Signing key changed?

[Patralos]

It seems like the signing key has been changed:

import jodel_api lat, lng, city = 48.148434, 11.567867, "Munich" j = jodel_api.JodelAccount(lat=lat, lng=lng, city=city) Creating new account. Traceback (most recent call last): File "", line 1, in File "/usr/local/lib/python2.7/dist-packages/jodel_api-1.2.5-py2.7.egg/jodel_api/jodel_api.py", line 56, in init r = self.refresh_all_tokens(**kwargs) File "/usr/local/lib/python2.7/dist-packages/jodel_api-1.2.5-py2.7.egg/jodel_api/jodel_api.py", line 136, in refresh_all_tokens raise Exception(resp) Exception: (477, {u'metadata': None, u'error': u'Signed request expected'})

Environment

4.49.0 GnAXvETHFDbDfhngjDYEkszdqZowDpWsWuCectMJ

[mullanptr]

Have the same problem. According to the error-codes this will be fixed if the jodel_api is getting a new release. So we simply might just have to wait.

[espilsad]

You can do it yourself with this tool: https://github.com/nborrmann/jodeldecompile

[tom-eagle92]

Was anybody able to get the new signing key? I can't get the scripts from the jdoeldecompile repository working, same with the ojoc-keyhack scripts.

[gaurav-stepin]

Hi mate, I just wanted to check that if you are going to update api-key soon? thanks

[Thamos]

Here are the latest keys (there's also a pull request for the newest)

version: 4.55.1 secret: SUJlYgihNxTmcfdrEcjROozfNemiqJSjYpoJJMUC version: 4.54.1 secret: lYgeNFRCzBYVxqVtxeaJAHHZnogGssMFgVTgxBvP version: 4.53.1 secret: UJBCWDUHEtpdiawcSEJSpUSXtWbrXOfIWeYTRVjX

[Gudui]

@Thamos

How do you extract the keys?

I've look at https://github.com/nborrmann/jodeldecompile/ But im stuck in the fourth step, where a decompiler is used, but i can't seem to find the specific decompiler.

Thanks in advance

[kian1991]

@Thamos would you please delete the keys? It's okay if only ones with the knowledge to extract it have them. The more spammer and abuser out there the more likely it won't be possible to use their API in the future! (And there are a lot of guys abusing it unfortunately)

[Thamos]

@Gudui Just google for a .so decompiler, I'm sure you can find one.

@kian1991 Since 4.56.1 is already released I won't remove them (cause they are soon invalid anyway). However I won't post the new key.

[Gudui]

@Thamos Thanks for the tip, i'll try then :-).

[Daedra223]

@Guidui and @kian1991 true please delete all keys and avoid spamming and missusing ...

[Thamos]

@Daedra223 How come the sudden change of opinion?

[Daedra223]

@Thamos thinking about the aim of jodel to create an original repostfree community, that I dont want to destroy ... so thats why we should stop publicate the keyd and better communicate them within a small group of person. Nevertheless the more knowing them the faster jodel finds a way to change it ... so to keep that working just send it privatelly to certain ppl

[aschaeufler]

So basicly the keys should be shared just with you?😂

Am 20.08.2017 23:28 schrieb "Daedra223" notifications@github.com:

@Thamos https://github.com/thamos thinking about the aim of jodel to create an original repostfree community, that I dont want to destroy ... so thats why we should stop publicate the keyd and better communicate them within a small group of person. Nevertheless the more knowing them the faster jodel finds a way to change it ... so to keep that working just send it privatelly to certain ppl

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/nborrmann/jodel_api/issues/40#issuecomment-323613177, or mute the thread https://github.com/notifications/unsubscribe-auth/AKQE5yZEJUbT2-Fbxq4-FBp2OWQzIxBfks5saKT9gaJpZM4OejIk .

[Daedra223]

@aschaeufler I didnt say that I belong to this small group of person who should get the key. To protect the community I would rather prefer to not get it than to let everyone have it ... so jodel becomes a massive reposting platform ...

[andrelanger]

it seems like the api key has changed again...

jodel-api v1.2.10

j = jodel_api.JodelAccount(lat=lat, lng=lng, city=city) Creating new account. Traceback (most recent call last): File "", line 1, in File "/usr/local/lib/python2.7/dist-packages/jodel_api/jodel_api.py", line 56, in init r = self.refresh_all_tokens(**kwargs) File "/usr/local/lib/python2.7/dist-packages/jodel_api/jodel_api.py", line 136 , in refresh_all_tokens raise Exception(resp) Exception: (477, {u'metadata': None, u'error': u'Signed request expected'})

[petrekova]

@andrelanger take a look at this Repo to generate your own key.

Note that the scripts are somewhat broken. E.g. download_apk.sh doesn't work anymore(because the apk provider probably changed the way it provides the apk). So you'll have to either fix the script(see this file of @nborrmann )or you'll have to manually download the newest apk and then point to it in decrypt.sh.

By the way, @nborrmann, could it be that your build script is broken? I took a look at your Travis CI and it seems it has some issue with pip if I remember right. Otherwise it should push the newest version with the signed keys automatically, shouldn't it?

[nborrmann]

@petrekova Yeah, that's a bit broken. But it does publish the newest version on PyPI, the issue is that it fails if the current version already exists on PyPI. Previously it just failed silently, now it crashes the build. I was too lazy to fix it tbh.

[m7ariri]

4.80.5 signing key?

[nknappe]

@m7ariri 4.80.5 is outdated

[deucalion]

This bug looks like a prime candidate for "wontfix"... 😏😉

[guitar9]

when does the new version comes out? get errot 477

[UMTti]

@nborrmann @ioncodes Do you know is there now any working way to retrieve signing key? Or can you update this pip package to work?

[ioncodes]

@UMTti I have the keys but I'm not allowed to share them anymore :/

[deucalion]

What's so hard to understand?

The entire point is to make it not too easy for amateurs to use this so Jodel won't get flooded with spam and Jodel HQ won't implement further measures to bar others from using their platform.

One user in this thread already has been kind enough to share a tool to allow extraction of a new key; if you are unable to use it, either improve your skill level or leave the rest of us here alone... PLEASE.

@nborrmann please close this bug and mark it as wontfix.

[ioncodes]

Tbh, the tool didn't work anymore at some point. I had to make my own, are you sure it actually works for you?

[deucalion]

Only with a few adaptations, admittedly. But if you're familiar enough with the tooling, I wouldn't consider that a real issue.

[ioncodes]

Well I'm not really familiar with it since I have my own tool xD I don't like relying on other people too much