Cannot get AUTH to work outside of my local / home machine

[coppersix]

HOME: ring-auth-cli
When I run:
npx -p ring-client-api ring-auth-cli
from my home machine everything works great!

Prompts for username, pass, sends off text message with 2FA and once it accepts the 2FA that I type in, it generates a refresh token. HUZZAH!

DIGITAL OCEAN: ring-auth-cli
But I want to run a service that can accept requests 24/7 outside the home to do things (on my account only) and have been setting up an account on Digital Ocean.

Run: npx -p ring-client-api ring-auth-cli
And get back:

TypeError: Cannot use 'in' operator to search for 'error' in <html>
<head><title>406 Not Acceptable</title></head>
<body>
<center><h1>406 Not Acceptable</h1></center>
<hr><center>openresty</center>
</body>
</html>

    at RingRestClient.getAuth (/root/ring-client/node_modules/ring-client-api/lib/rest-client.js:242:119)
    at process.processTicksAndRejections (node:internal/process/task_queues:105:5)

HOME: CURL REQUEST
Try using normal curl request from home and it works:
curl -i -X POST https://oauth.ring.com/oauth/token \ -H "Content-Type: application/json" \ -d '{ "client_id": "ring_official_android", "grant_type": "password", "username": "<actualemailaddress@gmail.com>", "password": "<actual_password>", "scope": "client" }'

Response:
HTTP/2 412
date: Sun, 10 Nov 2024 02:34:26 GMT
content-type: application/json
content-length: 65
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 3bd29e88-92c1-4bdf-aa83-ee13e875bd73
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8e02a4b88b3a7565-SEA
{"next_time_in_secs":60,"phone":"+1xxxxxxxx66","tsv_state":"sms"}

DIGITAL OCEAN: CURL REQUEST
curl -i -X POST https://oauth.ring.com/oauth/token \ -H "Content-Type: application/json" \ -d '{ "client_id": "ring_official_android", "grant_type": "password", "username": "<actualemailaddress@gmail.com>", "password": "<actual_password>", "scope": "client" }'
Response:

HTTP/2 406 
date: Sun, 10 Nov 2024 02:34:41 GMT
content-type: text/html
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8e02a518fb0296c5-SJC

<html>
<head><title>406 Not Acceptable</title></head>
<body>
<center><h1>406 Not Acceptable</h1></center>
<hr><center>openresty</center>
</body>
</html>

So I am wondering if Ring knows what my IP / city SHOULD be? I haven't gone to the lengths of using a VPN to make the requests yet but does anyone have any idea what is going on?

Originally tried getting this work on an A2 and Glitch server but they were too underpowered to actually send off the AUTH request so been banging on this issue for awhile now. Got a beefier DO instance with Node and npm matching what I have at home working and no joy.

Once I saw that regular curl request though weren't working figured it had to be location.

HOME: CURL VERSION

curl 7.81.0 (x86_64-pc-linux-gnu) libcurl/7.81.0 OpenSSL/3.0.2 zlib/1.2.11 brotli/1.0.9 zstd/1.4.8 libidn2/2.3.2 libpsl/0.21.0 (+libidn2/2.3.2) libssh/0.9.6/openssl/zlib nghttp2/1.43.0 librtmp/2.3 OpenLDAP/2.5.16
Release-Date: 2022-01-05
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets zstd

DIGITAL OCEAN: CURL VERSION

curl 7.68.0 (x86_64-pc-linux-gnu) libcurl/7.68.0 OpenSSL/1.1.1f zlib/1.2.11 brotli/1.0.7 libidn2/2.2.0 libpsl/0.21.0 (+libidn2/2.2.0) libssh/0.9.3/openssl/zlib nghttp2/1.40.0 librtmp/2.3
Release-Date: 2020-01-08
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp 
Features: AsynchDNS brotli GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets

Any help would be great appreciated!!

[tsightler]

There are already several posts here about this problem, specifically with Digital Ocean. I'm pretty confident Ring blocks requests from their IP blocks just like they do from many VPN services. Digital Ocean has a pretty poor reputation in the security world as there are many known attacks launched from their services so it makes a lot of sense that Ring would block them as there's pretty much zero reason for Ring to expect any app connections from there.

[coppersix]

Sorry, I went looking for posts about 406s and only found two (neither about what I was seeing).

Any recommendations for hosts? I'm resurrecting a 2016 era Raspberry Pi right now to see if I can use that as my 24/7 service but would rather use a reputable host. Any suggestions would be appreciated!

[coppersix]

Ahhhh...I just found out why I couldn't find anything about 406s. They are under "Issues" not "Discussions"...I'm a newb when it comes to GH discussions / messaging.

Will take a look at those messages / issues now. Thanks!!

[coppersix]

Got the raspberry pi running locally, which makes sense...same IP.

Anyone have known hosting providers that work / are decent? Any known bad hosts?

Many thanks...very stoked to use this...It's like magic! Being able to use the speakers, lights, siren for anything I want? I'm going to be able to make my house so much more unattractive to folks in the wee hours of the night! Or when I am not home.