search

hurlenko / orly

Download O'Reilly books as EPUB.
MIT License
61 stars 8 forks source link

Support SSO auth #1

Closed thesurlydev closed 1 year ago

thesurlydev commented 2 years ago

I have an O'Reilly account via acm.org which seems to use a different auth mechanism (SSO). Please consider adding support for SSO.

hurlenko commented 2 years ago

Hi @digitalsanctum, you can now use browser cookies for authentication. Please update and give it a try

thesurlydev commented 2 years ago

Still running into an issue:

orly --cookie 'BrowserCookie=AWSALB=...; AWSALBCORS=...' 9780136915805
[2021-11-09 07:54:29][INFO] Logging into Safari Books Online usig cookies...
[2021-11-09 07:54:29][INFO] Validating subscription
[2021-11-09 07:54:29][ERROR] Request failed: HTTP status client error (401 Unauthorized) for url (https://learning.oreilly.com/api/v1/payments/next_billing_date/)

Perhaps the subscription check can be skipped for cookie auth?

hurlenko commented 2 years ago

I think subscription check is required. You'll be able to download books successfully without it but the chapter content will be trimmed. I've tried cookie auth with both google and username/password authenticated account. Works fine for me. Make sure you copied the right (entire) cookie.

After signing in do the following (if you use Chrome):

  1. Open the Network tab
  2. Find a POST request to https://learning.oreilly.com/api/v1/track/
  3. Copy the cookie header value from Request Headers

If you're using Firefox the cookie value might be trimmed. You can copy the request as curl and then copy the cookie value.

thesurlydev commented 2 years ago

I don't think the billing endpoint is allowed in my case. See the following:

HTTP 403 Forbidden
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "detail": "You are not permitted to view this subscription."
}

I also don't see the /api/v1/track showing up in any of the requests.

hurlenko commented 2 years ago

Hello @digitalsanctum,

Sorry for the late response, didn’t have much time. Does disabling the subscription check solve the issue? Is everything else working fine? #2

I'd like to add support for SSO but I don't have an account to test it with. One reason I don’t want to remove subscription validation completely is because with expired subscription the app would still download the book successfully but the book itself will be truncated - only a couple paragraphs from each chapter will be visible.