Skip to content
This repository has been archived by the owner on Mar 18, 2022. It is now read-only.

Commit

Permalink
work in progress on #5
Browse files Browse the repository at this point in the history
  • Loading branch information
@arvvoid
arvvoid committed Feb 23, 2019
1 parent 71d8455 commit 6ad5836
Show file tree
Hide file tree
Showing 2 changed files with 242 additions and 28 deletions.
18 changes: 7 additions & 11 deletions hbogolib/constants.py
View file
Expand Up @@ -77,21 +77,17 @@ class HbogoConstants(object):

}

# 1 - operator website login form url, 2 - username field name, 3 - password field name, 4 form payload

# 0 - operator website login form url, 1 - username field name, 2 - password field name, 3 form payload
#pkmslogin.form
eu_redirect_login = {
'c55e69f0-2471-46a9-a8b7-24dac54e6eb9': [None, None, None, None], # Czech Republic: Skylink + Slovakia: Skylink
'f0e09ddb-1286-4ade-bb30-99bf1ade7cff': [None, None, None, None], # Czech Republic: UPC CZ + Slovakia: UPC CZ
'c55e69f0-2471-46a9-a8b7-24dac54e6eb9': ['https://hbogo.skylink.cz/goauthenticate.aspx?client_id=HBO&redirect_uri=https%3a%2f%2fczapi.hbogo.eu%2foauthskylink%2frequest2.aspx&state=8wp6mMCCUjVJZEQdcb0BQA&scope=HBO&response_type=code', 'txtLogin', 'txtPassword', {"txtLogin": None, "txtPassword": None, "__LASTFOCUS": "", "__EVENTTARGET": "", "__EVENTARGUMENT": "", "__VIEWSTATE": ""}], # Czech Republic: Skylink + Slovakia: Skylink
'f0e09ddb-1286-4ade-bb30-99bf1ade7cff': ['https://service.upc.cz/login/pkmslogin.form', 'username', 'password', {"username": None, "password": None}], # Czech Republic: UPC CZ + Slovakia: UPC CZ
'414847a0-635c-4587-8076-079e3aa96035': ['https://icok.cyfrowypolsat.pl/logowanie.cp', 'j_username', 'j_password', {"j_username": None, "j_password": None, "loginFormM_SUBMIT": "1", "sInBtn": "", "javax.faces.ViewState": ""}], # Polonia: Cyfrowy Polsat
'972706fe-094c-4ea5-ae98-e8c5d907f6a2': [None, None, None, None], # Romania: Telekom Romania
'41a660dc-ee15-4125-8e92-cdb8c2602c5d': [None, None, None, None], # Romania: UPC Romania
'6826b525-04dc-4bb9-ada5-0a8e80a9f55a': [None, None, None, None], # Romania: Vodafone Romania 4GTV+
'972706fe-094c-4ea5-ae98-e8c5d907f6a2': ['https://my.telekom.ro/oam/server/auth_cred_submit', 'username', 'password', {"username": None, "password": None}], # Romania: Telekom Romania
'41a660dc-ee15-4125-8e92-cdb8c2602c5d': ['https://www.upc.ro/rest/v40/session/start?protocol=oidc&rememberMe=false', 'username', 'password', {"username": None, "credential": None}], # Romania: UPC Romania
'6826b525-04dc-4bb9-ada5-0a8e80a9f55a': ['https://rovodafoneauth.hbogo.eu/authservice/OAuth/AuthorizeResponse', 'UserName', 'Password', {"UserName": None, "Password": None, "__RequestVerificationToken": "O6VnKC1ZOUdyewkDuRsvj9FkYL5z3-pNtL_cFTBZxixuA2z_3TUqj5550M0AoyfA9Mw96XAvoFqvwoj3h6gS0DQqOE_kEkg1CKL-nc5KwbU1", "client_id": "ott-web", "redirect_uri": "https://roapi.hbogo.eu/oauthvodafone/request2.aspx", "state": "03ggvM1EXyqFFxWA7W1y4A", "response_type": "code", "IsAccepted": "true", "IsAccepted": "false", "login": "Login"}], # Romania: Vodafone Romania 4GTV+
}

eu_nick_instead_of_mail = [
'c5ff7517-8ef8-4346-86c7-0fb328848671', # Polonia: UPC
]




252 changes: 235 additions & 17 deletions hbogolib/handlereu.py
View file
Expand Up @@ -11,6 +11,7 @@


from hbogolib.handler import HbogoHandler
from hbogolib.constants import HbogoConstants

import sys
import time
Expand All @@ -20,6 +21,11 @@
import hashlib
import requests

try:
import urllib.parse as parse
except ImportError:
import urlparse as parse

import xbmc
import xbmcgui
import xbmcplugin
Expand Down Expand Up @@ -326,6 +332,227 @@ def logout(self):
self.loggedin_headers['GO-Token'] = str(self.goToken)
self.loggedin_headers['GO-CustomerId'] = str(self.GOcustomerId)

def OAuthLogin(self, username, password):

#Check if operator is supported

if self.op_id in HbogoConstants.eu_redirect_login:
# perform login

self.log("Attempting OAuth login for: " + str(self.op_id))
self.log("Urls and data: " + str(HbogoConstants.eu_redirect_login[self.op_id]))

hbo_session = requests.session()

hbo_session.headers.update({
'Host': self.COUNTRY_CODE_SHORT+'gwapi.hbogo.eu',
'User-Agent': self.UA,
'Accept': 'application/json',
'Accept-Language': self.ACCEPT_LANGUAGE,
'Accept-Encoding': 'br, gzip, deflate',
'Referer': 'https://gateway.hbogo.eu/signin/sso',
'Content-Type': 'application/json',
'GO-CustomerId': '00000000-0000-0000-0000-000000000000',
'Origin': 'https://gateway.hbogo.eu',
'Connection': 'keep-alive'
})

hbo_payload = {
"Action": None,
"AppLanguage": None,
"ActivationCode": None,
"AllowedContents": [],
"AudioLanguage": None,
"AutoPlayNext": False,
"BirthYear": 0,
"CurrentDevice": {
"AppLanguage": "",
"AutoPlayNext": False,
"Brand": "Chromium",
"CreatedDate": "",
"DeletedDate": "",
"Id": "00000000-0000-0000-0000-000000000000",
"Individualization": self.individualization,
"IsDeleted": False,
"LastUsed": "",
"Modell": "71",
"Name": "",
"OSName": "Ubuntu",
"OSVersion": "undefined",
"Platform": self.API_PLATFORM,
"SWVersion": "3.3.9.6418.2100",
"SubtitleSize": ""
},
"CustomerCode": "",
"DebugMode": False,
"DefaultSubtitleLanguage": None,
"EmailAddress": "",
"FirstName": "",
"Gender": 0,
"Id": "00000000-0000-0000-0000-000000000000",
"IsAnonymus": True,
"IsPromo": False,
"Language": "",
"LastName": "",
"Nick": "",
"NotificationChanges": 0,
"OperatorId": "00000000-0000-0000-0000-000000000000",
"OperatorName": "",
"OperatorToken": "",
"ParentalControl": {
"Active": False,
"Password": "",
"Rating": 0,
"ReferenceId": "00000000-0000-0000-0000-000000000000"
},
"Password": "",
"PromoCode": "",
"ReferenceId": "00000000-0000-0000-0000-000000000000",
"SecondaryEmailAddress": "",
"SecondarySpecificData": None,
"ServiceCode": "",
"SpecificData": None,
"SubscribeForNewsletter": False,
"SubscState": None,
"SubtitleSize": "",
"TVPinCode": "",
"ZipCode": "",
"PromoId": ""
}

hbo_session.headers.update({'GO-CustomerId': '00000000-0000-0000-0000-000000000000'})

response = hbo_session.post(
self.API_URL_AUTH_OPERATOR,
json=hbo_payload
)

jsonrspl = response.json()

token = str(jsonrspl['Token'])
backuri = self.API_HOST_REFERER + "/ssocallbackhandler?ssoid={0}&method={1}&cou=POL&operatorId=" + self.op_id + "&p=" + self.API_PLATFORM + "&l=" + self.LANGUAGE_CODE + "&cb=" + base64.b64encode(token) + "&t=signin"

hbo_session.headers.pop('GO-CustomerId')
hbo_session.headers.update({'GO-Token': token})
hbo_payload['CurrentDevice'] = jsonrspl['Customer']['CurrentDevice']
hbo_payload['Action'] = 'L'
hbo_payload['OperatorId'] = self.op_id

cp_session = requests.session()
cp_session.headers.update({
'Referer': self.API_HOST_REFERER,
'User-Agent': self.UA
})


payload = {
"caller": "GW",
"cid": str(jsonrspl['Customer']['Id']),
"oid": self.op_id,
"platform": self.API_PLATFORM,
"backuri": backuri
}

self.log("GET CP SESSION: " + self.REDIRECT_URL.split('?')[0])

cp_session.get(
self.REDIRECT_URL.split('?')[0],
params=payload
)

payload = HbogoConstants.eu_redirect_login[self.op_id][3]

self.log("LOGIN FORM PAYLOAD: " + str(payload))

payload[HbogoConstants.eu_redirect_login[self.op_id][1]] = username
payload[HbogoConstants.eu_redirect_login[self.op_id][2]] = password

if self.sensitive_debug:
self.log("LOGIN FORM PAYLOAD: " + str(payload))

response = cp_session.post(
HbogoConstants.eu_redirect_login[self.op_id][0],
data=payload
)

parsed_url = parse.urlparse(response.url)
ssoid = parse.parse_qs(parsed_url.query)['ssoid'][0]

response = hbo_session.post(
'https://' + self.COUNTRY_CODE_SHORT +'gwapi.hbogo.eu/v2.1/RetrieveCustomerByToken/json/'+ self.LANGUAGE_CODE + '/' + self.API_PLATFORM
)

jsonrspl = response.json()

hbo_session.headers.update({
'GO-CustomerId': str(jsonrspl['Customer']['Id']),
'GO-SessionId': str(jsonrspl['SessionId'])
})

hbo_payload['Id'] = str(jsonrspl['Customer']['Id'])
hbo_payload['ReferenceId'] = ssoid

response = hbo_session.post(
self.API_URL_AUTH_OPERATOR,
json=hbo_payload
)

jsonrspl = response.json()

try:
if jsonrspl['ErrorMessage']:
self.log("OAuth Login Error: " + str(str(jsonrspl['ErrorMessage'])))
xbmcgui.Dialog().ok(self.LB_LOGIN_ERROR, str(jsonrspl['ErrorMessage']))
self.logout()
return False
except:
pass

try:
self.sessionId = jsonrspl['SessionId']
except:
self.sessionId = '00000000-0000-0000-0000-000000000000'
if self.sessionId == '00000000-0000-0000-0000-000000000000' or len(self.sessionId) != 36:
self.log("GENERIC LOGIN ERROR")
xbmcgui.Dialog().ok(self.LB_LOGIN_ERROR, "GENERIC LOGIN ERROR")
self.logout()
return False
else:
self.goToken = jsonrspl['Token']
self.GOcustomerId = jsonrspl['Customer']['Id']
if self.sensitive_debug:
self.log("Login sucess - Token" + str(self.goToken))
self.log("Login sucess - Customer Id" + str(self.GOcustomerId))
self.log("Login sucess - Session Id" + str(self.sessionId))
else:
self.log("Login sucess - Token [OMITTED FOR PRIVACY]")
self.log("Login sucess - Customer Id [OMITTED FOR PRIVACY]")
self.log("Login sucess - Session Id [OMITTED FOR PRIVACY]")
self.loggedin_headers['GO-SessionId'] = str(self.sessionId)
self.loggedin_headers['GO-Token'] = str(self.goToken)
self.loggedin_headers['GO-CustomerId'] = str(self.GOcustomerId)
# save the session with validity of n hours to not relogin every run of the add-on

login_hash = hashlib.sha224(self.individualization + self.customerId + self.FavoritesGroupId + username + password + self.op_id).hexdigest()
self.log("LOGIN HASH: " + login_hash)

saved_session = {

"hash": login_hash,
"headers": self.loggedin_headers,
"time": time.time()

}
if self.sensitive_debug:
self.log("SAVING SESSION: " + str(saved_session))
else:
self.log("SAVING SESSION: [OMITTED FOR PRIVACY]")
self.save_obj(saved_session, self.addon_id + "_session")
return True
else:
self.log("OAuth operator not supported: " + str(self.op_id))
xbmcgui.Dialog().ok(self.LB_LOGIN_ERROR, "Sorry your operator require a special login procedure thats not supported at the moment.")
pass

def login(self):
self.log("Using operator: " + str(self.op_id))
Expand Down Expand Up @@ -377,7 +604,13 @@ def login(self):
self.log("Login restored - Token [OMITTED FOR PRIVACY]")
self.log("Login restored - Customer Id [OMITTED FOR PRIVACY]")
self.log("Login restored - Session Id [OMITTED FOR PRIVACY]")
return False
return True

if len(self.REDIRECT_URL) > 0:
self.log("OPERATOR WITH LOGIN REDIRECTION DETECTED")
self.log("LOGIN WITH SPECIAL OAuth LOGIN PROCEDURE")
return self.OAuthLogin(username, password)


headers = {
'Origin': self.API_HOST_GATEWAY,
Expand All @@ -398,15 +631,6 @@ def login(self):
else:
url = self.API_URL_AUTH_OPERATOR

if len(self.REDIRECT_URL) > 0:
self.log("OPERATOR WITH LOGIN REDIRECT DETECTED, THE LOGIN WILL PROBABLY FAIL, NOT IMPLEMENTED, more details https://github.com/arvvoid/plugin.video.hbogoeu ISSUE #5 ")
# EXPLANATION
# ------------
# For a few operators the login is not performed directly using the hbogo api. Instead the user is redirected to the operator website
# the login is performed there, and then the operator login the user on hbogo and redirect back.
# What exactly happens and how, will have to be figured out and then implemented in the add-on for those operators to work.
# For more information go to https://github.com/arvvoid/plugin.video.hbogoeu ISSUE #5

data_obj = {
"Action": "L",
"AppLanguage": None,
Expand Down Expand Up @@ -444,7 +668,7 @@ def login(self):
"IsPromo": False,
"Language": self.LANGUAGE_CODE,
"LastName": "",
"Nick": "",
"Nick": username,
"NotificationChanges": 0,
"OperatorId": self.op_id,
"OperatorName": "",
Expand Down Expand Up @@ -479,8 +703,6 @@ def login(self):
if jsonrspl['ErrorMessage']:
self.log("LOGIN ERROR: " + str(jsonrspl['ErrorMessage']))
xbmcgui.Dialog().ok(self.LB_LOGIN_ERROR, str(jsonrspl['ErrorMessage']))
if len(REDIRECT_URL) > 0:
xbmcgui.Dialog().ok(self.LB_ERROR, "OPERATOR WITH LOGIN REDIRECTION DETECTED. LOGIN REDIRECTION IS NOT CURRENTLY IMPLEMENTED. TO FIND OUT MORE ABOUTE THE ISSUE AND/OR CONTRIBUTE GO TO https://github.com/arvvoid/plugin.video.hbogoeu ISSUE #5 ")
self.logout()
return False
except:
Expand All @@ -492,8 +714,6 @@ def login(self):
except:
self.log("LOGIN: INDIVIDUALIZATION ERROR")
xbmcgui.Dialog().ok(self.LB_LOGIN_ERROR, "LOGIN: INDIVIDUALIZATION ERROR")
if len(self.REDIRECT_URL) > 0:
xbmcgui.Dialog().ok(self.LB_ERROR, "OPERATOR WITH LOGIN REDIRECTION DETECTED. LOGIN REDIRECTION IS NOT CURRENTLY IMPLEMENTED. TO FIND OUT MORE ABOUTE THE ISSUE AND/OR CONTRIBUTE GO TO https://github.com/arvvoid/plugin.video.hbogoeu ISSUE #5 ")
self.logout()
return False
self.sessionId = '00000000-0000-0000-0000-000000000000'
Expand All @@ -504,8 +724,6 @@ def login(self):
if self.sessionId == '00000000-0000-0000-0000-000000000000' or len(self.sessionId) != 36:
self.log("GENERIC LOGIN ERROR")
xbmcgui.Dialog().ok(self.LB_LOGIN_ERROR, "GENERIC LOGIN ERROR")
if len(self.REDIRECT_URL) > 0:
xbmcgui.Dialog().ok(self.LB_ERROR, "OPERATOR WITH LOGIN REDIRECTION DETECTED. LOGIN REDIRECTION IS NOT CURRENTLY IMPLEMENTED. TO FIND OUT MORE ABOUTE THE ISSUE AND/OR CONTRIBUTE GO TO https://github.com/arvvoid/plugin.video.hbogoeu ISSUE #5 ")
self.logout()
return False
else:
Expand Down

0 comments on commit 6ad5836

Please sign in to comment.