search

postaddictme / instagram-php-scraper

Get account information, photos, videos, stories and comments.
https://packagist.org/packages/raiym/instagram-php-scraper
MIT License
3.09k stars 800 forks source link

"checkpoint_required" error #676

Closed eldark closed 4 years ago

eldark commented 4 years ago

Ok, after #670 , and after the temporary fix I still can't get login() to work on accounts I know are working.

I did a var_dump of $response->body, at line 1550, and this is what I got:

object(stdClass)#15 (4) { ["message"]=> string(19) "checkpoint_required" ["checkpoint_url"]=> string(33) "/challenge/9840808137/1DcjKgL2rM/" ["lock"]=> bool(false) ["status"]=> string(4) "fail" }

I assume this is the challenge @ibnux mentioned in his message. I'm assuming as I run this from the command line, not from the browser.

How can I circumvent this without, as suggested there, creating new accounts?

pgrimaud commented 4 years ago

@eldark Did you succeed to trigger the checkpoint_url directly on your web browser? If yes, how? (changing ip or other way?)

eldark commented 4 years ago

@eldark Did you succeed to trigger the checkpoint_url directly on your web browser? If yes, how? (changing ip or other way?)

Nope. My app was designed to run from the command line, so I would have to refactor a lot to try that. But now that you mention, it might be possible to go to that checkpoint_url, capture the button and simulate a click.

If you point to https://www.instagram.com/ + checkpoint_url, you get redirected to the "We Detected An Unusual Login Attempt" page, prompting you to click "This Wasn't Me" or "This Was Me". So there might be something useful there.

pgrimaud commented 4 years ago

@eldark Weird. I tried to connect my dummy account with various IPs around the world and I never get any checkpoint_required. 😞

Do you have a dummy account to share?

eldark commented 4 years ago

@eldark Weird. I tried to connect my dummy account with various IPs around the world and I never get any checkpoint_required. 😞

Do you have a dummy account to share?

Not really. I'm using a client's Instagram account.

Do a var_dump of $response->body, at line 1550 (Instagram.php). There you'll see that array.

ibnux commented 4 years ago

@pgrimaud you can try my account, is not my primary account, just for scrapping user: xnuqi

ibnux commented 4 years ago

to see an error i change this line https://github.com/postaddictme/instagram-php-scraper/blob/f98597de5bc75185ecd87f2ae8f1f8c320070637/src/InstagramScraper/Instagram.php#L1561

to show error using json_encode($response)

throw new InstagramAuthException('Something went wrong. Please report issue.'.json_encode($response), $response->code);
pgrimaud commented 4 years ago

Thank you so much @ibnux for your credentials. 🙏 🙏 🙏 🙏 🙏 I may have more question for you, can you contact me on Twitter or Discord?

I got the 400 error now.

I will write a "Proof of concept" script to trigger verification.

How it works :

  1. Try to login
  2. Got 400 error "checkpoint_required"
  3. Trigger email verification
  4. Connect to your email inbox using SMTP
  5. Wait for Instagram verification email
  6. Parse verification code from email
  7. Make a request to instagram with this code to complete verification
  8. Verification is done, then save session

What do you think about it?

eldark commented 4 years ago

Connection through SMTP. Very clever. I'm up to trying your approach.

@sacabezas on Twitter

ibnux commented 4 years ago

Thank you so much @ibnux for your credentials. 🙏 🙏 🙏 🙏 🙏 I may have more question for you, can you contact me on Twitter or Discord?

I got the 400 error now.

I will write a "Proof of concept" script to trigger verification.

How it works :

1. Try to login

2. Got 400 error "checkpoint_required"

3. Trigger email verification

4. Connect to your email inbox using SMTP

5. Wait for Instagram verification email

6. Parse verification code from email

7. Make a request to instagram with this code to complete verification

8. Verification is done, then save session

What do you think about it?

You can find me on twitter with same username @ibnux or telegram or Discord ibnux#2048

yes i got verification number on my email, maybe smtp will work

pgrimaud commented 4 years ago

Connection through SMTP. Very clever. I'm up to trying your approach.

I'm fucking dumb. IMAP, not SMTP. 🤦🏻‍♂️

pgrimaud commented 4 years ago

I can now bypass automatically this checkpoint challenge thank to @ibnux & @eldark 🔥

I tried this : 

1. Try to login
2. Got 400 error "checkpoint_required"
3. Trigger email verification
4. Connect to your email inbox using SMTP
5. Wait for Instagram verification email
6. Parse verification code from email
7. Make a request to instagram with this code to complete verification
8. Verification is done, then save session

I wrote a PoC on my own Instagram scraper : https://github.com/pgrimaud/instagram-user-feed/blob/feature/checkpoint-challenge/src/Instagram/Auth/Login.php

I will write better code in the next days then submit a PR here.

eldark commented 4 years ago

Excellent, @pgrimaud . Will check your code and see if I can get it sort of work on my end. I will also wait for your PR before closing this, so @raiym can work in peace.

stale[bot] commented 4 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.