2021-07-22, 10:18
(2021-07-22, 03:19)matthuisman Wrote: the add-on update was coincidence.
You can install 0.6.9 from here to confirm: https://k.slyguy.xyz/.repo/slyguy.disney...-0.6.9.zip
It seems they are switching some users over to a new token system.
I'm working on ESPN+ currently and they use encrypted tokens - so I suspect thats what is happening with Disney+.
I can't do anything until my NZ login switches or I get a login to test with which has the issue
UPDATE:
I may have fixed it. Please update to latest Disney+ v0.7.3 and test.
I noticed with ESPN+ JWE tokens - you don't prefix the authentication header with "Bearer".
So, updated Disney+ to not prefix auth header if it detects a JWE token (has .. in it, where JWT is single .)
Pretty sure JWE token is what is happening.
I noticed my refresh tokens with Disney+ are now JWE.
So makes sense that the auth tokens will also switch
Oh, JWT / JWS = non-encrypted
and JWE = encrypted
more info: https://medium.facilelogin.com/jwt-jws-a...3310d201a3
0.7.4 same error (bad API). I did poke around a little and found b64_string = token.split('.')[1] looking at my token it did have .. so assumed I had something different with the access_token.
Looking at your link you sent, my access_token looks screwed up (in settings.xml). I appear to have two access_tokens glued together with "","expires":1626955227,"refresh_token":"" in the middle of them. Neither access token looks correct, I only have 4 elements and appear to be missing the JWE Encrypted Key. The JOSE header first portion does decode but the ALG element is "dir" and enc "C20P" which makes no sense to me.