fix: add CM3000 form login fallback

Author: itsDNNS

app/drivers/cm3000.py

@@ -16,6 +16,7 @@
 
 import logging
 import re
+from urllib.parse import urljoin
 
 import requests
 
@@ -41,6 +42,12 @@
 )
 _RE_TITLE = re.compile(r"<title[^>]*>(.*?)</title>", re.IGNORECASE | re.DOTALL)
 _RE_FORM_ACTION = re.compile(r"<form[^>]+action=['\"]([^'\"]+)['\"]", re.IGNORECASE)
+_RE_FORM_BLOCK = re.compile(
+    r"<form[^>]*action=['\"](?P<action>[^'\"]+)['\"][^>]*>(?P<body>.*?)</form>",
+    re.IGNORECASE | re.DOTALL,
+)
+_RE_INPUT = re.compile(r"<input\b(?P<attrs>[^>]*)>", re.IGNORECASE | re.DOTALL)
+_RE_ATTR = re.compile(r"(?P<name>[A-Za-z_:][-A-Za-z0-9_:.]*)\s*=\s*['\"](?P<value>[^'\"]*)['\"]")
 
 # Fields per channel for each section (after the leading count value).
 _DS_QAM_FIELDS = 9   # num|lock|mod|chID|freq|power|snr|corrErr|uncorrErr
@@ -73,7 +80,18 @@ def login(self) -> None:
             try:
                 r = self._session.get(f"{self._url}{_STATUS_PATH}", timeout=30)
                 r.raise_for_status()
-                self._ensure_status_page(r.text)
+                try:
+                    self._ensure_status_page(r.text)
+                except RuntimeError:
+                    if not self._looks_like_login_page(r.text):
+                        self._log_status_page_diagnostics(r.text, "login")
+                        raise
+                    if not self._login_via_form():
+                        self._log_status_page_diagnostics(r.text, "login")
+                        raise
+                    r = self._session.get(f"{self._url}{_STATUS_PATH}", timeout=30)
+                    r.raise_for_status()
+                    self._ensure_status_page(r.text)
                 self._status_html = r.text
                 log.info("CM3000 auth OK")
                 return
@@ -178,6 +196,71 @@ def _fetch_status_page(self) -> str:
             raise
         return r.text
 
+    def _login_via_form(self) -> bool:
+        """Try the newer Netgear web login flow used before DocsisStatus access."""
+        login_url = urljoin(f"{self._url}/", "Login.htm")
+        try:
+            r = self._session.get(login_url, timeout=30)
+            r.raise_for_status()
+            action, payload = self._extract_login_form(r.text)
+            if not action:
+                action = "/goform/Login"
+            payload = payload or {}
+            self._apply_login_credentials(payload)
+            if not any(v for k, v in payload.items() if "pass" in k.lower()):
+                payload["loginPassword"] = self._password
+            if not any(v for k, v in payload.items() if "user" in k.lower() or "name" in k.lower()):
+                payload["loginName"] = self._user
+            post_url = urljoin(f"{self._url}/", action.lstrip("/"))
+            r = self._session.post(post_url, data=payload, timeout=30)
+            r.raise_for_status()
+            return True
+        except requests.RequestException as exc:
+            log.debug("CM3000 form login failed: %s", exc)
+            return False
+
+    def _apply_login_credentials(self, payload: dict) -> None:
+        """Populate parsed login form fields with configured credentials."""
+        lowered = {k.lower(): k for k in payload}
+        user_keys = [k for k in payload if any(token in k.lower() for token in ("loginname", "username", "user", "name"))]
+        pass_keys = [k for k in payload if "pass" in k.lower()]
+        for key in user_keys:
+            payload[key] = self._user
+        for key in pass_keys:
+            payload[key] = self._password
+        if not user_keys and "loginname" not in lowered:
+            payload["loginName"] = self._user
+        if not pass_keys and "loginpassword" not in lowered:
+            payload["loginPassword"] = self._password
+
+    @staticmethod
+    def _extract_login_form(html: str) -> tuple[str | None, dict]:
+        """Extract login form action and input values from Login.htm."""
+        match = _RE_FORM_BLOCK.search(html or "")
+        if not match:
+            return None, {}
+        action = match.group("action").strip()
+        body = match.group("body")
+        payload = {}
+        for input_match in _RE_INPUT.finditer(body):
+            attrs = {
+                attr_match.group("name").lower(): attr_match.group("value")
+                for attr_match in _RE_ATTR.finditer(input_match.group("attrs"))
+            }
+            name = attrs.get("name")
+            if not name:
+                continue
+            input_type = attrs.get("type", "").lower()
+            if input_type in {"submit", "button", "image"}:
+                continue
+            payload[name] = attrs.get("value", "")
+        return action, payload
+
+    @staticmethod
+    def _looks_like_login_page(html: str) -> bool:
+        lower_html = (html or "").lower()
+        return any(marker in lower_html for marker in _LOGIN_MARKERS)
+
     @staticmethod
     def _ensure_status_page(html: str) -> None:
         """Reject login/placeholder pages that would otherwise parse as zero channels."""

tests/test_cm3000_driver.py

@@ -288,6 +288,53 @@ def test_login_accepts_status_page_even_with_login_markers(self, driver):
             driver.login()
             assert driver._status_html == mock_response.text
 
+    def test_login_falls_back_to_form_login(self, driver):
+        login_wrapper = MagicMock()
+        login_wrapper.raise_for_status = MagicMock()
+        login_wrapper.text = """
+            <html><body>
+            <script>
+            if (sessionStorage.getItem('PrivateKey') === null) {
+                window.location.replace('../Login.htm');
+            }
+            </script>
+            </body></html>
+        """
+        login_page = MagicMock()
+        login_page.raise_for_status = MagicMock()
+        login_page.text = """
+            <html><body>
+              <form action="/goform/Login" method="post">
+                <input type="hidden" name="foo" value="bar">
+                <input type="text" name="loginName" value="">
+                <input type="password" name="loginPassword" value="">
+              </form>
+            </body></html>
+        """
+        status_page = MagicMock()
+        status_page.raise_for_status = MagicMock()
+        status_page.text = STATUS_HTML
+        login_submit = MagicMock()
+        login_submit.raise_for_status = MagicMock()
+
+        with (
+            patch.object(
+                driver._session,
+                "get",
+                side_effect=[login_wrapper, login_page, status_page],
+            ) as mock_get,
+            patch.object(driver._session, "post", return_value=login_submit) as mock_post,
+        ):
+            driver.login()
+
+        assert driver._status_html == STATUS_HTML
+        assert mock_get.call_count == 3
+        mock_post.assert_called_once_with(
+            "http://192.168.100.1/goform/Login",
+            data={"foo": "bar", "loginName": "admin", "loginPassword": "password"},
+            timeout=30,
+        )
+
     def test_login_accepts_double_quoted_status_page_with_login_markers(self, driver):
         mock_response = MagicMock()
         mock_response.raise_for_status = MagicMock()