search

Akdeniz / google-play-crawler

Play with Google Play API :)
Other
565 stars 204 forks source link

Unable to login() after checkin() #29

Open ghost opened 11 years ago

ghost commented 11 years ago

In TestGooglePlayCrawler.java, login() will be failed by using the android-id generated after run checkin(). Listcommand also failed.

HenryHoggard commented 11 years ago

Duplicate of https://github.com/Akdeniz/google-play-crawler/issues/28 , currently working on a fix.

ghost commented 11 years ago

I wonder why googleplay client still works, if the request is disabled.@HenryHoggard.

filamoon commented 11 years ago

@HenryHoggard Please kindly keep us posted :)

Akdeniz commented 11 years ago

I don't know why but google started to require a parameter named "client_sig" on authentication, which is kind of a identity for login service system apk. By the way its value does not matter, as far as tested. Weird!

Anyway, last commit should work.

ghost commented 11 years ago

@Akdeniz How you test it out? On your android device?

Akdeniz commented 11 years ago

@uptown1919 No, I prefer to use emulator.

spacegom commented 11 years ago

@Akdeniz Thanks alot!!!!!

CodeheadUK commented 11 years ago

@Akdeniz Wow, quick fix! Great work, thank you. Care to share how you pulled the API apart? I was poking around yesterday trying to work out where the problem was, but didn't get very far.

HenryHoggard commented 11 years ago

@CodeheadUK The way I did it was if you use a proxy to view the requests you will see that you get 404 or error 500 unless you add client_sig to the requests. I discovered it was client_sig by comparing the checkin request to the search request because checkin still worked and search didn't. After trial and error I found that client_sig was the difference between the two requests.

CodeheadUK commented 11 years ago

@HenryHoggard, Thanks for the info. I saw the 404 and convinced myself that URL_LOGIN was wrong or had changed. I figured that I could snag the traffic from an emulator for more info, but got put off by the https encryption.

filamoon commented 11 years ago

@CodeheadUK Here is what I did with https on my device:

I'm using the Charles proxy tool that comes with a SSL certificate. Install the certificate to the phone. Then in wifi settings, enable advanced options and set the proxy IP and port accordingly. Enable SSL proxy in Charles, then you will be able to decrypt the https payload.

CodeheadUK commented 11 years ago

Top tips, Thanks @filamoon.

qwertydzen commented 11 years ago

@Akdeniz thank you for the fix