Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

error code 420

See original GitHub issue

I try to get a token with: let token = airbnb.newAccessToken({username:'user', password:'password'})

and I get this error msg:


{ error_code: 420,
  error: 'unknown_error',
  error_message: 'Unable to perform action. Please try again through the website or contact support if you need immediate assistance.',
  client_error_info:
   { airlock:
      { action_name: 'account_login',
        completion_redirect_url: '',
        error_redirect_url: '',
        escapable: true,
        fallback_friction: 'contact_us_form',
        first_name: 'xxxxx',
        flow: 'captcha_flow',
        friction_data: [Object],
        header_text: 'Please verify yourself',
        id: 12345678,
        identifier: null,
        keep_webview_open_on_redirect: false,
        redux: true,
        status: 0,
        should_replay_request: true,
        user_id: 876654321,
        user_message: null },
     metadata: {} } }

Issue Analytics

State:
Created 5 years ago
Reactions:2
Comments:89 (10 by maintainers)

Top GitHub Comments

6reactions

Technohackercommented, Jun 10, 2019

I’ve tried using mitmproxy to intercept the Android app and so far this is what I get (this may be a repeat of previous info but I just wanted to keep it all clear)

As soon as I log in from a previously unused location

POST https://api.airbnb.com/v2/logins?client_id=<CLIENT_ID>&locale=<LOCALE>&currency=<CURRENCY> HTTP/2.0

Request: Handled by airbnbapi already

Response:

HTTP Code 420
{
  "error_code": 420,
  "error_type": "inline_risk_error",
  "error_message": "Unfortunately, a server error prevented your request from being completed. Airbnb may be undergoing maintenance or your connection may have timed out. Please try again.",
  "client_error_info": {
    "airlock": {
      "friction_data": [ // Verification methods. We could potentially use this programmatically
        {
          "name": "phone_verification_via_text",
          "data": {
            "phone_numbers": [
              {
                "id": 0000000,
                "last_four_digits": "xxxx",
                "obfuscated": "+xxxxxxxxxx",
                "verification_method": 1,
                "verified_at": "xxxxxxx"
              }
            ],
            "verification_code_num_digits": 4
          },
          "status": 0,
          "style": "modal",
          "version": "1.0"
        },
        {
          "name": "phone_verification_via_call",
          "data": {
            "phone_numbers": [
              {
                "id": 000000000,
                "last_four_digits": "xxxx",
                "obfuscated": "+xxxxxxxxxxxxx",
                "verification_method": 1,
                "verified_at": "xxxxxxxxxxx"
              }
            ],
            "verification_code_num_digits": 4
          },
          "status": 0,
          "style": "modal",
          "version": "1.0"
        },
        {
          "name": "email_code_verification",
          "data": {
            "delivery_methods": [
              {
                "id": 4,
                "text": "Verify via Email"
              }
            ],
            "obfuscated_email_address": "xxxxxxxxxxx",
            "verification_code_num_digits": 4
          },
          "status": 0,
          "style": "full_page_redirect",
          "version": "1.0"
        }
        // ...
      ],
      "header_text": "Please verify yourself",
      "id": AIRLOCK_ID,
      "identifier": null,
      "keep_webview_open_on_redirect": false,
      "redux": true,
      "status": 0,
      "should_replay_request": true,
      "user_id": USER_ID,
      "user_message": null,
      "bill_version_token": null
    },
    "metadata": {}
  },
  "error_details": "Unable to perform action. Please try again through the website or contact support if you need immediate assistance.",
  "error_id": "00000000000000000000000000000000"
}

Out of this, client_error_info.airlock.id (Airlock ID) and client_error_info.airlock.user_id is important.

Choosing a verification method. I chose email

PUT https://api.airbnb.com/v2/airlocks/AIRLOCK_ID?_format=v1&client_id=<CLIENT ID>&locale=<LOCALE>&currency=<CURRENCY> HTTP/2.0

Request:

{
    "action_name": "account_login",
    "attempt": true,
    "friction": "email_code_verification",
    "friction_data": {},
    "id": <AIRLOCK ID>,
    "user_id": <USER ID>
}

Response: Similar to response in 1. above. HTTP Code 200

After entering verification code

PUT https://api.airbnb.com/v2/airlocks/<AIRLOCK ID>?_format=v1&client_id=<CLIENT ID>&locale=<LOCALE>&currency=<CURRENCY> HTTP/2.0

Request:

{
    "action_name": "account_login",
    "friction": "email_code_verification",
    "friction_data": {
        "response": {
            "code": "<CODE FROM EMAIL>"
        }
    },
    "id": <AIRLOCK ID>,
    "user_id": <USER ID>
}

Response: Similar to 1. above. HTTP Code 200

POST https://api.airbnb.com/v2/logins?client_id=<CLIENT_ID>&locale=<LOCALE>&currency=<CURRENCY> HTTP/2.0

Request: Handled by airbnbapijs already

Response:

HTTP Code 200
{
    "login": {
        "account": {
            "badges": [
                {
                // ...

From this, the noteworthy point is their use of PUT instead of POST or GET for airlock. That could explain some of the errors above. I’m sorry if anything’s repeated here 😃

6reactions

axos88commented, Jul 24, 2018

I just completed an airlock verification via the web interface and sniffed the traffic, maybe this will help implement the verification?

curl 'https://www.airbnb.hu/api/v2/airlocks/AIRLOCK_ID?key=AUTHKEY&_format=v1' -X PUT -H 'Accept: application/json' -H 'Referer: https://www.airbnb.hu/airlock?al_id=AIRLOCK_ID' -H 'Origin: https://www.airbnb.hu' -H 'X-CSRF-Token: V4$.airbnb.hu$ht-xJp_5PrA$pCBMg_qXfZvN1ZXPAw7YlsjGVhszbh3QsmLApO59GPM=' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36' -H 'Content-Type: application/json' --data-binary '{"friction":"phone_verification_via_text","friction_data":{"optionSelection":{"phone_number_id":7531677}},"attempt":true,"enable_throw_errors":true}' --compressed

{"airlock":{"action_name":"account_login","completion_redirect_url":"https://www.airbnb.hu/airlock?al_id=AIRLOCK_ID","error_redirect_url":"","escapable":false,"fallback_friction":"contact_us_form","first_name":"Akos","flow":"account_ownership_verification_for_login","friction_data":[{"name":"phone_verification_via_text","data":{"phone_numbers":[{"id":7531677,"last_four_digits":"YYYY","obfuscated":"+XX (•••) •••-YYYY","verification_method":1,"verified_at":"2014-06-14 08:26:31 UTC"}],"verification_code_num_digits":4},"status":1,"style":"modal","version":"1.0"},{"name":"phone_verification_via_call","data":{"phone_numbers":[{"id":7531677,"last_four_digits":"YYYY","obfuscated":"+XX (•••) •••-YYYY","verification_method":1,"verified_at":"2014-06-14 08:26:31 UTC"}],"verification_code_num_digits":4},"status":0,"style":"modal","version":"1.0"},{"name":"email_code_verification","data":{"delivery_methods":[{"id":4,"text":"Igazolás e-mailben"}],"obfuscated_email_address":"ax•••••@gm•••••.com","verification_code_num_digits":4},"status":0,"style":"full_page_redirect","version":"1.0"},{"name":"contact_us_form","data":{"min_length":25,"max_length":2000},"status":0,"style":"full_page_redirect","version":"1.0"},{"name":"facebook_verification","data":{},"status":0,"style":"full_page_redirect","version":"1.0"}],"header_text":"Igazold magad","id":AIRLOCK_ID,"identifier":"1532332066_Nr97FAEY5rKTLsiw","keep_webview_open_on_redirect":false,"redux":true,"status":1,"should_replay_request":false,"user_id":13381212,"user_message":null},"metadata":{}}



curl 'https://www.airbnb.hu/api/v2/airlocks/AIRLOCK_ID?key=AUTH_KEY&_format=v1' -X PUT -H 'origin: https://www.airbnb.hu' -H 'accept-encoding: gzip, deflate, br' -H 'x-csrf-token: V4$.airbnb.hu$ht-xJp_5PrA$pCBMg_qXfZvN1ZXPAw7YlsjGVhszbh3QsmLApO59GPM=' -H 'accept-language: en-US,en;q=0.9,hu;q=0.8,ro;q=0.7' -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36' -H 'content-type: application/json' -H 'accept: application/json' -H 'referer: https://www.airbnb.hu/airlock?al_id=AIRLOCK_ID' -H 'authority: www.airbnb.hu' -H 'cookie: bev=1532332066_Nr97FAEY5rKTLsiw; __svt=-1; cache_state=0; 3b689aa21=treatment; jitney_client_session_id=dba5d68d-c744-4492-99d2-64673c758572; jitney_client_session_created_at=1532332067; sdid=; ftv=1532332062729; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.331815889.1532332063; _gid=GA1.2.4328824.1532332063; __ssid=ce94a024-27f0-4945-9b85-a71e221cdd3c; _csrf_token=V4%24.airbnb.hu%24ht-xJp_5PrA%24pCBMg_qXfZvN1ZXPAw7YlsjGVhszbh3QsmLApO59GPM%3D; li=1; _pt=1--WyI0OTVmZTE0ZjE5ZGEyZmVlOTAyNTkwYmJmNDY3YWQ0Zjg5OWZhN2E2Il0%3D--e9338f644118c4016cb5adab998196e36796a54d; _aat=0%7C98AfOV4q0y2ajs7d45JqJKSeC9WqHw7yzoCMOp1f8q6nFv5mKnGNLLJ8lI2nvoGk; abb_fa2=%7B%22user_id%22%3A%2217%7C1%7CzSVpC3gromMi3i2QnC%2B0GmZXwMTnvPbNbcLMZmdUhI6GJeuZ7%2BQfBQ%3D%3D%22%7D; alfc=0; alfces=0; jlp3=true; rclu=%7B%2213381212%22%3D%3E%22L%2FofHdWm9gxCkvVtmbNH2ccMErFwrko9%2B9qOlQPEIGE%3D%22%7D; rclmd=%7B%2213381212%22%3D%3E%22email%22%7D; _user_attributes=%7B%22curr%22%3A%22HUF%22%2C%22guest_exchange%22%3A277.54368999999997%2C%22device_profiling_session_id%22%3A%221532332067--e2b65b68ec1ad3fe7117bf5d%22%2C%22giftcard_profiling_session_id%22%3A%221532332067--1dc354f3cc1068197d8013ed%22%2C%22reservation_profiling_session_id%22%3A%221532332067--df1900f69be8434111a3b193%22%2C%22id%22%3A13381212%2C%22hash_user_id%22%3A%22495fe14f19da2fee902590bbf467ad4f899fa7a6%22%2C%22eid%22%3A%229Kh9ZvlbjYv67gdcgSqUjA%3D%3D%22%2C%22num_msg%22%3A0%2C%22num_notif%22%3A2%2C%22num_alert%22%3A3%2C%22num_h%22%3A4%2C%22num_pending_requests%22%3A0%2C%22num_trip_notif%22%3A0%2C%22name%22%3A%22Akos%22%2C%22num_action%22%3A0%2C%22is_admin%22%3Afalse%2C%22can_access_photography%22%3Afalse%2C%22referrals_info%22%3A%7B%22terms_and_conditions_link%22%3A%22%2Fhelp%2Farticle%2F2269%22%2C%22referrer_guest%22%3A%22Ft5+200%22%7D%7D; flags=806494496; roles=0; _airbed_session_id=cabd642dee291fd35abf9d145e8f7aa4; hli=1; har=1; cbkp=3; _gat=1; _uetsid=_uet881953dd; jitney_client_session_updated_at=1532332540' --data-binary '{"friction":"phone_verification_via_text","friction_data":{"optionSelection":{"phone_number_id":7531677},"response":{"code":"5683"}},"enable_throw_errors":true}' --compressed


302 location: https://www.airbnb.hu/dashboard

Top Results From Across the Web

P0420 Code: What It Is and How to Fix It - Way

A P0420 code indicates that your vehicle's computer (PCM) has detected a problem with the catalytic converter. The catalytic converter's function is to ......

P0420 OBD-II Trouble Code: Catalyst System Efficiency Below ...

A P0420 code indicates a problem with the catalytic converter. The purpose of the catalytic converter is to break down harmful pollutants created...

420 Enhance your calm - Evert Pot

The 420 Enhance Your Calm status code is an unofficial extension by Twitter. Twitter used this to tell HTTP clients that they were...

Why do I get an error with code 420 when sending ... - Xeams

This error is generated by Xeams if it detects a dictionary attack. In such cases, Xeams will block the IP address of the...

12 Ways to Fix the Error Code 420 on HBO Max - Saint

Usually, this problem is caused by faulty HBO Max servers or unstable network connections. However, corrupted files and outdated software could also be...