2022-09-16 12:06:19 +00:00
Huami-token is now hosted on [codeberg.org ](https://codeberg.org/argrento/huami-token/ ).
2022-04-16 10:33:36 +00:00
2022-09-16 12:06:19 +00:00
< a href = "https://codeberg.org/argrento/huami-token/" >
2022-04-16 10:33:36 +00:00
< img alt = "Get it on Codeberg" src = "https://get-it-on.codeberg.org/get-it-on-white-on-black.png" height = "60" >
< / a >
2021-02-23 09:10:26 +00:00
# Huami-token
2020-11-12 10:03:40 +00:00
2023-06-04 14:19:19 +00:00
[![status-badge ](https://ci.codeberg.org/api/badges/argrento/huami-token/status.svg )](https://ci.codeberg.org/argrento/huami-token)
2020-05-25 11:27:57 +00:00
2021-02-23 09:10:26 +00:00
Script to obtain watch or band bluetooth access token from Huami servers.
2020-05-28 17:05:16 +00:00
It will also download AGPS data packs `cep_alm_pak.zip` and `cep_7days.zip` .
2020-05-25 11:27:57 +00:00
## About
2021-02-23 09:10:26 +00:00
To use new versions of Amazfit and Xiaomi watches and bands with Gadgetbridge you need special unique key.
2020-05-25 11:27:57 +00:00
Read more here: https://codeberg.org/Freeyourgadget/Gadgetbridge/wiki/Huami-Server-Pairing.
## Preparation
2021-02-23 09:10:26 +00:00
1. Ensure that you login in Amazfit App with Amazfit or Xiaomi account --
2020-05-25 11:27:57 +00:00
because only this login methods are supported. If not, create new Amazfit account
with e-mail and password.
2. Pair, sync and update your watch with Amazfit App. Your pairing key will be stored on
Huami servers.
3. Clone this repo:
2022-04-16 11:30:53 +00:00
```git clone https://codeberg.org/argrento/huami-token.git```
2021-03-15 13:49:01 +00:00
4. Install requirements: `pip3 install -r requirements.txt`
2020-05-25 11:27:57 +00:00
2020-08-09 16:20:08 +00:00
## Usage
```
usage: huami_token.py [-h] -m {amazfit,xiaomi} [-e EMAIL] [-p PASSWORD] [-b]
[-g] [-a] [-n]
Obtain Bluetooth Auth key from Amazfit servers and download AGPS data.
optional arguments:
-h, --help show this help message and exit
-m {amazfit,xiaomi}, --method {amazfit,xiaomi}
Login method
-e EMAIL, --email EMAIL
Account e-mail address
-p PASSWORD, --password PASSWORD
Account Password
-b, --bt_keys Get bluetooth tokens of paired devices
-g, --gps Download A-GPS files
2021-02-23 23:08:48 +00:00
-f, --firmware Request firmware updates. Works only with -b/--bt_keys
argument. Extremely dangerous
2020-08-09 16:20:08 +00:00
-a, --all Do everything: get bluetooth tokens, download A-GPS
2021-02-23 23:22:05 +00:00
files. But do NOT download firmware updates
2020-08-09 16:20:08 +00:00
-n, --no_logout Do not logout, keep active session and display app
token and access token
```
2020-05-25 11:27:57 +00:00
## Logging in with Amazfit account
2021-10-25 12:28:22 +00:00
Run script with your credentials: `python3 huami_token.py --method amazfit --email youemail@example.com --password your_password --bt_keys` .
2020-05-25 11:27:57 +00:00
Sample output:
```bash
2021-03-15 13:49:01 +00:00
> python3 huami_token.py --method amazfit --email my_email --password password --bt_keys
2020-05-25 11:27:57 +00:00
Getting access token with amazfit login method...
Token: ['UaFHW53RJVYwqXaa7ncPQ']
Logging in...
Logged in! User id: 1234567890
Getting linked wearables...
2022-04-19 12:10:22 +00:00
╓───Device 0
║ MAC: AB:CD:EF:12:34:56, active: Yes
║ Key: 0xa3c10e34e5c14637eea6b9efc06106
╙────────────
2020-05-25 11:27:57 +00:00
Logged out.
```
2021-02-23 13:55:30 +00:00
Here the `auth_key` is the unique pairing key for your watch. The `ACT` tab shows whether a device is
2021-02-23 13:39:57 +00:00
active or not.
2021-02-23 09:10:26 +00:00
2020-05-25 11:27:57 +00:00
### Logging in with Xiaomi account
This is a little bit harder to use, since you need to login manually on the Xiaomi web site.
2021-10-25 12:28:22 +00:00
1. Run script `python3 huami_token.py --method xiaomi --bt_keys` .
2020-05-25 11:27:57 +00:00
2. Script will ask you to open Xiaomi login web page. https://account.xiaomi.com/oauth2/authorize?skip_confirm=false& client_id=2882303761517383915& pt=0& scope=1+6000+16001+20000& redirect_uri=https%3A%2F%2Fhm.xiaomi.com%2Fwatch.do& _locale=en_US& response_type=code
3. Login with your credentials there.
2021-02-23 09:10:26 +00:00
4. If your login is successful, browser will show the error that connection is not secured.
On this stage address will look like this: `https://hm.xiaomi.com/watch.do?code=ALSG_CLOUDSRV_9B8D87D0EB77C71B45FF73B2266D922B` .
2020-05-25 11:27:57 +00:00
5. Copy this address.
6. Return to script, paste this address and press `enter` .
Sample output:
```bash
2021-03-15 13:49:01 +00:00
> python3 huami_token.py --method xiaomi --bt_keys
2020-05-25 11:27:57 +00:00
Getting access token with xiaomi login method...
Copy this URL to web-browser
https://account.xiaomi.com/oauth2/authorize?skip_confirm=false& client_id=2882303761517383915& pt=0& scope=1+6000+16001+20000& redirect_uri=https%3A%2F%2Fhm.xiaomi.com%2Fwatch.do& _locale=en_US& response_type=code
and login to your Mi account.
Paste URL after redirection here.
https://hm.xiaomi.com/watch.do?code=ALSG_CLOUDSRV_9B8D87D0EB77C71B45FF73B2266D922B
Token: ['ALSG_CLOUDSRV_9B8D87D0EB77C71B45FF73B2266D922B']
Logging in...
Logged in! User id: 3000654321
Getting linked wearables...
2022-04-19 12:10:22 +00:00
╓───Device 0
║ MAC: 12:34:56:AB:CD:EF, active: Yes
║ Key: 0x3c10e34e5c1463527579996fa83e6d
╙────────────
╓───Device 1
║ MAC: BA:DC:FE:21:43:65, active: No
║ Key: 0x00
╙────────────
2020-05-25 11:27:57 +00:00
Logged out.
```
2021-02-23 13:55:30 +00:00
Here the `auth_key` is the unique pairing key for your watch. The `ACT` tab shows whether a device is
2021-02-23 13:39:57 +00:00
active or not.
2020-05-25 11:27:57 +00:00
2021-02-23 13:39:57 +00:00
In this example I have two devices: the first one is my Amazfit Bip S watch,
the second one is my Xiaomi Mi Smart Scale.
2020-05-25 11:27:57 +00:00
2021-02-23 23:08:48 +00:00
## Experimental: updates download
This is extremely dangerous: flashing the wrong version can brick your device!
I am not responsible for any of problems that might arise.
Can be enabled with `-f/--firmware` argument. Will work only with `-b/--bt_keys` argument.
You should input the ID of a device, or `-1` to check for all.
Script will try to find updates for the firmware and the font pack for the device from
the table above.
2021-02-23 23:22:05 +00:00
Use the downloaded files at your own risk!
2020-05-25 11:27:57 +00:00
## Dependencies
* Python 3.7.7
* argparse
* requests
* urllib
* random
* uuid
* json
2020-05-28 17:05:16 +00:00
* shutil
2020-05-25 11:27:57 +00:00
## License
This project is licensed under the MIT License - see the [LICENSE.md ](LICENSE.md ) file for details