Skip to content

Enhance 2FA handling in OAuth flow#1228

Open
FxNion wants to merge 1 commit into
fronzbot:devfrom
FxNion:dev
Open

Enhance 2FA handling in OAuth flow#1228
FxNion wants to merge 1 commit into
fronzbot:devfrom
FxNion:dev

Conversation

@FxNion
Copy link
Copy Markdown

@FxNion FxNion commented Jun 6, 2026
edited
Loading

Handle alternate 2FA response status and restore cookies for verification.

Description:

Related issue : fixes #1217

Checklist:

  • [ x ] Local tests with tox run successfully PR cannot be meged unless tests pass
  • [ x ] Changes tested locally to ensure platform still works as intended
  • Tests added to verify new code works

PR description — fronzbot/blinkpy

Title: fix: handle HTTP 202 response in oauth_signin and restore cookies for 2FA verification

Summary

Two fixes to the OAuth 2FA flow, identified and confirmed by tracing the full OAuth sequence in a live Home Assistant environment (June 2026).

Changes

1. blinkpy/api.pyoauth_signin: handle HTTP 202 as 2FA required

Blink's OAuth endpoint now returns HTTP 202 (in addition to, or instead of, 412) to signal that 2FA is required and a PIN has been sent. The function previously only handled 412 and returned None for any other status, causing the login flow to silently fail.

This fix treats 202 and 412 identically, and captures the current cookie jar for reuse in the verification step.

2. blinkpy/api.pyoauth_verify_2fa: restore cookies before verification POST

In some aiohttp configurations (notably when using HA's shared session), cookies accumulated during oauth_signin are not preserved across requests. This fix explicitly restores the captured cookie jar before the verification POST, and passes them as request cookies as well.

Observed behaviour before fix

oauth_signin: status=202 cookies=5
→ returned None (unhandled status)
→ _oauth_login_flow fails
→ BlinkTwoFARequiredError never raised
→ HA never shows PIN input form
→ SMS received by user but no way to complete auth

Observed behaviour after fix

oauth_signin: status=202 → 2FA_REQUIRED returned
→ HA displays PIN input form
→ user enters PIN
→ oauth_verify_2fa succeeds
→ integration active

Testing

Tested on:

  • Home Assistant 2026.5.0 (Docker)
  • Blink account with mandatory SMS 2FA (cannot be disabled as of June 2026)
  • Account previously linked to Amazon, then unlinked

Related

@FxNion
Enhance 2FA handling in OAuth flow
683ceaa 
Handle alternate 2FA response status and restore cookies for verification.
@FxNion FxNion mentioned this pull request Jun 6, 2026
Draft
16 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Invalid Authentication when trying to add Blink integration in Home Assistant

1 participant

@FxNion