search

lyc8503 / EasierConnect

NJU EasyConnect 第三方开源 Golang 客户端 / NJU EasyConnect protocol reimplementation in Go
534 stars 119 forks source link

Support login via QR code #26

Open MrAru opened 1 year ago

MrAru commented 1 year ago

Same as the title. Some institutions only support login with QR code (I'm not sure as I didn't find any instructions for other methods on the VPN manual of our school). Any plan for support this feature?

githuu5y5u commented 1 year ago

Any examples of the pictures ?

lyc8503 commented 1 year ago

Same as the title. Some institutions only support login with QR code (I'm not sure as I didn't find any instructions for other methods on the VPN manual of our school). Any plan for support this feature?

I think you're trying to connect to XMU's SSL VPN (judging from your blog), can't you log in with username on this page by clicking 'Use Account'?

If not, I am afraid that I couldn't support WeCom login since the login process possibly varies a lot between different orgs, please try to use the TwfID you captured in your browser to log in, maybe this tool can help you with this process.

In the future there may be ECAgent login mode which supports all kinds of auth methods.

githuu5y5u commented 1 year ago

I am working on http://127.0.0.1:[54530, 54541, 54552, 54563, 54574, 54585, 54596, 54607]/ECAgent/ login method and route table. open your F12 console to see if this method works.

lyc8503 commented 1 year ago

I am working on http://127.0.0.1:[54530, 54541, 54552, 54563, 54574, 54585, 54596, 54607]/ECAgent/ login method and route table. open your F12 console to see if this method works.

If you are working on ECAgent login method & route table, could you please draft a PR to implement these features?

githuu5y5u commented 1 year ago

Not finish yet.

MrAru commented 1 year ago

Same as the title. Some institutions only support login with QR code (I'm not sure as I didn't find any instructions for other methods on the VPN manual of our school). Any plan for support this feature?

I think you're trying to connect to XMU's SSL VPN (judging from your blog), can't you log in with username on this page by clicking 'Use Account'?

If not, I am afraid that I couldn't support WeCom login since the login process possibly varies a lot between different orgs, please try to use the TwfID you captured in your browser to log in, maybe this tool can help you with this process.

In the future there may be ECAgent login mode which supports all kinds of auth methods.

Thanks for your reply. In fact, I haven't even seen the username and password before. IIRC, WeCom is the only way to login in XMU. Looks like I better capture my TwfID and I'll try that now.

lyc8503 commented 1 year ago

Not finish yet.

Making a PR and leaving it at Draft status could tell others that you are working on it, discuss your ideas with others, and avoid duplicated work. Of course it's your choice whether to submit a PR or not.

Hagb commented 1 year ago

Same as the title. Some institutions only support login with QR code (I'm not sure as I didn't find any instructions for other methods on the VPN manual of our school). Any plan for support this feature?

I think you're trying to connect to XMU's SSL VPN (judging from your blog), can't you log in with username on this page by clicking 'Use Account'? If not, I am afraid that I couldn't support WeCom login since the login process possibly varies a lot between different orgs, please try to use the TwfID you captured in your browser to log in, maybe this tool can help you with this process. In the future there may be ECAgent login mode which supports all kinds of auth methods.

Thanks for your reply. In fact, I haven't even seen the username and password before. IIRC, WeCom is the only way to login in XMU. Looks like I better capture my TwfID and I'll try that now.

Is scanning QR code only available on Android/iOS? I guess after the QR code is scanned, the web page will make the client (by calling https://127.0.0.1:54530) login?

githuu5y5u commented 1 year ago

This is my first time using Go lang, the code quality is a bit poor, da lao if you have almost done. I will not show my poor sh1t. xD Thanks.

lyc8503 commented 1 year ago

This is my first time using Go lang, the code quality is a bit poor, da lao if you have almost done. I will not show my poor sh1t. xD Thanks.

This project is also my first golang program, I even didn't start working on that, so don't mind sharing your code -w-

MrAru commented 1 year ago

Same as the title. Some institutions only support login with QR code (I'm not sure as I didn't find any instructions for other methods on the VPN manual of our school). Any plan for support this feature?

I think you're trying to connect to XMU's SSL VPN (judging from your blog), can't you log in with username on this page by clicking 'Use Account'? If not, I am afraid that I couldn't support WeCom login since the login process possibly varies a lot between different orgs, please try to use the TwfID you captured in your browser to log in, maybe this tool can help you with this process. In the future there may be ECAgent login mode which supports all kinds of auth methods.

Thanks for your reply. In fact, I haven't even seen the username and password before. IIRC, WeCom is the only way to login in XMU. Looks like I better capture my TwfID and I'll try that now.

Is scanning QR code only available on Android/iOS? I guess after the QR code is scanned, the web page will make the client (by calling https://127.0.0.1:54530) login?

Good catch! The TwfID was cached in browser cookies once I login with WeCom on the VPN website. And it's really valid in EasierConnect. So I think this could be the ultimate answer. The only question left, however, is that I cannot determine the expiration date of the TwfID. I'd like to use this TwfID in the following days until it goes invalid, then I will report the result here.

lyc8503 commented 1 year ago

In my experiment it expires in less than 24 hours, but in the official client it usually lasts longer before I have to relogin, maybe there're some way to refresh it that I didn't notice. You're welcome to report your expiration date.

githuu5y5u commented 1 year ago

@MrAru https://vpn.niubidaxue.edu.cn/por/timequery.csp

Hagb commented 1 year ago

With some server configuration, the session will be expired if there is no network traffic through the VPN for a long time (set by server, 5h for pc client and 24h for mobile client by default, in M7.6.3 and M7.6.8 R2).

lyc8503 commented 1 year ago

With some server configuration, the session will be expired if no network traffic through the VPN for a long time (set by server, 5h for pc client and 24h for mobile client by default, in M7.6.3 and M7.6.8 R2).

I will try to use a script to keep sending packets to see if I can keep the session longer.

In general cases, it's also a problem to find a suitable machine to communicate with (since it need to be within the target route range and respond to client's traffic).