search

argrento / huami-token

Script to obtain watch or band bluetooth token from Huami servers
MIT License
410 stars 94 forks source link

cache token into json for quick reuse #39

Open dpeddi opened 2 years ago

dpeddi commented 2 years ago

Login token and app token have an expiration.

They can be renewed with: 're_login': 'https://account.huami.com/v1/client/re_login'

and the following payload:

        're_login': {
                'device_id_type': 'androidid'
                'app_name' :      'com.huami.midong'
                'login_token':    None
                'device_id' :     None 
        }

Full mitmproxy dump:

Flow Details
2021-09-26 21:49:22 POST https://account-cn2.huami.com/v1/client/re_login
                         ← 200 OK application/json 532b 769ms
                                Request                                                               Response                                                                Detail
hm-privacy-ceip:         true
app_name:                com.huami.midong
X-Request-Id:            a8ff8500-d780-4f0e-a83e-729097776366
hm-privacy-diagnostics:  false
Accept-Language:         it-IT
Content-Type:            application/x-www-form-urlencoded; charset=UTF-8
User-Agent:              Dalvik/2.1.0 (Linux; U; Android 5.0.2; HTC One Build/LRX22G)
Host:                    **account-cn2**.huami.com
Connection:              Keep-Alive
Accept-Encoding:         gzip
Content-Length:          413
URLEncoded form                                                                                                                                                                                            [m:auto]
login_token:
N***0
source:         com.huami.watch.hmwatchmanager:6.1.4-play:100440
device_id:      9***f
lang:           it
device_model:   android_phone
os_version:     v0.6.38
app_name:       com.huami.midong
device_id_type: androidid

Preliminar function..

    def reLogin(self):
        re_login = urls.URLS["re_login"]
        data = urls.PAYLOADS['re_login']
        data['login_token'] = self.login_token
        data['app_name'] = x_requested_with
        data['device_id'] = self.device_id
#       data['lang'] =            "it"
#       data['device_model'] =    "android_phone"
#       data['os_version'] =      "v0.6.38"

        headers = {}
        response = requests.post(re_login, data=data, headers=headers, allow_redirects=False, verify=False)
        print(data)
        login_result = response.json()
        print ("RELOGIN:",login_result)
        self.app_token = login_result["token_info"]["app_token"]
        self.login_token = login_result["token_info"]["login_token"]
        response.raise_for_status()

all the function before response.raise_for_status() should check for error and try to reLogin.

argrento commented 2 years ago

Great! I will slightly rewrite it using https://github.com/samuelcolvin/pydantic