[youtube] Fix TFA (#12927)

This commit is contained in:
Sergey M․ 2017-05-07 04:19:11 +07:00
parent e4a75d7932
commit 3995d37da5
No known key found for this signature in database
GPG Key ID: 2C393E0F18A9236D
1 changed files with 110 additions and 41 deletions

View File

@ -37,7 +37,7 @@ from ..utils import (
parse_codecs, parse_codecs,
parse_duration, parse_duration,
remove_quotes, remove_quotes,
# remove_start, remove_start,
smuggle_url, smuggle_url,
str_to_int, str_to_int,
try_get, try_get,
@ -55,13 +55,8 @@ class YoutubeBaseInfoExtractor(InfoExtractor):
_TWOFACTOR_URL = 'https://accounts.google.com/signin/challenge' _TWOFACTOR_URL = 'https://accounts.google.com/signin/challenge'
_LOOKUP_URL = 'https://accounts.google.com/_/signin/sl/lookup' _LOOKUP_URL = 'https://accounts.google.com/_/signin/sl/lookup'
_LOOKUP_REQ_TEMPLATE = '["{0}",null,[],null,"US",null,null,2,false,true,[null,null,[2,1,null,1,"https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Fnext%3D%252F%26action_handle_signin%3Dtrue%26hl%3Den%26app%3Ddesktop%26feature%3Dsign_in_button&hl=en&service=youtube&uilel=3&requestPath=%2FServiceLogin&Page=PasswordSeparationSignIn",null,[],4],1,[null,null,[]],null,null,null,true],"{0}"]' _CHALLENGE_URL = 'https://accounts.google.com/_/signin/sl/challenge'
_TFA_URL = 'https://accounts.google.com/_/signin/challenge?hl=en&TL={0}'
_PASSWORD_CHALLENGE_URL = 'https://accounts.google.com/_/signin/sl/challenge'
_PASSWORD_CHALLENGE_REQ_TEMPLATE = '["{0}",null,1,null,[1,null,null,null,["{1}",null,true]],[null,null,[2,1,null,1,"https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Fnext%3D%252F%26action_handle_signin%3Dtrue%26hl%3Den%26app%3Ddesktop%26feature%3Dsign_in_button&hl=en&service=youtube&uilel=3&requestPath=%2FServiceLogin&Page=PasswordSeparationSignIn",null,[],4],1,[null,null,[]],null,null,null,true]]'
_TFA_URL = 'https://accounts.google.com/_/signin/challenge'
_TFA_REQ_TEMPLATE = '["{0}",null,2,null,[9,null,null,null,null,null,null,null,[null,"{1}",false,2]]]'
_NETRC_MACHINE = 'youtube' _NETRC_MACHINE = 'youtube'
# If True it will raise an error if no login info is provided # If True it will raise an error if no login info is provided
@ -112,7 +107,7 @@ class YoutubeBaseInfoExtractor(InfoExtractor):
'checkedDomains': 'youtube', 'checkedDomains': 'youtube',
'hl': 'en', 'hl': 'en',
'deviceinfo': '[null,null,null,[],null,"US",null,null,[],"GlifWebSignIn",null,[null,null,[]]]', 'deviceinfo': '[null,null,null,[],null,"US",null,null,[],"GlifWebSignIn",null,[null,null,[]]]',
'f.req': f_req, 'f.req': json.dumps(f_req),
'flowName': 'GlifWebSignIn', 'flowName': 'GlifWebSignIn',
'flowEntry': 'ServiceLogin', 'flowEntry': 'ServiceLogin',
}) })
@ -125,53 +120,127 @@ class YoutubeBaseInfoExtractor(InfoExtractor):
'Google-Accounts-XSRF': 1, 'Google-Accounts-XSRF': 1,
}) })
def warn(message):
self._downloader.report_warning(message)
lookup_req = [
username,
None, [], None, 'US', None, None, 2, False, True,
[
None, None,
[2, 1, None, 1,
'https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Fnext%3D%252F%26action_handle_signin%3Dtrue%26hl%3Den%26app%3Ddesktop%26feature%3Dsign_in_button&hl=en&service=youtube&uilel=3&requestPath=%2FServiceLogin&Page=PasswordSeparationSignIn',
None, [], 4],
1, [None, None, []], None, None, None, True
],
username,
]
lookup_results = req( lookup_results = req(
self._LOOKUP_URL, self._LOOKUP_REQ_TEMPLATE.format(username), self._LOOKUP_URL, lookup_req,
'Looking up account info', 'Unable to look up account info') 'Looking up account info', 'Unable to look up account info')
if lookup_results is False: if lookup_results is False:
return False return False
user_hash = lookup_results[0][2] user_hash = try_get(lookup_results, lambda x: x[0][2], compat_str)
if not user_hash:
warn('Unable to extract user hash')
return False
password_challenge_results = req( challenge_req = [
self._PASSWORD_CHALLENGE_URL, user_hash,
self._PASSWORD_CHALLENGE_REQ_TEMPLATE.format(user_hash, password), None, 1, None, [1, None, None, None, [password, None, True]],
'Logging in', 'Unable to log in')[0] [
None, None, [2, 1, None, 1, 'https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Fnext%3D%252F%26action_handle_signin%3Dtrue%26hl%3Den%26app%3Ddesktop%26feature%3Dsign_in_button&hl=en&service=youtube&uilel=3&requestPath=%2FServiceLogin&Page=PasswordSeparationSignIn', None, [], 4],
1, [None, None, []], None, None, None, True
]]
if password_challenge_results is False: challenge_results = req(
self._CHALLENGE_URL, challenge_req,
'Logging in', 'Unable to log in')
if challenge_results is False:
return return
msg = password_challenge_results[5] login_res = try_get(challenge_results, lambda x: x[0][5], list)
if msg is not None and isinstance(msg, list): if login_res:
raise ExtractorError('Unable to login: %s' % msg[5], expected=True) login_msg = try_get(login_res, lambda x: x[5], compat_str)
warn(
'Unable to login: %s' % 'Invalid password'
if login_msg == 'INCORRECT_ANSWER_ENTERED' else login_msg)
return False
password_challenge_results = password_challenge_results[-1] res = try_get(challenge_results, lambda x: x[0][-1], list)
if not res:
warn('Unable to extract result entry')
return False
# tfa = password_challenge_results[0] tfa = try_get(res, lambda x: x[0][0], list)
# if isinstance(tfa, list) and tfa[0][2] == 'TWO_STEP_VERIFICATION': if tfa:
# tfa_code = self._get_tfa_info('2-step verification code') tfa_str = try_get(tfa, lambda x: x[2], compat_str)
# if tfa_str == 'TWO_STEP_VERIFICATION':
# if not tfa_code: # SEND_SUCCESS - TFA code has been successfully sent to phone
# self._downloader.report_warning( # QUOTA_EXCEEDED - reached the limit of TFA codes
# 'Two-factor authentication required. Provide it either interactively or with --twofactor <code>' status = try_get(tfa, lambda x: x[5], compat_str)
# '(Note that only TOTP (Google Authenticator App) codes work at this time.)') if status == 'QUOTA_EXCEEDED':
# return False warn('Exceeded the limit of TFA codes, try later')
# return False
# tfa_code = remove_start(tfa_code, 'G-')
# print('tfa', tfa_code) tl = try_get(challenge_results, lambda x: x[1][2], compat_str)
# tfa_results = req( if not tl:
# self._TFA_URL, warn('Unable to extract TL')
# self._TFA_REQ_TEMPLATE.format(user_hash, tfa_code), return False
# 'Submitting TFA code', 'Unable to submit TFA code')
# tfa_code = self._get_tfa_info('2-step verification code')
# TODO
if not tfa_code:
warn(
'Two-factor authentication required. Provide it either interactively or with --twofactor <code>'
'(Note that only TOTP (Google Authenticator App) codes work at this time.)')
return False
tfa_code = remove_start(tfa_code, 'G-')
tfa_req = [
user_hash, None, 2, None,
[
9, None, None, None, None, None, None, None,
[None, tfa_code, True, 2]
]]
tfa_results = req(
self._TFA_URL.format(tl), tfa_req,
'Submitting TFA code', 'Unable to submit TFA code')
if tfa_results is False:
return False
tfa_res = try_get(tfa_results, lambda x: x[0][5], list)
if tfa_res:
tfa_msg = try_get(tfa_res, lambda x: x[5], compat_str)
warn(
'Unable to finish TFA: %s' % 'Invalid TFA code'
if tfa_msg == 'INCORRECT_ANSWER_ENTERED' else tfa_msg)
return False
check_cookie_url = try_get(
tfa_results, lambda x: x[0][-1][2], compat_str)
else:
check_cookie_url = try_get(res, lambda x: x[2], compat_str)
if not check_cookie_url:
warn('Unable to extract CheckCookie URL')
return False
check_cookie_results = self._download_webpage( check_cookie_results = self._download_webpage(
password_challenge_results[2], None, 'Checking cookie') check_cookie_url, None, 'Checking cookie', fatal=False)
if '>Sign out<' not in check_cookie_results: if check_cookie_results is False:
self._downloader.report_warning('Unable to log in') return False
if 'https://myaccount.google.com/' not in check_cookie_results:
warn('Unable to log in')
return False return False
return True return True