Skip to content

how to provision new Tapo plug devices? #565

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
agoode opened this issue Dec 3, 2023 · 8 comments · Fixed by #634 or #685
Closed

how to provision new Tapo plug devices? #565

agoode opened this issue Dec 3, 2023 · 8 comments · Fixed by #634 or #685

Comments

@agoode
Copy link

agoode commented Dec 3, 2023

When I run the latest git head on KP125M:

No host name given, trying discovery..
Discovering devices on 255.255.255.255 for 3 seconds
Found 0 devices
Found 1 devices that failed to authenticate
Tapo plug requires authentication.

Is there a way to provision from python-kasa like the previous devices? Is there a default username/password or some new protocol that must be reverse engineered (maybe bluetooth)?
@rytilahti
Copy link
Member

rytilahti commented Dec 4, 2023
edited
Loading

Hi, the support for the new protocols is very new and there are many things that are not yet implemented and/or known (#559). Apparently some devices do have a setup account (

python-kasa/kasa/klapprotocol.py

Line 87 in bfd1d6a

KASA_SETUP_EMAIL = "kasa@tp-link.net"
) but I couldn't get those working on a non-provisioned L530 bulb. Maybe @sdb9696 has some insights on that.

It is unclear how the provisioning works (e.g., if it involves bt, L530 opened a wifi accesspoint so I think it's still somehow over the wifi), or at least I haven't heard anything on that matter so far. So I suppose it just needs someone to sit down and figure it out how it works.

@rytilahti
Copy link
Member

rytilahti commented Dec 7, 2023
edited
Loading

According to https://k4czp3r.xyz/blog/post/reverse-engineering-tp-link-tapo the initial provisioning is indeed done over a bluetooth connection, so integrating support for that would be rather cumbersome (if there is no wifi-based APIs, which may very well exist). Just wanted to leave the link here in case someone wants to explore this path further.

@sdb9696
Copy link
Collaborator

sdb9696 commented Dec 7, 2023

@agoode are you passing your tplink cloud --username and --password as parameters to the CLI? It seems the KP125M devices are working with the new protocol changes so your error output above suggests you might not be.

If it still isn't working you could try git checkout on #569 and run kasa --username YOURUSERNAME --password YOURPASSWORD discover --show-discovery-results and send us the output (masked) if it still isn't working.

@agoode
Copy link
Author

agoode commented Dec 7, 2023

No, I want to do this without tplink cloud. With the old plugs, I could use kasa to provision out of the box without a connection to the internet. I am hoping there is a way to do this with the new ones also.

@sdb9696
Copy link
Collaborator

sdb9696 commented Dec 7, 2023

AFAIK you don’t need the internet to talk to the device but the device gets your TP-Link credentials from the cloud and saves them. The newer TPLink devices force you to use your tplink cloud account details to authenticate. Are you are using the TAPO app on your phone? If so that is storing and sending your tplink username and password to the device.

@agoode
Copy link
Author

agoode commented Dec 7, 2023

I haven't used any app yet. But it looks like I will need to do this for now. Thank you!

@rytilahti
Copy link
Member

https://arxiv.org/pdf/2308.09019.pdf contains a section "Attack scenario 5 - MITM attack with an unconfigured Tapo
L530E" with the configuration payloads that could be useful if someone wants to explore how to provision these.

@rytilahti rytilahti mentioned this issue Jan 2, 2024
Merged
@rytilahti
Copy link
Member

For L900, test@tp-link.net:test as credentials allowed provisioning the device using kasa wifi join. In contrast to just changing the wifi credentials which caused immediate disconnect, unprovisioned device reports back the device id in response (at least mine did):

DEBUG    192.168.0.1 << {'error_code': 0, 'result': {'device_id': 'xxxxxxxxxxxxxxxxxxxx'}}

@rytilahti rytilahti mentioned this issue Jan 11, 2024
Merged
@rytilahti rytilahti mentioned this issue Jan 23, 2024
Merged
rytilahti added a commit to rytilahti/python-kasa that referenced this issue Jan 25, 2024
@rytilahti
Prepare 0.6.1
521576d 
[Full Changelog](python-kasa/python-kasa@0.6.0.1...0.6.1)

Release highlights:
* Support for tapo wall switches
* Support for unprovisioned devices
* Performance and stability improvements

**Implemented enhancements:**

- Add support for tapo wall switches \(S500D\) [\python-kasa#704](python-kasa#704) (@bdraco)
- Add new cli command 'command' to execute arbitrary commands [\python-kasa#692](python-kasa#692) (@rytilahti)
- Allow raw-command and wifi without update [\python-kasa#688](python-kasa#688) (@rytilahti)
- Generate AES KeyPair lazily [\python-kasa#687](python-kasa#687) (@sdb9696)
- Add reboot and factory\_reset to tapodevice [\python-kasa#686](python-kasa#686) (@rytilahti)
- Try default tapo credentials for klap and aes [\python-kasa#685](python-kasa#685) (@sdb9696)
- Sleep between discovery packets [\python-kasa#656](python-kasa#656) (@sdb9696)

**Fixed bugs:**

- Do not crash on missing geolocation [\python-kasa#701](python-kasa#701) (@rytilahti)
- Fix P100 error getting conn closed when trying default login after login failure [\python-kasa#690](python-kasa#690) (@sdb9696)

**Documentation updates:**

- Add protocol and transport documentation [\python-kasa#663](python-kasa#663) (@sdb9696)
- Document authenticated provisioning [\python-kasa#634](python-kasa#634) (@rytilahti)

**Closed issues:**

- Consider handshake as still valid on ServerDisconnectedError [\python-kasa#676](python-kasa#676)
- AES Transport creates the key even if the device is offline [\python-kasa#675](python-kasa#675)
- how to provision new Tapo plug devices? [\python-kasa#565](python-kasa#565)
- Space out discovery requests [\python-kasa#229](python-kasa#229)

**Merged pull requests:**

- Add additional L900-10 fixture [\python-kasa#707](python-kasa#707) (@bdraco)
- Replace rich formatting stripper [\python-kasa#706](python-kasa#706) (@bdraco)
- Add support for the S500 [\python-kasa#705](python-kasa#705) (@bdraco)
- Fix overly greedy \_strip\_rich\_formatting [\python-kasa#703](python-kasa#703) (@bdraco)
- Ensure login token is only sent if aes state is ESTABLISHED [\python-kasa#702](python-kasa#702) (@bdraco)
- Update readme fixture checker and readme [\python-kasa#699](python-kasa#699) (@rytilahti)
- Fix test\_klapprotocol test duration [\python-kasa#698](python-kasa#698) (@sdb9696)
- Renew the handshake session 20 minutes before we think it will expire [\python-kasa#697](python-kasa#697) (@bdraco)
- Add --batch-size hint to timeout errors in dump\_devinfo [\python-kasa#696](python-kasa#696) (@sdb9696)
- Add L930-5 fixture [\python-kasa#694](python-kasa#694) (@bdraco)
- Add fixtures for L510E [\python-kasa#693](python-kasa#693) (@bdraco)
- Refactor aestransport to use a state enum [\python-kasa#691](python-kasa#691) (@bdraco)
- Update transport close/reset behaviour [\python-kasa#689](python-kasa#689) (@sdb9696)
- Check README for supported models [\python-kasa#684](python-kasa#684) (@rytilahti)
- Add P100 test fixture [\python-kasa#683](python-kasa#683) (@bdraco)
- Make dump\_devinfo request batch size configurable [\python-kasa#681](python-kasa#681) (@sdb9696)
- Add updated L920 fixture [\python-kasa#680](python-kasa#680) (@bdraco)
- Update fixtures from test devices [\python-kasa#679](python-kasa#679) (@bdraco)
- Show discovery data for state with verbose [\python-kasa#678](python-kasa#678) (@rytilahti)
- Add L530E\(US\) fixture [\python-kasa#674](python-kasa#674) (@bdraco)
- Add P135 fixture [\python-kasa#673](python-kasa#673) (@bdraco)
- Rename base TPLinkProtocol to BaseProtocol [\python-kasa#669](python-kasa#669) (@sdb9696)
- Add 1003 \(TRANSPORT\_UNKNOWN\_CREDENTIALS\_ERROR\) [\python-kasa#667](python-kasa#667) (@rytilahti)
@rytilahti rytilahti mentioned this issue Jan 25, 2024
Merged
rytilahti added a commit that referenced this issue Jan 25, 2024
@rytilahti
Prepare 0.6.1 (#709)
c01c3c6 
[Full Changelog](0.6.0.1...0.6.1)

Release highlights:
* Support for tapo wall switches
* Support for unprovisioned devices
* Performance and stability improvements

**Implemented enhancements:**

- Add support for tapo wall switches \(S500D\) [\#704](#704) (@bdraco)
- Add new cli command 'command' to execute arbitrary commands [\#692](#692) (@rytilahti)
- Allow raw-command and wifi without update [\#688](#688) (@rytilahti)
- Generate AES KeyPair lazily [\#687](#687) (@sdb9696)
- Add reboot and factory\_reset to tapodevice [\#686](#686) (@rytilahti)
- Try default tapo credentials for klap and aes [\#685](#685) (@sdb9696)
- Sleep between discovery packets [\#656](#656) (@sdb9696)

**Fixed bugs:**

- Do not crash on missing geolocation [\#701](#701) (@rytilahti)
- Fix P100 error getting conn closed when trying default login after login failure [\#690](#690) (@sdb9696)

**Documentation updates:**

- Add protocol and transport documentation [\#663](#663) (@sdb9696)
- Document authenticated provisioning [\#634](#634) (@rytilahti)

**Closed issues:**

- Consider handshake as still valid on ServerDisconnectedError [\#676](#676)
- AES Transport creates the key even if the device is offline [\#675](#675)
- how to provision new Tapo plug devices? [\#565](#565)
- Space out discovery requests [\#229](#229)

**Merged pull requests:**

- Add additional L900-10 fixture [\#707](#707) (@bdraco)
- Replace rich formatting stripper [\#706](#706) (@bdraco)
- Add support for the S500 [\#705](#705) (@bdraco)
- Fix overly greedy \_strip\_rich\_formatting [\#703](#703) (@bdraco)
- Ensure login token is only sent if aes state is ESTABLISHED [\#702](#702) (@bdraco)
- Update readme fixture checker and readme [\#699](#699) (@rytilahti)
- Fix test\_klapprotocol test duration [\#698](#698) (@sdb9696)
- Renew the handshake session 20 minutes before we think it will expire [\#697](#697) (@bdraco)
- Add --batch-size hint to timeout errors in dump\_devinfo [\#696](#696) (@sdb9696)
- Add L930-5 fixture [\#694](#694) (@bdraco)
- Add fixtures for L510E [\#693](#693) (@bdraco)
- Refactor aestransport to use a state enum [\#691](#691) (@bdraco)
- Update transport close/reset behaviour [\#689](#689) (@sdb9696)
- Check README for supported models [\#684](#684) (@rytilahti)
- Add P100 test fixture [\#683](#683) (@bdraco)
- Make dump\_devinfo request batch size configurable [\#681](#681) (@sdb9696)
- Add updated L920 fixture [\#680](#680) (@bdraco)
- Update fixtures from test devices [\#679](#679) (@bdraco)
- Show discovery data for state with verbose [\#678](#678) (@rytilahti)
- Add L530E\(US\) fixture [\#674](#674) (@bdraco)
- Add P135 fixture [\#673](#673) (@bdraco)
- Rename base TPLinkProtocol to BaseProtocol [\#669](#669) (@sdb9696)
- Add 1003 \(TRANSPORT\_UNKNOWN\_CREDENTIALS\_ERROR\) [\#667](#667) (@rytilahti)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@agoode @rytilahti @sdb9696