hanse / node-jodel

Access Jodel through JavaScript (may not work anymore)
17 stars 2 forks source link

Changed way of getting device id? #1

Open Nafrali opened 8 years ago

Nafrali commented 8 years ago

Hi, I've been looking at your code and I've tried to get my own device id for Jodel. I can find my deviceId by monitoring my network traffic, however using your code to generate a device id, I do not get the same device id. I don't know if you ment to replicate Jodels device id algorithm or just made one on your own to have something to work with.

I have decompiled a Jodel apk and if I'm not mistaken it seems as if they have changed the algorithm. They now do an AND operation (& 0xFF) on all the string that is hashed. If they have changed the algorithm, will you update your code once you have time and intreset or is it something that I shall try and do once I have enough time? It could, of couse be that I'm just doing something wrong.

Best regards.

hanse commented 8 years ago

Hi, sorry for the late answer. The algorithm was extracted directly from the Jodel Android app, but I don't know if it has changed since then. Probably not.

Make sure you provide all the info in the correct order. If some of the fields aren't present, it should litteraly be the string null. My SIM did not provide a phone number, so I set that field to null.

Here is an app you can use to get all the required fields: https://play.google.com/store/apps/details?id=com.evozi.deviceid

loppanjo commented 8 years ago

How to sign the request to get Access_Token?

Nafrali commented 8 years ago

@loppanjo I don't believe that it's necessary to sign the request with an access_token. I believe that when I worked on my codebase I just used my deviceid from my phone. I will look into this once the summer begins.

loppanjo commented 8 years ago

@Nafrali I don't sign the request with an access_token but when I send the request to GET the access_token I get the response 'Signed Request Expected', the only thing that comes in mind by that is 'x-authorization: HMAC 43241...'

Nafrali commented 8 years ago

I'll look into it. I stopped coding on my jodel api halfway through a refactorization, I've started working on it today and once I get it up and running I'll see if I can help you. In the mean time, I feel as if our conversation have left the original purpose of the issue.

loppanjo commented 8 years ago

@Nafrali Have you found anything? Have tried resending requests and I get a new Bearer every time, when I try to edit the request just before sending I still get 'Signed Request Expected'.

Nafrali commented 8 years ago

@loppanjo I've just had fever, but I've started looking into it. I've tried to get my access token, but so far I'm only getting "Unauthorized" response, I'll keep looking into it.

lqasse commented 8 years ago

Any progress on this? @Nafrali @loppanjo

loppanjo commented 8 years ago

@lqasse no luck yet :/ i've managed to get all api calls working except the one to get bearer

loppanjo commented 8 years ago

I've managed to change my UUID on a rooted tablet and got new Bearers. Will test a few more things and report later.

ItsEcholot commented 8 years ago

Excellent news! Keep us updated

Powersource commented 8 years ago

I don't know the exact issue but this implementation works as far as I've tested, might be worth a look. https://bitbucket.org/cfib90/ojoc/src/dbbcfe2f9b8be19292af325d3e11be4d3a82bf75/OJOC/Connection.py?at=public&fileviewer=file-view-default

loppanjo commented 8 years ago

@Powersource Thank you soo much. This is exactly what I have been looking for :smiley: (Line 360-425)

Powersource commented 8 years ago

Hope it's going well. I just want to point out that he's refactored/cleaned up the majority of the lines in that project, might be worth taking a look again for changes.

loppanjo commented 8 years ago

I managed to get it working, creating 57 tokens before I got ip-banned :/ But i'm back again with a new ip. I don't know if it's against community rules to refer to another project, if so then remove this. I have written my own jodel api in javascript and I will soon release it (probably tonight) to public after a few more tweaks.

Powersource commented 8 years ago

Good work on getting banned :D

Considering that this project doesn't seem to be moving forward anytime soon I don't think anyone would mind you simply linking it (and it's not a sin in the first place).

loppanjo commented 8 years ago

Okay will do when it's up and my documentation is done ;)

dotWee commented 8 years ago

@loppanjo Any chance to get a look at your javascript implementation? I'm currently writing a own java client, but I'm stuck at generating a own token and signing api/v3 requests.

Powersource commented 8 years ago

@dotWee I was thinking about doing something similar a while back and I almost think that finding a way to run the connection.py (that I linked earlier) in java somehow would be the simplest way.