Purchase is not completed

[jackblk]

Expected Behavior

No error, purchase should be completed.

Actual Behavior

No error, purchase is not completed. EFC will say it is claimed.

Steps to Reproduce the Problem

1. Buy a game
2. Check the actual game page, it should be claimed

Some debugging, seems like a bug on the epicgames-client.

Specifications

• epicgames-freebies-claimer Version: 1.5.8

[adi170-alt]

yea, got the same problem

[Revadike]

Damn, sorry, I thought it was working as I actually already own it when I tested it. Is this error different from https://github.com/Revadike/epicgames-freebies-claimer/issues/115 ?

[adi170-alt]

Damn, sorry, I thought it was working as I actually already own it when I tested it. Is this error different from #115 ?

I think that it is the same as # 115 I get this: 2021-12-18 | 22:20:03.947 | INFO | Epicgames Freebies Claimer (1.5.8) by Revadike 2021-12-18 | 22:20:05.748 | INFO | Found 1 unclaimed freebie(s) for (my email) 2021-12-18 | 22:20:34.183 | INFO | Logged in as (my username) (my token) 2021-12-18 | 22:20:40.844 | WARN | Remnant: From the Ashes was already claimed for this account 2021-12-18 | 22:20:41.299 | INFO | Logged (my username) out of Epic Games 2021-12-18 | 22:20:45.139 | INFO | Push notification sent 2021-12-18 | 22:20:45.143 | INFO | Waiting 1440 minutes

[killerjerick]

Pretty sure I have the same issue, although I only have 3 accounts, my main, a friend's account and my nephew's account, my main already had it, so I assumed it had worked, however checking my friend and nephew's account and it didn't claim it correctly, just get the message "Remnant: From the Ashes was already claimed for this account"

[jackblk]

Different reason but the same issue with #115

I'll take a look

[jackblk]

I tested the epicgames-client client, it seems to work just fine for normal games.

However, for mystery games, it will require a param captchaToken. Without this, it will return 400 I think. Welp, seems like the client is getting captcha boys.

[rospod]

Same question with you. The node js shows I have already claimed the game but when I enter the webstore, the claim button is still here.

[XEGARE]

@rospod This game has been handed out before. I took it. Yesterday, when I was taken by hand, I was asked for some kind of confirmation, but I do not remember which one.

Perhaps they are giving out something in addition, which cannot be determined from epicgames-freebies-claimer.

[jackblk]

After some debugging, seems like the freebies now have hcaptcha built in to the checkout method, init with https://talon-service-prod.ecosec.on.epicgames.com/v1/init

Well, I think we cannot use epicgames-client anymore.

[XEGARE]

@jackblk Even for one account?

[TovMachin]

After some debugging, seems like the freebies now have hcaptcha built in to the checkout method, init with https://talon-service-prod.ecosec.on.epicgames.com/v1/init

Well, I think we cannot use epicgames-client anymore.

Can confirm there is indeed a captcha now :

[jackblk]

@jackblk Even for one account?

yeah, for all freebies

[XEGARE]

@jackblk Even for one account?

yeah, for all freebies

Picked up manually there was no hCaptcha

[LLinoor]

hCaptcha can be bypassed by providing an accessibility cookie: https://dashboard.hcaptcha.com/welcome_accessibility

[jackblk]

Picked up manually there was no hCaptcha

Because hCaptcha sees you as a normal person on a normal browser, not a bot.

We purchase by requesting directly to server. Now all freebies need captchaToken to purchase, which epicgames-client dependency cannot solve.

[Revadike]

I don't see any captcha on my end. I tried both browser and EFC. But I still don't know why I get We could not confirm your purchase at this time. Please try again later. with EFC.

I ruled out user-agent detection.

[Revadike]

Wait, I just discovered the browser request had indeed a captcha result in it. I didn't see any captcha prompts, so must be invisible.

[jackblk]

I don't see any captcha on my end. I tried both browser and EFC. But I still don't know why I get We could not confirm your purchase at this time. Please try again later. with EFC.

I ruled out user-agent detection.

For freebies, it requires you to have a captcha token when confirming order. In normal browser, hCaptcha will see that you're a normal user, so it will bypass the captcha automatically. Then it will pass the captcha token to the Placing Order request. If you try to place order multiple times, you will see the captcha.

Try this link to test: https://ue-launcher-website-prod.ol.epicgames.com/purchase?showNavigation=true&namespace=f401d7e187e349138380d22e991b29ca&offers=bdea68145b61462f9cd17068e835aadf

[Revadike]

Yes, can confirm.

[ghost]

So is there any solution?

[Revadike]

Ain't that the question. There are a few less-appealing ones:

• Use an automated web browser
• Use a paid anti-captcha service
• Devote to a cat and mouse game to attempt to automate captcha solving

I am also investigating the store cart feature more. Perhaps that's a way to avoid captcha still. For some reason, I am having severe issues even browsing epicgames store now.

[Revadike]

As I noticed before, when adding one of the weekly free games to your cart, it adds a captcha step when checking out, unfortunately :(

[LLinoor]

Is it not possible to use cookies to bypass hCaptcha? (as i mentioned before)

[Revadike]

No

[ghost]

hCaptcha specifically provides cookies that can skip authentication. In theory, this is possible, but in practice, hCaptcha determines whether it is a machine action by browser behavior (possibly input speed, browser automation flag, etc.). If it is determined to be a machine action, the cookie will not be served, and in more severe cases, your email and IP address will be blocked. This cookie is also only valid for one day and needs to be retrieved after 24 hours.

[Revadike]

I didn't know you meant it like that. I wouldn't bypass captcha, it would just trick hcaptcha into giving you a valid response without having to do a challenge (I assume).

[ghost]

https://blog.skk.moe/post/bypass-hcaptcha/

This article can be referenced. Pay special attention to the official hCaptcha answer in the comments haha～

This is the "cat and mouse" aspect. Like all tradeoffs between security and usability it is not perfect, but it does not need to be: anomalies are generally easy to spot, and can be selectively terminated in real-time.

Is this worth a try? I'm not really sure.

[frosty5689]

For now, the checker and notification pusher is nice as a reminder to go claim something you didn't own before.

[Jaeger33211Sec]

@Revadike worked with 2captcha before and could provide you with a api token for testing Discord: Jaeger33211#5260

[Revadike]

Thanks, but I already have an anti-captcha service.

[myfirstevercode]

would like if there's an option to enable a paid plugin for anti-captcha solver

[antoinerzad1]

The captcha is required even if it is a residential ip address?

[aofekiko]

Just throwing out what I'll be doing while this issue is being figured out (hopefully):

If you haven't set up a notification pusher with Apprise, a simple way to remind yourself to pick up the games is to:

• Make sure you have action failure alerts for email activated
• Make the action fails upon receiving the "was already claimed for this account" message by adding this ~ugly~ snippet to your action:

  docker run --rm --pull always --volume "$GITHUB_WORKSPACE/device_auths.json:/app/data/device_auths.json" ghcr.io/jackblk/epicgames-freebies-claimer:latest | tee output
  if [[ $(cat file | grep "was already claimed for this account") ]] && [[ $(cat file | grep "unclaimed freebie" | awk '{print $8}') != "0" ]]
  then
  exit 1
  fi

  Once the issue is fixed there won't be a way to reach this exit statement (as long as they don't give out 2 freebies at once) since it checks for both an unclaimed freebie and a claimed freebie from the same output.

[Revadike]

Well, I could release a fix for the wrong error message, but I don't know what to do about the captcha being there. Let's see if Epic keeps using it, first (probably :( ).

[fluteds]

Even if it just opened a browser to the link of the free game using selenium to manually claim that would be enough, not really a long term solution though.

[mix3d]

Definitely sad it's no longer working, I too am getting both the "[Game] was already claimed for this account" (#115) and "Error: Sorry, you don't have a prerequisite to purchase this pack." (#180)

Rip the set-it-and-forget-it dream

[mix3d]

Even if it just opened a browser to the link of the free game using selenium to manually claim that would be enough, not really a long term solution though.

I think I saw a different repo that took this approach. Might have only been docker. Let me try to find it again.

[jackblk]

@Revadike I think we should just fix the wrong message first. I've checked the code and I think it's an easy fix in epicgames-client.

Maybe we will catch the error on EFC and tell people to claim by themselves.

[Revadike]

@jackblk yeah I agree, let's do that. I'll also try to work on some anti-captcha solutions next week. On the bright side, it looks like fnbr.js is getting compatible with our project; they are going to implement epic store authentication, which will be a good improvement over the depreciated epicgames-client.

[vogler]

I hacked together a playwright script here: https://github.com/vogler/epicgames-claimer The stealth plugin is enough to avoid the hcaptcha. I just claimed the current game in headful mode with commit https://github.com/vogler/epicgames-claimer/commit/64d0ba8ce71baec3947d1b64acd567befcb39340 Idk if the main branch is fixed with the latest commit and if it works in headless mode as well (comment out https://github.com/vogler/epicgames-claimer/blob/main/main.stealth.js#L63, was not sure if PWDEBUG's inspector is detected). Testing is a bit difficult when you have to wait a day in-between. 😄 Maybe someone else can try it and report back.

[Lucetia]

Well, I could release a fix for the wrong error message, but I don't know what to do about the captcha being there. Let's see if Epic keeps using it, first (probably :( ).

Maybe I've been lucky but I haven't had to enter captcha at all this week. I have the program running on my rPI and I'm logged into my Windows computer. Clicked on each game and checked out like usual with no captcha at all.

[Revadike]

Well, I could release a fix for the wrong error message, but I don't know what to do about the captcha being there. Let's see if Epic keeps using it, first (probably :( ).

Maybe I've been lucky but I haven't had to enter captcha at all this week. I have the program running on my rPI and I'm logged into my Windows computer. Clicked on each game and checked out like usual with no captcha at all.

The captcha is invisible. It will only show if they suspect you of inauthentic (automated) behavior. A captcha challenge prompt or not, you will need a valid captcha response nevertheless.

[Revadike]

@Revadike I think we should just fix the wrong message first. I've checked the code and I think it's an easy fix in epicgames-client.

Maybe we will catch the error on EFC and tell people to claim by themselves.

Fixed error message with https://github.com/Revadike/node-epicgames-client/commit/564bcd079eb00b239da976d5e3bf7c786865a79b . Please update the epicgames-client dependency (with my latest fork). Sorry for the long wait, had a bunch of stuff going on.

[Revadike]

I'll leave it open until we have dealt the captcha issue in some way

[rahimkhoja]

Be kewl to just add in a paid captcha service option, while a better solution is being discovered.

[Revadike]

That would be kewl

[chaoscreater]

So today, I was just using my normal browser to claim games. I wasn't using any scripts. Somehow, I got prompted for hCaptcha at the Place Order step, despite that I was already logged in....

I think it's because I'm using Firefox containers to switch between accounts (without logging in or out) and maybe Epic Games is detecting that there are too many logins coming from the same IP.

[vogler]

https://github.com/vogler/epicgames-claimer claimed all the Tomb Raider games for me without showing a captcha. Still don't know about headless mode though.

and maybe Epic Games is detecting that there are too many logins coming from the same IP.

I also noticed that they start showing you captchas if you try to login too often from the same IP, but after some hours it was fine again. New IP helps immediately. Firefox containers keep cookies, so the problem is likely just using the site with different accounts from the same IP in a short time (maybe they do some more advanced fingerprinting).

[Revadike]

I'll repeat:

The captcha is invisible. It will only show if they suspect you of inauthentic (automated) behavior. A captcha challenge prompt or not, you will need a valid captcha response nevertheless.

[vogler]

I'll repeat:

The captcha is invisible. It will only show if they suspect you of inauthentic (automated) behavior. A captcha challenge prompt or not, you will need a valid captcha response nevertheless.

Idk if this was in response to me, but this is only relevant if you use their API, not if you automate a browser and they don't detect it. The script above runs fully automated.