From 81ec8281705f133b3f1e39f924f4bffa0ff6ad21 Mon Sep 17 00:00:00 2001
From: Richard Gepp <richard@mooncalf.org.uk>
Date: Sun, 24 Mar 2019 18:51:43 +0000
Subject: [PATCH 1/7] Added support for Multi-Factor Authentication

Optionally support Multi-Factor Authentication by allowing
(SET_)MFA_SECRET to be configured to contain the Amazon MFA secret.
Some general tidying up to make string literals consistent (single-
quotes) and match whitespace because I'm fussy. ;-)
---
 alexa_remote_control.sh       | 23 ++++++++++++++++++++---
 alexa_remote_control_plain.sh | 24 +++++++++++++++++++-----
 2 files changed, 39 insertions(+), 8 deletions(-)

diff --git a/alexa_remote_control.sh b/alexa_remote_control.sh
index f6d4eec..68d47b7 100644
--- a/alexa_remote_control.sh
+++ b/alexa_remote_control.sh
@@ -39,6 +39,7 @@
 # 2019-02-03: v0.11a fixed string escape for automation and speak commands
 # 2019-02-10: v0.12 added "-d ALL" to the plain version, lastalexa now checks for SUCCESS activityStatus
 # 2019-02-14: v0.12a reduced the number of replaced characters for TTS and automation
+# 2019-03-24: v0.13 added support for Multi-Factor Authentication
 #
 ###
 #
@@ -46,14 +47,16 @@
 # - requires cURL for web communication
 # - (GNU) sed and awk for extraction
 # - jq as command line JSON parser (optional for the fancy bits)
+# - oathtool as OATH one-time password tool (optional for two-factor authentication)
 #
 ##########################################
 
 SET_EMAIL='amazon_account@email.address'
 SET_PASSWORD='Very_Secret_Amazon_Account_Password'
+#SET_MFA_SECRET='1234 5678 9ABC DEFG HIJK LMNO PQRS TUVW XYZ0 1234 5678 9ABC DEFG'
 
-SET_LANGUAGE="de,en-US;q=0.7,en;q=0.3"
-#SET_LANGUAGE="en-US"
+SET_LANGUAGE='de,en-US;q=0.7,en;q=0.3'
+#SET_LANGUAGE='en-US'
 
 SET_TTS_LOCALE='de-DE'
 
@@ -87,6 +90,7 @@ SET_TMP="/tmp"
 # retrieving environment variables if any are set
 EMAIL=${EMAIL:-$SET_EMAIL}
 PASSWORD=${PASSWORD:-$SET_PASSWORD}
+MFA_SECRET=${MFA_SECRET:-$SET_MFA_SECRET}
 AMAZON=${AMAZON:-$SET_AMAZON}
 ALEXA=${ALEXA:-$SET_ALEXA}
 LANGUAGE=${LANGUAGE:-$SET_LANGUAGE}
@@ -397,6 +401,14 @@ ${CURL} ${OPTS} -s -D "${TMP}/.alexa.header" -c ${COOKIE} -b ${COOKIE} -A "${BRO
 ${CURL} ${OPTS} -s -c ${COOKIE} -b ${COOKIE} -A "${BROWSER}" -H "Accept-Language: ${LANGUAGE}" -H "DNT: 1" -H "Connection: keep-alive" -H "Upgrade-Insecure-Requests: 1" -L\
  -H "$(grep 'Location: ' ${TMP}/.alexa.header | sed 's/Location: /Referer: /')" -d "@${TMP}/.alexa.postdata" https://www.${AMAZON}/ap/signin | grep "hidden" | sed 's/hidden/\n/g' | grep "value=\"" | sed -r 's/^.*name="([^"]+)".*value="([^"]+)".*/\1=\2\&/g' > "${TMP}/.alexa.postdata2"
 
+#
+# add HOTP if using MFA
+#
+if [ ! -z "${MFA_SECRET}" ] ; then
+	OTP=$(oathtool --base32 --totp "${MFA_SECRET}")
+	PASSWORD="${PASSWORD}${OTP}"
+fi
+
 #
 # login with filled out form
 #  !!! referer now contains session in URL
@@ -411,6 +423,11 @@ if [ -z "$(grep 'Location: https://alexa.*html' ${TMP}/.alexa.header2)" ] ; then
 	echo " make sure to have all Amazon related cookies deleted and Javascript disabled!"
 	echo
 	echo " (For more information have a look at ${TMP}/.alexa.login)"
+	echo
+	echo " To avoid issues with captcha, try using Multi-Factor Authentication."
+	echo " To do so, first set up Two-Step Verification on your Amazon account, then"
+	echo " configure this script (or the environment) with your MFA secret."
+	echo " Support for Multi-Factor Authentication requires 'oathtool' to be installed."
 
 	rm -f ${COOKIE}
 	rm -f "${TMP}/.alexa.header"
@@ -526,7 +543,7 @@ if [ -n "${SEQUENCECMD}" ]
 			ALEXACMD="{\"behaviorId\":\"PREVIEW\",\"sequenceJson\":\"{\\\"@type\\\":\\\"com.amazon.alexa.behaviors.model.Sequence\\\",\\\"startNode\\\":{\\\"@type\\\":\\\"com.amazon.alexa.behaviors.model.OpaquePayloadOperationNode\\\",\\\"type\\\":\\\"${SEQUENCECMD}\\\",\\\"operationPayload\\\":{\\\"deviceType\\\":\\\"${DEVICETYPE}\\\",\\\"deviceSerialNumber\\\":\\\"${DEVICESERIALNUMBER}\\\",\\\"locale\\\":\\\"${TTS_LOCALE}\\\",\\\"customerId\\\":\\\"${MEDIAOWNERCUSTOMERID}\\\"${TTS}}}}\",\"status\":\"ENABLED\"}"
 		fi
 
-		# Due to some weird shell-escape-behavior the command has t be written to a file before POSTing it
+		# Due to some weird shell-escape-behavior the command has to be written to a file before POSTing it
 		echo $ALEXACMD > "${TMP}/.alexa.cmd"
 
 		${CURL} ${OPTS} -s -b ${COOKIE} -A "${BROWSER}" -H "DNT: 1" -H "Connection: keep-alive" -L\
diff --git a/alexa_remote_control_plain.sh b/alexa_remote_control_plain.sh
index 8da155b..19e7f9a 100644
--- a/alexa_remote_control_plain.sh
+++ b/alexa_remote_control_plain.sh
@@ -3,7 +3,7 @@
 # Amazon Alexa Remote Control (PLAIN shell)
 #  alex(at)loetzimmer.de
 #
-# 2019-02-14: v0.12a (for updates see http://blog.loetzimmer.de/2017/10/amazon-alexa-hort-auf-die-shell-echo.html)
+# 2019-03-24: v0.13 (for updates see http://blog.loetzimmer.de/2017/10/amazon-alexa-hort-auf-die-shell-echo.html)
 #
 ###
 #
@@ -13,12 +13,12 @@
 #
 ##########################################
 
-
 SET_EMAIL='amazon_account@email.address'
 SET_PASSWORD='Very_Secret_Amazon_Account_Password'
+#SET_MFA_SECRET='1234 5678 9ABC DEFG HIJK LMNO PQRS TUVW XYZ0 1234 5678 9ABC DEFG'
 
-SET_LANGUAGE="de,en-US;q=0.7,en;q=0.3"
-#SET_LANGUAGE="en-US"
+SET_LANGUAGE='de,en-US;q=0.7,en;q=0.3'
+#SET_LANGUAGE='en-US'
 
 SET_TTS_LOCALE='de-DE'
 
@@ -52,6 +52,7 @@ SET_TMP="/tmp"
 # retrieving environment variables if any are set
 EMAIL=${EMAIL:-$SET_EMAIL}
 PASSWORD=${PASSWORD:-$SET_PASSWORD}
+MFA_SECRET=${MFA_SECRET:-$SET_MFA_SECRET}
 AMAZON=${AMAZON:-$SET_AMAZON}
 ALEXA=${ALEXA:-$SET_ALEXA}
 LANGUAGE=${LANGUAGE:-$SET_LANGUAGE}
@@ -343,6 +344,14 @@ ${CURL} ${OPTS} -s -D "${TMP}/.alexa.header" -c ${COOKIE} -b ${COOKIE} -A "${BRO
 ${CURL} ${OPTS} -s -c ${COOKIE} -b ${COOKIE} -A "${BROWSER}" -H "Accept-Language: ${LANGUAGE}" -H "DNT: 1" -H "Connection: keep-alive" -H "Upgrade-Insecure-Requests: 1" -L\
  -H "$(grep 'Location: ' ${TMP}/.alexa.header | sed 's/Location: /Referer: /')" -d "@${TMP}/.alexa.postdata" https://www.${AMAZON}/ap/signin | grep "hidden" | sed 's/hidden/\n/g' | grep "value=\"" | sed -r 's/^.*name="([^"]+)".*value="([^"]+)".*/\1=\2\&/g' > "${TMP}/.alexa.postdata2"
 
+#
+# add HOTP if using MFA
+#
+if [ ! -z "${MFA_SECRET}" ] ; then
+	OTP=$(oathtool --base32 --totp "${MFA_SECRET}")
+	PASSWORD="${PASSWORD}${OTP}"
+fi
+
 #
 # login with filled out form
 #  !!! referer now contains session in URL
@@ -357,6 +366,11 @@ if [ -z "$(grep 'Location: https://alexa.*html' ${TMP}/.alexa.header2)" ] ; then
 	echo " make sure to have all Amazon related cookies deleted and Javascript disabled!"
 	echo
 	echo " (For more information have a look at ${TMP}/.alexa.login)"
+	echo
+	echo " To avoid issues with captcha, try using Multi-Factor Authentication."
+	echo " To do so, first set up Two-Step Verification on your Amazon account, then"
+	echo " configure this script (or the environment) with your MFA secret."
+	echo " Support for Multi-Factor Authentication requires 'oathtool' to be installed."
 
 	rm -f ${COOKIE}
 	rm -f "${TMP}/.alexa.header"
@@ -531,7 +545,7 @@ if [ -n "${SEQUENCECMD}" ]
 	then
 		ALEXACMD="{\"behaviorId\":\"PREVIEW\",\"sequenceJson\":\"{\\\"@type\\\":\\\"com.amazon.alexa.behaviors.model.Sequence\\\",\\\"startNode\\\":{\\\"@type\\\":\\\"com.amazon.alexa.behaviors.model.OpaquePayloadOperationNode\\\",\\\"type\\\":\\\"${SEQUENCECMD}\\\",\\\"operationPayload\\\":{\\\"deviceType\\\":\\\"${DEVICETYPE}\\\",\\\"deviceSerialNumber\\\":\\\"${DEVICESERIALNUMBER}\\\",\\\"locale\\\":\\\"${TTS_LOCALE}\\\",\\\"customerId\\\":\\\"${MEDIAOWNERCUSTOMERID}\\\"${TTS}}}}\",\"status\":\"ENABLED\"}"
 
-		# Due to some weird shell-escape-behavior the command has t be written to a file before POSTing it
+		# Due to some weird shell-escape-behavior the command has to be written to a file before POSTing it
 		echo $ALEXACMD > "${TMP}/.alexa.cmd"
 		
 		${CURL} ${OPTS} -s -b ${COOKIE} -A "${BROWSER}" -H "DNT: 1" -H "Connection: keep-alive" -L\

From 21f3ab20d04c182e8cf900359788c09ae1eb9b00 Mon Sep 17 00:00:00 2001
From: Richard Gepp <richard@mooncalf.org.uk>
Date: Sun, 24 Mar 2019 21:31:48 +0000
Subject: [PATCH 2/7] Added support for Multi-Factor Authentication

Changed comment to use 'OTP' rather than 'HOTP'.
---
 alexa_remote_control.sh       | 2 +-
 alexa_remote_control_plain.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/alexa_remote_control.sh b/alexa_remote_control.sh
index 68d47b7..7f4b131 100644
--- a/alexa_remote_control.sh
+++ b/alexa_remote_control.sh
@@ -402,7 +402,7 @@ ${CURL} ${OPTS} -s -c ${COOKIE} -b ${COOKIE} -A "${BROWSER}" -H "Accept-Language
  -H "$(grep 'Location: ' ${TMP}/.alexa.header | sed 's/Location: /Referer: /')" -d "@${TMP}/.alexa.postdata" https://www.${AMAZON}/ap/signin | grep "hidden" | sed 's/hidden/\n/g' | grep "value=\"" | sed -r 's/^.*name="([^"]+)".*value="([^"]+)".*/\1=\2\&/g' > "${TMP}/.alexa.postdata2"
 
 #
-# add HOTP if using MFA
+# add OTP if using MFA
 #
 if [ ! -z "${MFA_SECRET}" ] ; then
 	OTP=$(oathtool --base32 --totp "${MFA_SECRET}")
diff --git a/alexa_remote_control_plain.sh b/alexa_remote_control_plain.sh
index 19e7f9a..85f4424 100644
--- a/alexa_remote_control_plain.sh
+++ b/alexa_remote_control_plain.sh
@@ -345,7 +345,7 @@ ${CURL} ${OPTS} -s -c ${COOKIE} -b ${COOKIE} -A "${BROWSER}" -H "Accept-Language
  -H "$(grep 'Location: ' ${TMP}/.alexa.header | sed 's/Location: /Referer: /')" -d "@${TMP}/.alexa.postdata" https://www.${AMAZON}/ap/signin | grep "hidden" | sed 's/hidden/\n/g' | grep "value=\"" | sed -r 's/^.*name="([^"]+)".*value="([^"]+)".*/\1=\2\&/g' > "${TMP}/.alexa.postdata2"
 
 #
-# add HOTP if using MFA
+# add OTP if using MFA
 #
 if [ ! -z "${MFA_SECRET}" ] ; then
 	OTP=$(oathtool --base32 --totp "${MFA_SECRET}")

From ca7a12deb1cf1f021aa6b8cf55df560b7f55dec9 Mon Sep 17 00:00:00 2001
From: Alex <alex@loetzimmer.de>
Date: Mon, 8 Jul 2019 21:12:09 +0200
Subject: [PATCH 3/7] Made oathtool configurable

---
 README.md                     |  7 +------
 alexa_remote_control.sh       | 18 ++++++++++++------
 alexa_remote_control_plain.sh | 12 +++++++++---
 3 files changed, 22 insertions(+), 15 deletions(-)
 mode change 100644 => 100755 alexa_remote_control.sh
 mode change 100644 => 100755 alexa_remote_control_plain.sh

diff --git a/README.md b/README.md
index 6a451ec..20882b8 100644
--- a/README.md
+++ b/README.md
@@ -13,6 +13,7 @@ ALEXA     - the URL you would use for the Alexa Web App
 CURL      - location of your cURL binary
 OPTS      - any cURL options you require
 TMP       - location of the temp dir
+OATHTOOL  - command line for oathtool MFA
 ```
 You will very likely want to set the language to:
 ```
@@ -51,9 +52,3 @@ alexa-remote-control [-d <device>|ALL] -e <pause|play|next|prev|fwd|rwd|shuffle|
 There's also a "plain" version, which lacks some functionality (-i, -p, -P, -S and no radio station names and no routines) but doesn't require 'jq' for JSON processing.
 
 http://blog.loetzimmer.de/2017/10/amazon-alexa-hort-auf-die-shell-echo.html
-
-
-
-
-
-
diff --git a/alexa_remote_control.sh b/alexa_remote_control.sh
old mode 100644
new mode 100755
index 3d2aad4..d327d04
--- a/alexa_remote_control.sh
+++ b/alexa_remote_control.sh
@@ -24,15 +24,15 @@
 # 2018-01-28: v0.8c added configurable browser string
 # 2018-02-17: v0.8d no need to write the cookie file on every "check_status"
 # 2018-02-27: v0.8e added "lastalexa" option for HA-Bridge to send its command to a specific device
-#		(Markus Wennesheimer: https://wennez.wordpress.com/light-on-with-alexa-for-each-room/)
+#               (Markus Wennesheimer: https://wennez.wordpress.com/light-on-with-alexa-for-each-room/)
 # 2018-02-27: v0.9 unsuccessful logins will now give a short info how to debug the login
 # 2018-03-09: v0.9a workaround for login problem, force curl to use http1.1
 # 2018-05-17: v0.9b update browser string and accept language
 # 2018-05-23: v0.9c update accept language (again)
 # 2018-06-12: v0.10 introducing TTS and more
 #               (thanks to Michael Geramb and his openHAB2 Amazon Echo Control binding)
-#		https://github.com/openhab/openhab2-addons/tree/master/addons/binding/org.openhab.binding.amazonechocontrol
-#		(thanks to Ralf Otto for implementing this feature in this script)
+#               https://github.com/openhab/openhab2-addons/tree/master/addons/binding/org.openhab.binding.amazonechocontrol
+#               (thanks to Ralf Otto for implementing this feature in this script)
 # 2018-06-13: v0.10a added album play of imported library
 # 2018-06-18: v0.10b added Alexa routine execution
 # 2019-01-22: v0.11 added repeat command, added environment variable parsing
@@ -56,7 +56,9 @@
 
 SET_EMAIL='amazon_account@email.address'
 SET_PASSWORD='Very_Secret_Amazon_Account_Password'
-#SET_MFA_SECRET='1234 5678 9ABC DEFG HIJK LMNO PQRS TUVW XYZ0 1234 5678 9ABC DEFG'
+SET_MFA_SECRET=''
+# something like:
+#  1234 5678 9ABC DEFG HIJK LMNO PQRS TUVW XYZ0 1234 5678 9ABC DEFG
 
 SET_LANGUAGE='de,en-US;q=0.7,en;q=0.3'
 #SET_LANGUAGE='en-US'
@@ -83,6 +85,9 @@ SET_OPTS='--compressed --http1.1'
 SET_BROWSER='Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:1.0) bash-script/1.0'
 #SET_BROWSER='Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0'
 
+# oathtool command line
+SET_OATHTOOL='oathtool --base32 --totp'
+
 # tmp path
 SET_TMP="/tmp"
 
@@ -102,6 +107,7 @@ CURL=${CURL:-$SET_CURL}
 OPTS=${OPTS:-$SET_OPTS}
 TTS_LOCALE=${TTS_LOCALE:-$SET_TTS_LOCALE}
 TMP=${TMP:-$SET_TMP}
+OATHTOOL=${OOATHTOOL:-$SET_OATHTOOL}
 
 COOKIE="${TMP}/.alexa.cookie"
 DEVLIST="${TMP}/.alexa.devicelist.json"
@@ -407,8 +413,8 @@ ${CURL} ${OPTS} -s -c ${COOKIE} -b ${COOKIE} -A "${BROWSER}" -H "Accept-Language
 #
 # add OTP if using MFA
 #
-if [ ! -z "${MFA_SECRET}" ] ; then
-	OTP=$(oathtool --base32 --totp "${MFA_SECRET}")
+if [ -n "${MFA_SECRET}" ] ; then
+	OTP=$(${OATHTOOL} "${MFA_SECRET}")
 	PASSWORD="${PASSWORD}${OTP}"
 fi
 
diff --git a/alexa_remote_control_plain.sh b/alexa_remote_control_plain.sh
old mode 100644
new mode 100755
index d7365b0..d819759
--- a/alexa_remote_control_plain.sh
+++ b/alexa_remote_control_plain.sh
@@ -15,7 +15,9 @@
 
 SET_EMAIL='amazon_account@email.address'
 SET_PASSWORD='Very_Secret_Amazon_Account_Password'
-#SET_MFA_SECRET='1234 5678 9ABC DEFG HIJK LMNO PQRS TUVW XYZ0 1234 5678 9ABC DEFG'
+SET_MFA_SECRET=''
+# something like:
+#  1234 5678 9ABC DEFG HIJK LMNO PQRS TUVW XYZ0 1234 5678 9ABC DEFG
 
 SET_LANGUAGE='de,en-US;q=0.7,en;q=0.3'
 #SET_LANGUAGE='en-US'
@@ -42,6 +44,9 @@ SET_OPTS='--compressed --http1.1'
 SET_BROWSER='Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:1.0) bash-script/1.0'
 #SET_BROWSER='Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0'
 
+# oathtool command line
+SET_OATHTOOL='oathtool --base32 --totp'
+
 # tmp path
 SET_TMP="/tmp"
 
@@ -61,6 +66,7 @@ CURL=${CURL:-$SET_CURL}
 OPTS=${OPTS:-$SET_OPTS}
 TTS_LOCALE=${TTS_LOCALE:-$SET_TTS_LOCALE}
 TMP=${TMP:-$SET_TMP}
+OATHTOOL=${OOATHTOOL:-$SET_OATHTOOL}
 
 COOKIE="${TMP}/.alexa.cookie"
 DEVLIST="${TMP}/.alexa.devicelist.json"
@@ -347,8 +353,8 @@ ${CURL} ${OPTS} -s -c ${COOKIE} -b ${COOKIE} -A "${BROWSER}" -H "Accept-Language
 #
 # add OTP if using MFA
 #
-if [ ! -z "${MFA_SECRET}" ] ; then
-	OTP=$(oathtool --base32 --totp "${MFA_SECRET}")
+if [ -n "${MFA_SECRET}" ] ; then
+	OTP=$(${OATHTOOL} "${MFA_SECRET}")
 	PASSWORD="${PASSWORD}${OTP}"
 fi
 

From 752cd51e8e32c0d65a5fd552de2329c217f12aaf Mon Sep 17 00:00:00 2001
From: Alex <alex@loetzimmer.de>
Date: Mon, 8 Jul 2019 22:41:22 +0200
Subject: [PATCH 4/7] cleaned up oathtool config

---
 alexa_remote_control.sh       | 6 +++---
 alexa_remote_control_plain.sh | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/alexa_remote_control.sh b/alexa_remote_control.sh
index d327d04..c6d25e2 100755
--- a/alexa_remote_control.sh
+++ b/alexa_remote_control.sh
@@ -85,8 +85,8 @@ SET_OPTS='--compressed --http1.1'
 SET_BROWSER='Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:1.0) bash-script/1.0'
 #SET_BROWSER='Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0'
 
-# oathtool command line
-SET_OATHTOOL='oathtool --base32 --totp'
+# oathtool command line tool
+SET_OATHTOOL='/usr/bin/oathtool'
 
 # tmp path
 SET_TMP="/tmp"
@@ -414,7 +414,7 @@ ${CURL} ${OPTS} -s -c ${COOKIE} -b ${COOKIE} -A "${BROWSER}" -H "Accept-Language
 # add OTP if using MFA
 #
 if [ -n "${MFA_SECRET}" ] ; then
-	OTP=$(${OATHTOOL} "${MFA_SECRET}")
+	OTP=$(${OATHTOOL} -b --totp "${MFA_SECRET}")
 	PASSWORD="${PASSWORD}${OTP}"
 fi
 
diff --git a/alexa_remote_control_plain.sh b/alexa_remote_control_plain.sh
index d819759..8d5e397 100755
--- a/alexa_remote_control_plain.sh
+++ b/alexa_remote_control_plain.sh
@@ -44,8 +44,8 @@ SET_OPTS='--compressed --http1.1'
 SET_BROWSER='Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:1.0) bash-script/1.0'
 #SET_BROWSER='Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0'
 
-# oathtool command line
-SET_OATHTOOL='oathtool --base32 --totp'
+# oathtool command line tool
+SET_OATHTOOL='/usr/bin/oathtool'
 
 # tmp path
 SET_TMP="/tmp"
@@ -354,7 +354,7 @@ ${CURL} ${OPTS} -s -c ${COOKIE} -b ${COOKIE} -A "${BROWSER}" -H "Accept-Language
 # add OTP if using MFA
 #
 if [ -n "${MFA_SECRET}" ] ; then
-	OTP=$(${OATHTOOL} "${MFA_SECRET}")
+	OTP=$(${OATHTOOL} -b --totp "${MFA_SECRET}")
 	PASSWORD="${PASSWORD}${OTP}"
 fi
 

From 7a7836e9b54ebd37fea281fcdf2d72096c215453 Mon Sep 17 00:00:00 2001
From: Alex <alexander.noack@web.de>
Date: Mon, 8 Jul 2019 23:25:41 +0200
Subject: [PATCH 5/7] Explained MFA

---
 README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/README.md b/README.md
index 20882b8..8fbc2b6 100644
--- a/README.md
+++ b/README.md
@@ -51,4 +51,10 @@ alexa-remote-control [-d <device>|ALL] -e <pause|play|next|prev|fwd|rwd|shuffle|
  
 There's also a "plain" version, which lacks some functionality (-i, -p, -P, -S and no radio station names and no routines) but doesn't require 'jq' for JSON processing.
 
+In order to use MFA, one needs to obtain the MFA_SECRET from your Amazon account:
+1. You should have MFA using an App already working before proceeding
+1. Add a new app
+1. When presented with the QR-code select "can't scan code"
+1. You will be presented with the MFA shaed secret, something like `1234 5678 9ABC DEFG HIJK LMNO PQRS TUVW XYZ0 1234 5678 9ABC DEFG`
+
 http://blog.loetzimmer.de/2017/10/amazon-alexa-hort-auf-die-shell-echo.html

From cec4811d38d5e3628a50fee158d7622c9f79ce7d Mon Sep 17 00:00:00 2001
From: Alex <alexander.noack@web.de>
Date: Mon, 8 Jul 2019 23:33:52 +0200
Subject: [PATCH 6/7] Explained MFA

---
 README.md | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 8fbc2b6..f3fba5c 100644
--- a/README.md
+++ b/README.md
@@ -51,10 +51,15 @@ alexa-remote-control [-d <device>|ALL] -e <pause|play|next|prev|fwd|rwd|shuffle|
  
 There's also a "plain" version, which lacks some functionality (-i, -p, -P, -S and no radio station names and no routines) but doesn't require 'jq' for JSON processing.
 
-In order to use MFA, one needs to obtain the MFA_SECRET from your Amazon account:
+In order to use MFA, one needs to obtain the MFA_SECRET from Amazon account:
 1. You should have MFA using an App already working before proceeding
 1. Add a new app
 1. When presented with the QR-code select "can't scan code"
-1. You will be presented with the MFA shaed secret, something like `1234 5678 9ABC DEFG HIJK LMNO PQRS TUVW XYZ0 1234 5678 9ABC DEFG`
+1. You will be presented with the MFA shared secret, something like `1234 5678 9ABC DEFG HIJK LMNO PQRS TUVW XYZ0 1234 5678 9ABC DEFG`
+1. Now you have to generate a valid response code via `oathtool -b --totp "<MFA shared secret from above>"` and enter that in the web form
+1. Going from here the MFA shared secret becomes the MFA_SECRET for the alexa_remote_control script
+*Treat that MFA_SCECRET just like your password - DO NOT share it anywhere!!!*
+
+It is assumed that MFA secured accounts are less likely to get a captcha response during login - that's why MFA might yield better results if the plain username/password didn't work for you.
 
 http://blog.loetzimmer.de/2017/10/amazon-alexa-hort-auf-die-shell-echo.html

From dbc2c1e7a865e029f0cc7c394410872059db6581 Mon Sep 17 00:00:00 2001
From: Alex <alex@loetzimmer.de>
Date: Mon, 8 Jul 2019 23:39:09 +0200
Subject: [PATCH 7/7] Fixed spelling

---
 alexa_remote_control.sh       | 2 +-
 alexa_remote_control_plain.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/alexa_remote_control.sh b/alexa_remote_control.sh
index c6d25e2..bb95bcc 100755
--- a/alexa_remote_control.sh
+++ b/alexa_remote_control.sh
@@ -107,7 +107,7 @@ CURL=${CURL:-$SET_CURL}
 OPTS=${OPTS:-$SET_OPTS}
 TTS_LOCALE=${TTS_LOCALE:-$SET_TTS_LOCALE}
 TMP=${TMP:-$SET_TMP}
-OATHTOOL=${OOATHTOOL:-$SET_OATHTOOL}
+OATHTOOL=${OATHTOOL:-$SET_OATHTOOL}
 
 COOKIE="${TMP}/.alexa.cookie"
 DEVLIST="${TMP}/.alexa.devicelist.json"
diff --git a/alexa_remote_control_plain.sh b/alexa_remote_control_plain.sh
index 8d5e397..b9df03c 100755
--- a/alexa_remote_control_plain.sh
+++ b/alexa_remote_control_plain.sh
@@ -66,7 +66,7 @@ CURL=${CURL:-$SET_CURL}
 OPTS=${OPTS:-$SET_OPTS}
 TTS_LOCALE=${TTS_LOCALE:-$SET_TTS_LOCALE}
 TMP=${TMP:-$SET_TMP}
-OATHTOOL=${OOATHTOOL:-$SET_OATHTOOL}
+OATHTOOL=${OATHTOOL:-$SET_OATHTOOL}
 
 COOKIE="${TMP}/.alexa.cookie"
 DEVLIST="${TMP}/.alexa.devicelist.json"