From 888299e6ca65009e8ae2809c384ba1ba6b5ae701 Mon Sep 17 00:00:00 2001 From: Sam Date: Tue, 3 Aug 2021 20:41:26 +0200 Subject: [PATCH] [VrtNU] Fix XSRF token (#588) PR: https://github.com/ytdl-org/youtube-dl/pull/29614 Authored-by: pgaig --- yt_dlp/extractor/canvas.py | 51 ++++++++++++++++++++------------------ 1 file changed, 27 insertions(+), 24 deletions(-) diff --git a/yt_dlp/extractor/canvas.py b/yt_dlp/extractor/canvas.py index 575f3d25c..4688187d9 100644 --- a/yt_dlp/extractor/canvas.py +++ b/yt_dlp/extractor/canvas.py @@ -1,7 +1,6 @@ from __future__ import unicode_literals import re -import json from .common import InfoExtractor from .gigya import GigyaBaseIE @@ -17,6 +16,7 @@ str_or_none, strip_or_none, url_or_none, + urlencode_postdata ) @@ -265,7 +265,7 @@ class VrtNUIE(GigyaBaseIE): 'expected_warnings': ['Unable to download asset JSON', 'is not a supported codec', 'Unknown MIME type'], }] _NETRC_MACHINE = 'vrtnu' - _APIKEY = '3_0Z2HujMtiWq_pkAjgnS2Md2E11a1AwZjYiBETtwNE-EoEHDINgtnvcAOpNgmrVGy' + _APIKEY = '3_qhEcPa5JGFROVwu5SWKqJ4mVOIkwlFNMSKwzPDAh8QZOtHqu6L4nD5Q7lk0eXOOG' _CONTEXT_ID = 'R3595707040' def _real_initialize(self): @@ -276,35 +276,38 @@ def _login(self): if username is None: return - auth_data = { - 'APIKey': self._APIKEY, - 'targetEnv': 'jssdk', - 'loginID': username, - 'password': password, - 'authMode': 'cookie', - } - - auth_info = self._gigya_login(auth_data) + auth_info = self._download_json( + 'https://accounts.vrt.be/accounts.login', None, + note='Login data', errnote='Could not get Login data', + headers={}, data=urlencode_postdata({ + 'loginID': username, + 'password': password, + 'sessionExpiration': '-2', + 'APIKey': self._APIKEY, + 'targetEnv': 'jssdk', + })) # Sometimes authentication fails for no good reason, retry login_attempt = 1 while login_attempt <= 3: try: - # When requesting a token, no actual token is returned, but the - # necessary cookies are set. + self._request_webpage('https://token.vrt.be/vrtnuinitlogin', + None, note='Requesting XSRF Token', errnote='Could not get XSRF Token', + query={'provider': 'site', 'destination': 'https://www.vrt.be/vrtnu/'}) + + post_data = { + 'UID': auth_info['UID'], + 'UIDSignature': auth_info['UIDSignature'], + 'signatureTimestamp': auth_info['signatureTimestamp'], + 'client_id': 'vrtnu-site', + '_csrf': self._get_cookies('https://login.vrt.be').get('OIDCXSRF').value, + } + self._request_webpage( - 'https://token.vrt.be', + 'https://login.vrt.be/perform_login', None, note='Requesting a token', errnote='Could not get a token', - headers={ - 'Content-Type': 'application/json', - 'Referer': 'https://www.vrt.be/vrtnu/', - }, - data=json.dumps({ - 'uid': auth_info['UID'], - 'uidsig': auth_info['UIDSignature'], - 'ts': auth_info['signatureTimestamp'], - 'email': auth_info['profile']['email'], - }).encode('utf-8')) + headers={}, data=urlencode_postdata(post_data)) + except ExtractorError as e: if isinstance(e.cause, compat_HTTPError) and e.cause.code == 401: login_attempt += 1