", line 1078, in main
rv = self.invoke(ctx)
^^^^^^^^^^^^^^^^
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\site-packages\click\core.py", line 1688, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\site-packages\click\core.py", line 1434, in invoke
return ctx.invoke(self.callback, **ctx.params)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\site-packages\click\core.py", line 783, in invoke
return __callback(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\site-packages\click\decorators.py", line 33, in new_func
return f(get_current_context(), *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\site-packages\bna\cli.py", line 180, in new
serial, secret = bna.request_new_serial(region)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\site-packages\bna\http.py", line 86, in request_new_serial
response = client.enroll(encrypted_data)[8:]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\site-packages\bna\http.py", line 41, in enroll
return self.post("/enrollment/enroll.htm", data=data)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\site-packages\bna\http.py", line 28, in post
conn.request("POST", path, data)
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\http\client.py", line 1286, in request
self._send_request(method, url, body, headers, encode_chunked)
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\http\client.py", line 1332, in _send_request
self.endheaders(body, encode_chunked=encode_chunked)
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\http\client.py", line 1281, in endheaders
self._send_output(message_body, encode_chunked=encode_chunked)
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\http\client.py", line 1041, in _send_output
self.send(msg)
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\http\client.py", line 979, in send
self.connect()
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\http\client.py", line 945, in connect
self.sock = self._create_connection(
^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\socket.py", line 827, in create_connection
for res in getaddrinfo(host, port, 0, SOCK_STREAM):
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\home\AppData\Local\Programs\Python\Python311\Lib\socket.py", line 962, in getaddrinfo
for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
socket.gaierror: [Errno 11001] getaddrinfo failed

Using latest commit 1e95483, see below:

chris@virtualBoxUbuntu:~/python-bna$ echo $PYTHONPATH
/home/chris/.local/lib/python3.7/site-packages:
chris@virtualBoxUbuntu:~/python-bna$ python3.7 --version
Python 3.7.1
chris@virtualBoxUbuntu:~/python-bna$ python3.7 ./bin/bna restore AA-1111-2222-3333 ABCDEFGHIJ
Traceback (most recent call last):
File "./bin/bna", line 281, in
main()
File "/home/chris/.local/lib/python3.7/site-packages/click/core.py", line 764, in call
return self.main(*args, **kwargs)
File "/home/chris/.local/lib/python3.7/site-packages/click/core.py", line 717, in main
rv = self.invoke(ctx)
File "/home/chris/.local/lib/python3.7/site-packages/click/core.py", line 1137, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/home/chris/.local/lib/python3.7/site-packages/click/core.py", line 956, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/home/chris/.local/lib/python3.7/site-packages/click/core.py", line 555, in invoke
return callback(*args, **kwargs)
File "/home/chris/.local/lib/python3.7/site-packages/click/decorators.py", line 17, in new_func
return f(get_current_context(), *args, **kwargs)
File "./bin/bna", line 229, in restore
ctx.obj.add_serial(serial, secret, set_default=set_default)
File "./bin/bna", line 89, in add_serial
self.set_secret(serial, secret)
File "./bin/bna", line 136, in set_secret
self.config.set(serial, "secret", secret)
File "/usr/lib/python3.7/configparser.py", line 1197, in set
self._validate_value_types(option=option, value=value)
File "/usr/lib/python3.7/configparser.py", line 1182, in _validate_value_types
raise TypeError("option values must be strings")
TypeError: option values must be strings

          ## Here is another way without having to use the Battle.net App 

1. Retrieve SSO Token:

• Go to https://account.battle.net/login/en/?ref=localhost. After logging in, ignore the 404 Error, but copy the token following ST= from the URL.
  • Example: EU-84902f44j57m687039586j7egdfa0a54-1165739690

2. Get Bearer Token:

• Replace <SSO_TOKEN> with the token you got from step 1 and execute the following curl command to obtain the Bearer Token:

  curl -X 'POST' \
  'https://oauth.battle.net/oauth/sso' \
  -H "content-type: application/x-www-form-urlencoded; charset=utf-8" \
  -d "client_id=baedda12fe054e4abdfc3ad7bdea970a&grant_type=client_sso&scope=auth.authenticator&token=<SSO_TOKEN>"

  • Response:

    {"access_token":"XXX","token_type":"bearer","expires_in":0,"scope":"auth.authenticator","sub":"XXX"}

• Copy the Bearer Token to use in steps 3, 4. or 5.

3. Get Serial & Restore Codes:

• Use the Bearer Token to fetch the Serial and Restore Codes of an existing authenticator:

  curl -X 'GET' \
  'https://authenticator-rest-api.bnet-identity.blizzard.net/v1/authenticator' \
  -H 'accept: application/json' \
  -H "Authorization: Bearer <BEARER_TOKEN>"

  • Response:

    {"Restore Code": "XXX", "Serial Number": "XXX"}

4. Get Existing Authenticator Device Secret:

• Use the Bearer Token, Serial, and Restore codes to retrieve the Device Secret of an Existing Authenticator:

  curl -X 'POST' \
  'https://authenticator-rest-api.bnet-identity.blizzard.net/v1/authenticator/device' \
  -H 'accept: application/json' \
  -H 'Content-Type: application/json' \
  -H "Authorization: Bearer <BEARER_TOKEN>" \
  -d '{
    "restoreCode": "<RESTORE_CODE>",
    "serial": "<SERIAL>"
  }'

  • Response:

    {"serial":"XXX","restoreCode":"XXX","deviceSecret":"XXX","timeMs":0,"requireHealup":false}

5. Create and Add a New Authenticator:

• Use the Bearer Token to create and add a new authenticator to the users account :

  curl -X 'POST' \
  'https://authenticator-rest-api.bnet-identity.blizzard.net/v1/authenticator' \
  -H 'accept: application/json' \
  -H "Authorization: Bearer <BEARER_TOKEN>" \
  -d ''

  • Response:

    {"serial":"XXX","restoreCode":"XXX","deviceSecret":"XXX","timeMs":0,"requireHealup":false}

6. Add Authenticator to Password Manager.

• After you have obtianed the deviceSecret convert it from hex to base32 using echo "deviceSecret" | xxd -r -p | base32 on Linux/macOS or cryptii.com if on Windows

• Replace deviceSecret in the following URL: otpauth://totp/Battle.net?secret=deviceSecret&digits=8 with the newly obtained base32 device secret, and you should have a working TOTP.

Originally posted by @BillyCurtis in #38 (comment)

this is logs

 Traceback (most recent call last):
  File "/usr/local/bin/bna", line 4, in <module>
    __import__('pkg_resources').run_script('bna==5.0.0', 'bna')
  File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 666, in run_script
    self.require(requires)[0].run_script(script_name, ns)
  File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 1453, in run_script
    exec(script_code, namespace, namespace)
  File "/usr/local/lib/python3.7/dist-packages/bna-5.0.0-py3.7.egg/EGG-INFO/scripts/bna", line 281, in <module>
  File "/home/wszl/.local/lib/python3.7/site-packages/click/core.py", line 829, in __call__
    return self.main(*args, **kwargs)
  File "/home/wszl/.local/lib/python3.7/site-packages/click/core.py", line 782, in main
    rv = self.invoke(ctx)
  File "/home/wszl/.local/lib/python3.7/site-packages/click/core.py", line 1259, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/home/wszl/.local/lib/python3.7/site-packages/click/core.py", line 1066, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/home/wszl/.local/lib/python3.7/site-packages/click/core.py", line 610, in invoke
    return callback(*args, **kwargs)
  File "/home/wszl/.local/lib/python3.7/site-packages/click/decorators.py", line 21, in new_func
    return f(get_current_context(), *args, **kwargs)
  File "/usr/local/lib/python3.7/dist-packages/bna-5.0.0-py3.7.egg/EGG-INFO/scripts/bna", line 225, in restore
  File "/usr/local/lib/python3.7/dist-packages/bna-5.0.0-py3.7.egg/bna/http.py", line 125, in restore
  File "/usr/local/lib/python3.7/dist-packages/bna-5.0.0-py3.7.egg/bna/http.py", line 46, in initiate_paper_restore
  File "/usr/local/lib/python3.7/dist-packages/bna-5.0.0-py3.7.egg/bna/http.py", line 32, in post
bna.http.HTTPError: mobile-service.battlenet.com.cn returned status 502

please help me

I'm putting in my EU-XXXX-YYYY-ZZZZ number and am getting this error on Battle.net, am I doing something wrong?