Add support for image captcha in Google login

2019-10-27 00:19:05 -04:00 · 2019-10-27 00:19:05 -04:00 · 0cf187dee7
commit 0cf187dee7
parent bdeb325bad
3 changed files with 42 additions and 14 deletions
--- a/src/invidious.cr
+++ b/src/invidious.cr
@ -1390,8 +1390,7 @@ get "/login" do |env|
  captcha_type ||= "image"

  tfa = env.params.query["tfa"]?
-  tfa ||= false
-  prompt = ""
+  prompt = nil

  templated "login"
 end
@ -1444,7 +1443,7 @@ post "/login" do |env|

      headers["Content-Type"] = "application/x-www-form-urlencoded;charset=utf-8"
      headers["Google-Accounts-XSRF"] = "1"
-      headers["User-Agent"] = "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.75 Safari/537.36"
+      headers["User-Agent"] = random_user_agent

      response = client.post("/_/signin/sl/lookup", headers, login_req(lookup_req))
      lookup_results = JSON.parse(response.body[5..-1])
@ -1453,10 +1452,17 @@ post "/login" do |env|

      user_hash = lookup_results[0][2]

+      if token = env.params.body["token"]?
+        answer = env.params.body["answer"]?
+        captcha = {token, answer}
+      else
+        captcha = nil
+      end
+
      challenge_req = {
        user_hash, nil, 1, nil,
        {1, nil, nil, nil,
-         {password, nil, true},
+         {password, captcha, true},
        },
        {nil, nil,
         {2, 1, nil, 1,
@ -1484,11 +1490,14 @@ post "/login" do |env|
        next templated "error"
      end

-      # TODO: Handle Google's CAPTCHA
-      if captcha = challenge_results[0][-1]?.try &.[-1]?.try &.as_h?.try &.["5001"]?.try &.[-1].as_a?
-        error_message = "Unhandled CAPTCHA. Please try again later."
-        env.response.status_code = 401
-        next templated "error"
+      if token = challenge_results[0][-1]?.try &.[-1]?.try &.as_h?.try &.["5001"]?.try &.[-1].as_a?.try &.[-1].as_s
+        account_type = "google"
+        captcha_type = "image"
+        prompt = nil
+        tfa = tfa_code
+        captcha = {tokens: [token], question: ""}
+
+        next templated "login"
      end

      if challenge_results[0][-1]?.try &.[5] == "INCORRECT_ANSWER_ENTERED"
@ -1547,7 +1556,7 @@ post "/login" do |env|
            prompt = "Google verification code"
          end

-          tfa = true
+          tfa = nil
          captcha = nil
          next templated "login"
        end
@ -5770,6 +5779,13 @@ get "/vi/:id/:name" do |env|
  end
 end

+get "/Captcha" do |env|
+  client = make_client(LOGIN_URL)
+  response = client.get(env.request.resource)
+  env.response.headers["Content-Type"] = response.headers["Content-Type"]
+  response.body
+end
+
 # Undocumented, creates anonymous playlist with specified 'video_ids', max 50 videos
 get "/watch_videos" do |env|
  response = YT_POOL.client &.get(env.request.resource)
--- a/src/invidious/helpers/handlers.cr
+++ b/src/invidious/helpers/handlers.cr
@ -226,7 +226,7 @@ end

 class HTTP::Client
  private def handle_response(response)
-    if @socket.is_a?(OpenSSL::SSL::Socket::Client) && @host.ends_with? "googlevideo.com"
+    if @socket.is_a?(OpenSSL::SSL::Socket::Client) && @host.ends_with?("googlevideo.com")
      close unless response.keep_alive? || @socket.as(OpenSSL::SSL::Socket::Client).@in_buffer_rem.empty?

      if @socket.as(OpenSSL::SSL::Socket::Client).@in_buffer_rem.empty?
--- a/src/invidious/views/login.ecr
+++ b/src/invidious/views/login.ecr
@ -21,7 +21,8 @@

            <hr>

-            <% if account_type == "invidious" %>
+            <% case account_type when %>
+            <% when "invidious" %>
                <form class="pure-form pure-form-stacked" action="/login?referer=<%= URI.encode_www_form(referer) %>&type=invidious" method="post">
                    <fieldset>
                        <% if email %>
@ -84,7 +85,7 @@
                        <% end %>
                    </fieldset>
                </form>
-            <% elsif account_type == "google" %>
+            <% when "google" %>
                <form class="pure-form pure-form-stacked" action="/login?referer=<%= URI.encode_www_form(referer) %>&type=google" method="post">
                    <fieldset>
                        <% if email %>
@ -101,11 +102,22 @@
                            <input required class="pure-input-1" name="password" type="password" placeholder="<%= translate(locale, "Password") %>">
                        <% end %>

-                        <% if tfa %>
+                        <% if prompt %>
                            <label for="tfa"><%= translate(locale, prompt) %> :</label>
                            <input required class="pure-input-1" name="tfa" type="text" placeholder="<%= translate(locale, prompt) %>">
                        <% end %>

+                        <% if tfa %>
+                            <input type="hidden" name="tfa" value="<%= tfa %>">
+                        <% end %>
+
+                        <% if captcha %>
+                            <img style="width:50%" src="/Captcha?v=2&ctoken=<%= captcha[:tokens][0] %>"/>
+                            <input type="hidden" name="token" value="<%= captcha[:tokens][0] %>">
+                            <label for="answer"><%= translate(locale, "Answer") %> :</label>
+                            <input type="text" name="answer" type="text" placeholder="<%= translate(locale, "Answer") %>">
+                        <% end %>
+
                        <button type="submit" class="pure-button pure-button-primary"><%= translate(locale, "Sign In") %></button>
                    </fieldset>
                </form>