From 1a7b341745d2d2fd08bde1ee5ffe58a5827b187a Mon Sep 17 00:00:00 2001 From: Omar Roth Date: Fri, 12 Jul 2019 12:04:39 -0500 Subject: [PATCH] Update Google login --- src/invidious.cr | 22 ++++++++++++---------- src/invidious/helpers/helpers.cr | 29 ++++++++++++++--------------- 2 files changed, 26 insertions(+), 25 deletions(-) diff --git a/src/invidious.cr b/src/invidious.cr index 8d5ed886..6b9c985a 100644 --- a/src/invidious.cr +++ b/src/invidious.cr @@ -922,20 +922,18 @@ post "/login" do |env| begin client = make_client(LOGIN_URL) headers = HTTP::Headers.new - headers["Content-Type"] = "application/x-www-form-urlencoded;charset=utf-8" - headers["Google-Accounts-XSRF"] = "1" - headers["User-Agent"] = "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.80 Safari/537.36" - headers["X-Same-Domain"] = "1" - login_page = client.get("/ServiceLogin?flowName=GlifWebSignIn&flowEntry=ServiceLogin&cid=1&navigationDirection=forward") + login_page = client.get("/ServiceLogin") headers = login_page.cookies.add_request_headers(headers) lookup_req = { email, nil, [] of String, nil, "US", nil, nil, 2, false, true, {nil, nil, - {2, 1, nil, 1, "https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Fnext%3D%252F%26action_handle_signin%3Dtrue%26hl%3Den%26app%3Ddesktop%26feature%3Dsign_in_button&hl=en&service=youtube&uilel=3&requestPath=%2FServiceLogin&Page=PasswordSeparationSignIn", nil, [] of String, 4, [] of String, "GlifWebSignIn"}, + {2, 1, nil, 1, + "https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Fnext%3D%252F%26action_handle_signin%3Dtrue%26hl%3Den%26app%3Ddesktop%26feature%3Dsign_in_button&hl=en&service=youtube&uilel=3&requestPath=%2FServiceLogin&Page=PasswordSeparationSignIn", + nil, [] of String, 4}, 1, - {nil, nil, [] of String, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, [] of String, nil, nil, nil, [] of String, [] of String}, + {nil, nil, [] of String}, nil, nil, nil, true, }, email, @@ -943,8 +941,10 @@ post "/login" do |env| traceback << "Getting lookup..." + headers["Content-Type"] = "application/x-www-form-urlencoded;charset=utf-8" + headers["Google-Accounts-XSRF"] = "1" + response = client.post("/_/signin/sl/lookup", headers, login_req(lookup_req)) - headers = response.cookies.add_request_headers(headers) lookup_results = JSON.parse(response.body[5..-1]) traceback << "done, returned #{response.status_code}.
" @@ -957,9 +957,11 @@ post "/login" do |env| {password, nil, true}, }, {nil, nil, - {2, 1, nil, 1, "https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Fnext%3D%252F%26action_handle_signin%3Dtrue%26hl%3Den%26app%3Ddesktop%26feature%3Dsign_in_button&hl=en&service=youtube&uilel=3&requestPath=%2FServiceLogin&Page=PasswordSeparationSignIn", nil, [] of String, 4, [] of String, "GlifWebSignIn"}, + {2, 1, nil, 1, + "https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Fnext%3D%252F%26action_handle_signin%3Dtrue%26hl%3Den%26app%3Ddesktop%26feature%3Dsign_in_button&hl=en&service=youtube&uilel=3&requestPath=%2FServiceLogin&Page=PasswordSeparationSignIn", + nil, [] of String, 4}, 1, - {nil, nil, [] of String, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, nil, [] of String, nil, nil, nil, [] of String, [] of String}, + {nil, nil, [] of String}, nil, nil, nil, true, }, }.to_json diff --git a/src/invidious/helpers/helpers.cr b/src/invidious/helpers/helpers.cr index 7f7725c1..ace2a6f7 100644 --- a/src/invidious/helpers/helpers.cr +++ b/src/invidious/helpers/helpers.cr @@ -176,25 +176,24 @@ end def login_req(f_req) data = { - # "azt" => "", - # "bgHash" => "", - # Unfortunately there's not much information available on `bgRequest`; part of Google's BotGuard - # Generally this is much longer (>1250 characters), similar to Amazon's `metaData1` - # (see https://github.com/omarroth/audible.cr/blob/master/src/audible/crypto.cr#L43). + # Generally this is much longer (>1250 characters), see also + # https://github.com/ytdl-org/youtube-dl/commit/baf67a604d912722b0fe03a40e9dc5349a2208cb . # For now this can be empty. - "bgRequest" => %|["identifier","!AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"]|, + "bgRequest" => %|["identifier",""]|, + "pstMsg" => "1", + "checkConnection" => "youtube", + "checkedDomains" => "youtube", + "hl" => "en", + "deviceinfo" => %|[null,null,null,[],null,"US",null,null,[],"GlifWebSignIn",null,[null,null,[]]]|, + "f.req" => f_req, "flowName" => "GlifWebSignIn", "flowEntry" => "ServiceLogin", - "continue" => "https://accounts.google.com/ManageAccount", - "f.req" => f_req, - "cookiesDisabled" => "false", - "deviceinfo" => %([null,null,null,[],null,"US",null,null,[],"GlifWebSignIn",null,[null,null,[],null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,[],null,null,null,[],[]]]), - "gmscoreversion" => "undefined", - "checkConnection" => "youtube:303:1", - "checkedDomains" => "youtube", - "pstMsg" => "1", - + # "cookiesDisabled" => "false", + # "gmscoreversion" => "undefined", + # "continue" => "https://accounts.google.com/ManageAccount", + # "azt" => "", + # "bgHash" => "", } return HTTP::Params.encode(data)