auth() failed

[captavia]

pixivpy3.utils.PixivError: [ERROR] auth() failed! check username and password.
HTTP 400: {"has_error":true,"errors":{"system":{"message":"access_denied","code":1508}}}

换账号login也是同样错误，同设备网页可以登录。

[roytam1]

同设备网页可以登录。

app也可以登錄，估計是 https://oauth.secure.pixiv.net/auth/token 又改了

[Asidert]

Same problem, where can I see the new client_id and client_secret?

[roytam1]

Same problem, where can I see the new client_id and client_secret?

but pixiv app is not updated and new install of pixiv app can still able to login.

[Asidert]

Same problem, where can I see the new client_id and client_secret?

but pixiv app is not updated and new install of pixiv app can still able to login.

what then is the problem, do you think?

[roytam1]

Same problem, where can I see the new client_id and client_secret?

but pixiv app is not updated and new install of pixiv app can still able to login.

what then is the problem, do you think?

maybe missing params or missing headers? i.e. we may need to sniff pixiv app again.

[DaRealFreak]

Also not seeing any differences so far, just digging through the app what might have changed (Android pixiv 5.0.156):

PixivOAuthResponse mo21264b(@C6444c(mo24824a = "client_id") String str, @C6444c(mo24824a = "client_secret") String str2, @C6444c(mo24824a = "grant_type") String str3, @C6444c(mo24824a = "username") String str4, @C6444c(mo24824a = "password") String str5, @C6444c(mo24824a = "device_token") String str6, @C6444c(mo24824a = "get_secure_url") boolean z, @C6444c(mo24824a = "include_policy") boolean z2);

client_id string
client_secret string
grant_type string
username string
password string
device_token string
get_secure_url boolean
include_policy boolean

no changes in the request parameters

PixivOAuthResponse b = C4402h.m13992a().mo21264b("MOBrBDS8blbauoSck0ZfDbtuzpyT", "lsACyCD94FhDUtGTXi3QzcFE2uU1hqtDaKeqrdwj", "password", str2, password, C3841g.m12695a(), true, true);

client_id -> MOBrBDS8blbauoSck0ZfDbtuzpyT
client_secret -> lsACyCD94FhDUtGTXi3QzcFE2uU1hqtDaKeqrdwj
grant_type -> password
username -> [user]
password -> [password]
device_token -> [token (differs from device to device)]
get_secure_url -> true
include_policy -> true

client ID and client secret and other values are still the same too

String str = "https://oauth.secure.pixiv.net";
...
@C6456o(mo24836a = "/auth/token")

OAuth2 URL -> https://oauth.secure.pixiv.net/auth/token

authentication URL still the same too

String format = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZZZZZ", Locale.US).format(new Date());
StringBuilder sb = new StringBuilder();
sb.append(format);
sb.append("28c1fdd170a5204386cb1313c7077b34f83e4aaf4aa829ce78c231e05b0bae2c");
String str2 = "Accept-Language";
String str3 = "App-OS-Version";
Request build = chain.request().newBuilder().addHeader(C3376a.HEADER_USER_AGENT, C4396d.f15045a).addHeader("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8").addHeader(str2, Locale.getDefault().toString()).addHeader("App-OS", C3376a.ANDROID_CLIENT_TYPE).addHeader(str3, VERSION.RELEASE).addHeader("App-Version", "5.0.156").addHeader("X-Client-Time", format).addHeader("X-Client-Hash", C5942ab.m17017a(sb.toString())).build();

Headers:
User-Agent -> PixivAndroidApp/%s (Android %s; %s) [VERSION.RELEASE, C5384a.m15939a(Build.MODEL)]
Content-Type -> application/x-www-form-urlencoded;charset=UTF-8
Accept-Language -> Locale.getDefault().toString() -> [en_US,...]
App-OS -> android
App-Version -> 5.0.156
App-OS-Version -> 9.0.16
X-Client-Time -> new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZZZZZ", Locale.US).format(new Date());
X-Client-Hash -> md5([X-Client-Time]28c1fdd170a5204386cb1313c7077b34f83e4aaf4aa829ce78c231e05b0bae2c)

X-Client-Hash is now getting validated serverside, has to match the passed md5(X-Client-Time+28c1fdd170a5204386cb1313c7077b34f83e4aaf4aa829ce78c231e05b0bae2c)

possible referer:

 return new C1605g(str, (C1606h) new C1610a().mo5828a(C3376a.HEADER_USER_AGENT, C4396d.f15045a).mo5828a("Referer", "https://app-api.pixiv.net/").mo5829a());

also the same

---

ok works again with this:

print(s.post(
    'https://oauth.secure.pixiv.net/auth/token',
    data={
        "client_id": "MOBrBDS8blbauoSck0ZfDbtuzpyT",
        "client_secret": "lsACyCD94FhDUtGTXi3QzcFE2uU1hqtDaKeqrdwj",
        "grant_type": "password",
        "username": "username",
        "password": "password",
        "device_token": "pixiv",
        "get_secure_url": "true",
        "include_policy": "true",
    },
    headers={
        'host': 'oauth.secure.pixiv.net',
        "user-agent": "PixivAndroidApp/5.0.156 (Android 9; ONEPLUS A6013)",
        "accept-language": "en_US",
        "app-os": "android",
        "app-os-version": "5.0.156",
        "x-client-time": "2019-09-02T20:51:57+02:00",
        "x-client-hash": "5bb0b1ec0b6e1a86d7dc18dbea2c80bf",
        "content-type": "application/x-www-form-urlencoded",
        "accept-encoding": "gzip"
    }
)

the x-client-time and x-client-hash header have to properly match, else you'll get the 1508 error code

[pixelchai]

Just so you know, this issue doesn't seem to be Python specific, either, as this Java port of this project: https://github.com/ScienJus/pixiv-parser also got the same issue at the same time (it was working yesterday)

[DaRealFreak]

updated my previous reply:
X-Client-Time and X-Client-Hash header are now required and validated serverside.
X-Client-Time is an RFC3339 converted timestamp
X-Client-Hash consists of:
md5([X-Client-Time]28c1fdd170a5204386cb1313c7077b34f83e4aaf4aa829ce78c231e05b0bae2c)
so f.e. with X-Client-Time: 2019-09-02T20:51:57+02:00
the X-Client-Hash is: md5(2019-09-02T20:51:57+02:0028c1fdd170a5204386cb1313c7077b34f83e4aaf4aa829ce78c231e05b0bae2c)
--> 5bb0b1ec0b6e1a86d7dc18dbea2c80bf

the Authentication works with these headers now again

[roytam1]

X-Client-Time and X-Client-Hash header are now required and validated serverside.

oh thanks, I can update my userscript now.

[chitosai]

My pixivpy was installed with pip, whose version is 3.3.7
Could you tell me how can I upgrade to the latest version that has fixed this problem?

[Asidert]

My pixivpy was installed with pip, whose version is 3.3.7
Could you tell me how can I upgrade to the latest version that has fixed this problem?

Maybe pip install pixivpy --upgrade?

[chitosai]

My pixivpy was installed with pip, whose version is 3.3.7
Could you tell me how can I upgrade to the latest version that has fixed this problem?

Maybe pip install pixivpy --upgrade?

I've tried, it says requirement satisfied and kept in 3.3.7

[upbit]

Sorry, I haven't verify and bump the version, so the PyPI is still old version.

At this stage, you can install the fix from the source code:

pip uninstall pixivpy

git clone https://github.com/upbit/pixivpy.git
cd pixivpy/
pip install [--editable] .

After updating PyPi, I will fix and close this issue again.

[Asidert]

My pixivpy was installed with pip, whose version is 3.3.7
Could you tell me how can I upgrade to the latest version that has fixed this problem?

Maybe pip install pixivpy --upgrade?

I've tried, it says requirement satisfied and kept in 3.3.7

Add this in auth method to headers:
'X-Client-Time': '3000-01-01T00:00:00+00:00', 'X-Client-Hash': '93771864335ef0c8e52db10be563eab3'
In file /usr/local/lib/python/site-packages/pixivpy3/api.py

[chitosai]

@upbit @Asidert

It works, thanks for the help!

[Asidert]

@upbit @Asidert

It works, thanks for the help!

Say thanks for the headers @DaRealFreak, and update your version after closing this issue.

[chitosai]

@upbit @Asidert
It works, thanks for the help!

Say thanks for the headers @DaRealFreak, and update your version after closing this issue.

Sure, and thanks @DaRealFreak :)

[upbit]

Fixed, bump PyPi version to 3.4.0. Please upgrade API using:

$ pip install pixivpy --upgrade

Collecting pixivpy
  Downloading https://files.pythonhosted.org/packages/a9/db/0e0b1ca48e184436289631ed2c6fd6313a93409c493c6af3830531780385/PixivPy-3.4.0-py2-none-any.whl
Requirement already satisfied, skipping upgrade: requests in /anaconda/lib/python2.7/site-packages (from pixivpy) (2.13.0)
Installing collected packages: pixivpy
Successfully installed pixivpy-3.4.0