Unable to log into PSN account using ungoogled chromium

[HarukaMa]

Describe the bug
This is a rather strange issue which I still can't figure out the reason.

I was trying to log into my PSN account to collect PS Plus games, but I'm unable to login using ungoogled chromium. On the login page, the request to https://ca.account.sony.com/api/v1/ssocookie always return 403 (which is then blocked by the browser as 403 responses doesn't have CORS headers).

Tried using secret mode with only two extensions: BitWarden and Proxy SwitchyOmega with "system proxy" mode. Also tried with no extensions enabled.

Tried using official Google Chrome 84.0.4147.125 and Safari with no issues logging in.

Tried to copy the requests as cURL, the requests sent by ungoogled chromium also return 403 while the ones sent by official Chrome work.

Tried to copy everything under Application Support/Chromium to Application Support/Google/Chrome and running official Chrome then login, and it works. (Extensions don't work as expected as they are installed by Chromium Web Store.)

I'm quite confident this is caused by ungoogled chromium at this point, but unable to pinpoint the exact issue.

To Reproduce
Steps to reproduce the behavior:

1. Go to https://store.playstation.com/
2. Click on "Sign in"
3. Try to log in (presumably using any credential)
4. See error in Inspect

Expected behavior
Should have no issues logging in.

Screenshots
N/A

Environment (please complete the following information):

• OS/Platform and version: macOS 10.15.3
• ungoogled-chromium version: 84.0.4147.125 (Official Build)

Additional context
Built using official depot_tools with gclient sync and default args plus following entries:

enable_nacl = false
blink_symbol_level = 0
symbol_level = 0
is_component_build = false
is_official_build = true
is_debug = false
proprietary_codecs = true
ffmpeg_branding = "Chrome"

[wchen342]

What is the difference between the request made by UC and the one made by official Chromium? Sounds like the request is somehow malformed.

[HarukaMa]

AFAICT only the post form content and cookie header is different (from copied curl command line).

[wchen342]

Can you post the details of those two requests so we can know what are the differences?

[HarukaMa]

Using link https://my.account.sony.com/central/signin/?response_type=code&redirect_uri=https%3A%2F%2Fstore.playstation.com%2Fja-jp%2Fhome%2Fgames&client_id=f6c7057b-f688-4744-91c0-8179592371d2&scope=kamaji%3Acommerce_native%2Ckamaji%3Acommerce_container%2Ckamaji%3Alists&state=returning&request_locale=ja_JP&service_entity=urn%3Aservice-entity%3Apsn&hidePageElements=SENLogo&disableLinks=SENLink&ui=pr&cid=922f6c3a-36a8-4561-8871-6dcf01946b9f&error=login_required&error_code=4165&no_captcha=true#/signin/ca?entry=ca

cURL cmdline with ungoogled chromium in incognito mode with only two extensions:

curl 'https://ca.account.sony.com/api/v1/ssocookie' \
  -H 'Connection: keep-alive' \
  -H 'X-Referer-Info: https://my.account.sony.com/central/signin/?response_type=code&redirect_uri=https%3A%2F%2Fstore.playstation.com%2Fja-jp%2Fhome%2Fgames&client_id=f6c7057b-f688-4744-91c0-8179592371d2&state=returning&request_locale=ja_JP&service_entity=urn%3Aservice-entity%3Apsn&hidePageElements=SENLogo&disableLinks=SENLink&ui=pr&cid=922f6c3a-36a8-4561-8871-6dcf01946b9f&error=login_required&error_code=4165&no_captcha=true' \
  -H 'X-CorrelationId: 922f6c3a-36a8-4561-8871-6dcf01946b9f' \
  -H 'X-Origin-ClientId: f6c7057b-f688-4744-91c0-8179592371d2' \
  -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36' \
  -H 'Content-Type: application/json; charset=UTF-8' \
  -H 'Accept: */*' \
  -H 'Origin: https://my.account.sony.com' \
  -H 'Sec-Fetch-Site: same-site' \
  -H 'Sec-Fetch-Mode: cors' \
  -H 'Sec-Fetch-Dest: empty' \
  -H 'Referer: https://my.account.sony.com/' \
  -H 'Accept-Language: en,ja;q=0.9,en-US;q=0.8' \
  -H 'Cookie: bm_sz=A40F5CFF272B5ADA7E213197B9A0437D~YAAQxTMtF+MtfexzAQAA1UUS+wj4DX5rTZXD3EhLE+SdRvndOTVpsdyD6MUfaBtkAvRtrybF2WY3bHOBhOdPoTUDs6UiLvg4ljcz5THRYhGGp8T9FpAHj2x7/n5+HkGQEplNcCBTMqIkak6DHHlCHd4/Uou3oNSr88vvvqlSoG8dtuND3j978Dmp2DSQkg==; s_fid=310124EAAB573DB7-3180B12AE77F4D59; s_cc=true; s_sq=snepdrglobal%3D%2526c.%2526a.%2526activitymap.%2526page%253Dweb%25253Apdr%25253Asignin%25253Aca%25253Asigninpassword%252520signin%2526link%253D%2525E3%252582%2525B5%2525E3%252582%2525A4%2525E3%252583%2525B3%2525E3%252582%2525A4%2525E3%252583%2525B3%2526region%253Dember39%2526pageIDType%253D1%2526.activitymap%2526.a%2526.c; _abck=4631F98E88878A51FEAD70C82AA9A932~-1~YAAQxTMtF/8tfexzAQAASrES+wS6rx9YtqLUiJKmmUAe22C/FxoEwNSFamFkAJPBh8amBhDQ8FhmNbGCftkkyJzJf2r3WaiG5b+dBBXu9M9vjjF9Z/Y9gHPWyicwKYDmOyKletnCTZkTK+Xs14wQoB88+Fkh+FrCqfAzBV2Khz+3zDjxumYaE11vDDoVmf5oFM5znPSj9ifHy/9qy51P66kNvHvxmrz1HvEnzcx3O4aIZCYuQQQ+goDLeYeiC4jmGPu1F2OMp10PokdBB6QNK+dsOffKC+/2zLivC1sfuANICC0M+7w6X/dmtanxovONSCh+aXiA~-1~-1~-1' \
  --data-binary '{"authentication_type":"password","username":"test@example.com","password":"test","client_id":"8c52bc6a-4ad1-43fb-bd63-4465cf818937","widget_data":"{\"jvqtrgQngn\":{\"oq\":\"1778:1391:1778:1470:3840:2073\",\"wfi\":\"flap-139108\",\"oc\":\"qr5po8oq633q65p0\",\"fe\":\"2160k3840 24\",\"qvqgm\":\"-540\",\"jxe\":860851,\"syi\":\"snyfr\",\"si\":\"si,btt,zc4,jroz\",\"sn\":\"sn,zcrt,btt,jni\",\"us\":\"6179q8s8515p6roo\",\"cy\":\"ZnpVagry\",\"sg\":\"{\\\"zgc\\\":0,\\\"gf\\\":snyfr,\\\"gr\\\":snyfr}\",\"sp\":\"{\\\"gp\\\":gehr,\\\"ap\\\":gehr}\",\"sf\":\"gehr\",\"jt\":\"4o1oqqr0oo9oqr52\",\"sz\":\"69sp7p969ro2813p\",\"vce\":\"apvc,0,5s3n2171,2,1;fb,0;fg,6,rzore37,0;zp,64,0,0,rzore37;zp,1n,0,0,rzore37;xx,2,0,rzore37;ss,0,rzore37;zp,16,0,0,rzore37;xq,2;xq,5;so,5,rzore37;zp,18,0,0,rzore37;xx,3,r,rzore37;ss,0,rzore37;zp,4n8,2ps,2ps,;xq,1r1;xq,37;xq,120;xq,48;xq,q1;xq,2s;so,226,rzore37;zp,46,367,2rq,;\",\"ns\":\"\"},\"jg\":\"1.j-666234.1.2.T2Y_92R5v2iGQA4y-xQL3t,,.31AbQ8nqNDAuT4KIR0otqNyRVeHIAHs6WpxJ1AHLuKiGl3qY8yXziBIEUCVovAy9KFjmsIz5e-w3ct2A8sO4U2s8lN7u6B_FqHM4IhYV8tWZ6cJcc4Av61e3xCAw7bgKyYDa6sUuE_RPb-_RjU9pkEeaBOSmazI8IQ0axLtycYgjFCtoNRS5ukZpsZD2c2hni79H7z4UjAf0_gQToG7-vcVEycFJwDNNhNEO3kEWcfElr2EAE6SQRThCiNKi56dP\"}","session_id":"5c08bfe1-4e82-4159-8e57-23225bbc5762"}' \
  --compressed

with google chrome:

curl 'https://ca.account.sony.com/api/v1/ssocookie' \
  -H 'Connection: keep-alive' \
  -H 'X-Referer-Info: https://my.account.sony.com/central/signin/?response_type=code&redirect_uri=https%3A%2F%2Fstore.playstation.com%2Fja-jp%2Fhome%2Fgames&client_id=f6c7057b-f688-4744-91c0-8179592371d2&state=returning&request_locale=ja_JP&service_entity=urn%3Aservice-entity%3Apsn&hidePageElements=SENLogo&disableLinks=SENLink&ui=pr&cid=922f6c3a-36a8-4561-8871-6dcf01946b9f&error=login_required&error_code=4165&no_captcha=true' \
  -H 'X-CorrelationId: 922f6c3a-36a8-4561-8871-6dcf01946b9f' \
  -H 'X-Origin-ClientId: f6c7057b-f688-4744-91c0-8179592371d2' \
  -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36' \
  -H 'Content-Type: application/json; charset=UTF-8' \
  -H 'Accept: */*' \
  -H 'Origin: https://my.account.sony.com' \
  -H 'Sec-Fetch-Site: same-site' \
  -H 'Sec-Fetch-Mode: cors' \
  -H 'Sec-Fetch-Dest: empty' \
  -H 'Referer: https://my.account.sony.com/' \
  -H 'Accept-Language: en,ja;q=0.9,en-US;q=0.8' \
  -H 'Cookie: bm_sz=18B45CF65EFCF6E406DEE5BF9E38B4DD~YAAQxTMtF/MwfexzAQAA1AQe+whEEuOK4Tb/yOWzr23oDh+HAyLy8T+uBexc4HEMQWLo7wkFh7v+v1cvpTn9gB/kTHgXLnxoAuJox9/RwDMTY6bcQTUvpNbe29SXbE+qEFXfiXNddbzB4dtZQoGeVXX8uUJLHOW6B/dx2kWnFFatvtmIP2dsuC8qXGdqRg==; _abck=6C8DDE4EC14F7499A766868BD8EB4167~0~YAAQxTMtF/owfexzAQAANwse+wTrcnqyl+1j9REdOATIpXA3PL4eUjF/Idxq2YgCajBIq0FGJN02QnTgf1hLMQXckPZZkqV+0gvviCc/jpbslecvhfhUAjURjqtMs6WuvI6AdrT7ud+vGp+fz6x7rcJDkkkDZFDbkwX8pe1cWo2Ii+yT9QvTiTo9Izo5j5lKCmnIrVgRBgLDXrjwSywLlCebuqsZE2SEH7YXVBLt/SDmFkhaWoSYTbgbC6HfD1z834Fubf49HvcryiiqK6AjxeH2xOquVr1UthDNeKajbpdgXRKAw5CvblpT/3w1e1X5EiK9taY=~-1~-1~-1; s_fid=210BB58ED977E40D-08B5CFB4A07604EA; s_cc=true; s_sq=snepdrglobal%3D%2526c.%2526a.%2526activitymap.%2526page%253Dweb%25253Apdr%25253Asignin%25253Aca%25253Asigninpassword%252520signin%2526link%253D%2525E3%252582%2525B5%2525E3%252582%2525A4%2525E3%252583%2525B3%2525E3%252582%2525A4%2525E3%252583%2525B3%2526region%253Dember39%2526pageIDType%253D1%2526.activitymap%2526.a%2526.c' \
  --data-binary '{"authentication_type":"password","username":"test@example.com","password":"test","client_id":"8c52bc6a-4ad1-43fb-bd63-4465cf818937","widget_data":"{\"jvqtrgQngn\":{\"oq\":\"1778:1346:1778:1470:3840:2073\",\"wfi\":\"flap-139108\",\"oc\":\"q400qo6n8n86q525\",\"fe\":\"2160k3840 24\",\"qvqgm\":\"-540\",\"jxe\":336432,\"syi\":\"snyfr\",\"si\":\"si,btt,zc4,jroz\",\"sn\":\"sn,zcrt,btt,jni\",\"us\":\"rp3q1r18n3537s27\",\"cy\":\"ZnpVagry\",\"sg\":\"{\\\"zgc\\\":0,\\\"gf\\\":snyfr,\\\"gr\\\":snyfr}\",\"sp\":\"{\\\"gp\\\":gehr,\\\"ap\\\":gehr}\",\"sf\":\"gehr\",\"jt\":\"4o1oqqr0oo9oqr52\",\"sz\":\"s6rn4445po3485o2\",\"vce\":\"apvc,0,5s3n246n,2,1;fb,0;fg,6,rzore37,0;zz,17r,398,292,;xx,1np,0,rzore37;ss,0,rzore37;zp,69,377,2o4,rzore37;xq,60p;xq,7n;xq,n0;xq,24r;xq,138;xq,38;so,20p,rzore37;zp,41,3p7,2r3,;\",\"ns\":\"\"},\"jg\":\"1.j-666234.1.2.scfPWhDhkjyCBgUFlsDwzN,,.vmHFZBpVzUyHUWu9qgBfEQ6dwPEaOlpdIOi5BMOuXcwT2TxznQk6mWvJ2Ybu-bjpu35RqEOHiYb8c-lNXoluRdO5iEiyFxn0kFcFBbKESz-Jbu9AikWqdMxcBT1LH8UkAxJ8Jxo-n2POCkMgGIhJtU7QA3WyhcURtnxoH4cRZXHN4IWczCqk75TbDWQ3GtLYhJKsfEQQmPu97lF95meKsYX2QEMk9y9FSWT4aBWrLivr5nmNeQdTBPtuKh0IuJw2\"}","session_id":"4b0fb581-23f9-4b0b-bfd8-89d20b999b05"}' \
  --compressed

[wchen342]

The major difference comes from

apvc,0,5s3n2171,2,1;fb,0;fg,6,rzore37,0;zp,64,0,0,rzore37;zp,1n,0,0,rzore37;xx,2,0,rzore37;ss,0,rzore37;zp,16,0,0,rzore37;xq,2;xq,5;so,5,rzore37;zp,18,0,0,rzore37;xx,3,r,rzore37;ss,0,rzore37;zp,4n8,2ps,2ps,;xq,1r1;xq,37;xq,120;xq,48;xq,q1;xq,2s;so,226,rzore37;zp,46,367,2rq,;\

and

apvc,0,5s3n246n,2,1;fb,0;fg,6,rzore37,0;zz,17r,398,292,;xx,1np,0,rzore37;ss,0,rzore37;zp,69,377,2o4,rzore37;xq,60p;xq,7n;xq,n0;xq,24r;xq,138;xq,38;so,20p,rzore37;zp,41,3p7,2r3,;\

However this seems to be some encoded binary data and I am not sure what I am looking at. @Eloston Any ideas?

[Eloston]

Unfortunately not, it looks pretty application-specific.

Could there be other requests and responses that are different? Perhaps the authentication state spans multiple requests.

[wchen342]

Could there be other requests and responses that are different?

From the descriptions of what was done, the request made by cURL is the first request in the process and if it returns 403 then it should has nothing to do with following steps.

One possiblity I am thinking is maybe anti-fingerprinting messed up something? But they should be disabled by default I believe?

[HarukaMa]

It seems there was indeed another request after submitting only the email address:

curl 'https://my.account.sony.com/public/6787b106eno171ce8a5b1e9dabf4985' \
  -H 'Connection: keep-alive' \
  -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36' \
  -H 'Content-Type: text/plain;charset=UTF-8' \
  -H 'Accept: */*' \
  -H 'Origin: https://my.account.sony.com' \
  -H 'Sec-Fetch-Site: same-origin' \
  -H 'Sec-Fetch-Mode: cors' \
  -H 'Sec-Fetch-Dest: empty' \
  -H 'Referer: https://my.account.sony.com/' \
  -H 'Accept-Language: en,ja;q=0.9,en-US;q=0.8' \
  -H 'Cookie: akacd_pdr-my2-account-sony=2177452799~rv=27~id=5c9bcd18387aa908f47777cc42ba0d04; s_fid=31C0C00D69558896-188D11BE3BE5B711; bm_sz=CA2DEE8CF50B1C49064F10B6486E61BE~YAAQRpcRYNJuqOtzAQAAXu+6CgjeCF4shHsOSjbkfz+bgygZigtmahW/Hr+j56XnxjhMUqwdqtMkT77B73mzkLnTyQBOp/EkT10bs7HWGvCSpjrXgNPZA3uATsmDZ4ZCZmm1OAwf3+Eh7UlHVVYL2tn2UXphhI6LsPhUsvVOd0X4g3X7GayEET9NW/z7Jg==; s_cc=true; _abck=EEE0152D70871AAB666CDD03284C2AE4~-1~YAAQRpcRYExvqOtzAQAAJ+27CgT3iLqFxtEE1R/ER4J2YOyKkWwVTOBzC5OKQTCESlb135ilaRteNwY5z6E2hLxLE6dEbDoGE+nwAvoqYnCpWLS9K9PEb+qgjQoCgF4V7lFWRsDQ/4K6eiq2m5RyR/tYRc78hyIiIQ8cNVxVFTyfJFsArNanzR97Q/tfWl9UEQPcVdTyNhMS+C09YAcW1mhuZMmy9sqqGi0yv8K5PX4Eq3tUJSDxbImWhU4qBVtZ2XoXB5X9Ac9wO3Amtoq7tQWpPObfchL7azQcUssCfG34+76TdNsDW00NVD6KWIbyabnQMSqs~-1~-1~-1' \
  --data-binary '{"sensor_data":"7a74G7m23Vrp0o5c9180781.62-1,2,-94,-100,Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36,uaend,12147,20030107,en,Gecko,2,0,0,0,393161,7921195,3840,2073,3840,2160,1778,1390,1778,,cpen:0,i1:0,dm:0,cwen:0,non:1,opc:0,fc:0,sc:0,wrc:1,isc:0,vib:1,bat:1,x11:0,x12:1,8969,0.643481198321,798953960597.5,loc:-1,2,-94,-101,do_en,dm_en,t_en-1,2,-94,-105,-1,2,-94,-102,0,2,1,0,621,-1,0;-1,2,-94,-108,0,1,2490,undefined,0,0,621,0;1,3,2491,undefined,0,0,621,0;2,2,2491,undefined,0,0,621,0;3,1,2493,undefined,0,0,621,0;4,3,2493,undefined,0,0,621,0;5,2,2494,undefined,0,0,621,0;-1,2,-94,-110,0,2,2432,-1,-1,621,it0;1,2,2465,-1,-1,621,it0;2,2,2489,-1,-1,621,it0;3,2,2521,-1,-1,621,it0;4,1,9854,1400,878;5,1,11260,848,915;6,1,11643,872,1089;7,1,11878,841,1111;8,1,39288,443,986;9,1,40455,1422,922;10,1,44186,1377,703;11,1,45623,957,715;12,1,45624,957,715;13,1,45638,957,715;14,1,45650,957,716;15,1,45653,958,716;16,1,45665,958,717;17,1,45669,958,717;18,1,45677,958,718;19,1,45685,958,719;20,1,45693,958,719;21,1,45703,958,720;22,1,45709,958,720;23,1,45716,958,721;24,1,45723,959,721;25,1,45732,959,722;26,1,45739,959,722;27,1,45748,959,723;28,1,45755,959,723;29,1,45766,959,723;30,1,45771,959,723;31,3,45834,959,723,-1;-1,2,-94,-117,-1,2,-94,-111,-1,2,-94,-109,-1,2,-94,-114,-1,2,-94,-103,3,45454;-1,2,-94,-112,https://my.account.sony.com/central/signin/?response_type=code&redirect_uri=https%3A%2F%2Fstore.playstation.com%2Fja-jp%2Fhome%2Fgames&client_id=f6c7057b-f688-4744-91c0-8179592371d2&scope=kamaji%3Acommerce_native%2Ckamaji%3Acommerce_container%2Ckamaji%3Alists&state=returning&request_locale=ja_JP&service_entity=urn%3Aservice-entity%3Apsn&hidePageElements=SENLogo&disableLinks=SENLink&ui=pr&cid=922f6c3a-36a8-4561-8871-6dcf01946b9f&error=login_required&error_code=4165&no_captcha=true#/signin/ca?entry=ca-1,2,-94,-115,NaN,1187839,32,0,0,0,NaN,45834,0,1597907921195,75,17093,6,32,2848,1,0,45835,1153196,0,EEE0152D70871AAB666CDD03284C2AE4~-1~YAAQRpcRYExvqOtzAQAAJ+27CgT3iLqFxtEE1R/ER4J2YOyKkWwVTOBzC5OKQTCESlb135ilaRteNwY5z6E2hLxLE6dEbDoGE+nwAvoqYnCpWLS9K9PEb+qgjQoCgF4V7lFWRsDQ/4K6eiq2m5RyR/tYRc78hyIiIQ8cNVxVFTyfJFsArNanzR97Q/tfWl9UEQPcVdTyNhMS+C09YAcW1mhuZMmy9sqqGi0yv8K5PX4Eq3tUJSDxbImWhU4qBVtZ2XoXB5X9Ac9wO3Amtoq7tQWpPObfchL7azQcUssCfG34+76TdNsDW00NVD6KWIbyabnQMSqs~-1~-1~-1,30576,981,-1648646798,30261693,PiZtE,43795,92-1,2,-94,-106,1,2-1,2,-94,-119,9,12,13,13,25,26,16,11,10,7,8,1377,1378,450,-1,2,-94,-122,0,0,0,0,1,0,0-1,2,-94,-123,-1,2,-94,-124,-1,2,-94,-126,-1,2,-94,-127,11321144241322243122-1,2,-94,-70,-1193659824;-2134529248;dis;;true;true;true;-540;true;24;24;true;false;-1-1,2,-94,-80,5484-1,2,-94,-116,23763636-1,2,-94,-118,169327-1,2,-94,-121,;6;46;0"}' \
  --compressed

It returns 201 Created and sets a new value to cookie _abck, so maybe it's also related.

[HarukaMa]

@wchen342 You are right, the issue comes from flag #fingerprinting-client-rects-noise. It seems that Sony is somehow using that info to identify clients, but that flag is interfering with the detection.

[wchen342]

it may be they are using the information somehow, or maybe it is because of the reCAPTCHA they are using. Google is known to use more than JS (including other browser properties+machine learning) to identify activities.

[Eloston]

One possiblity I am thinking is maybe anti-fingerprinting messed up something? But they should be disabled by default I believe?

Yeah it's disabled by default.

I think this is the first case I've seen where these anti-fingerprinting flags actually breaks a site. Interesting.

Closing unless there are still problems here.

[csagan5]

I think this is the first case I've seen where these anti-fingerprinting flags actually breaks a site. Interesting.

@Eloston it was already reported here: bromite/bromite#402

I believe it is the same issue