Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication steps that worked for me #6

Open
hkors opened this issue Jan 5, 2017 · 7 comments
Open

Authentication steps that worked for me #6

hkors opened this issue Jan 5, 2017 · 7 comments
Labels
enhancement

Comments

@hkors
Copy link

hkors commented Jan 5, 2017
edited
Loading

Update June 13, 2017: The login page is now protected by reCAPTCHA, so we receive a HTTP status code 403 Forbidden now each time we login with this method. I haven't figured out a workaround for this.

Hello people,

The described authentication steps didn't work for me, probably because R* has changed the way we sign into SocialClub. But finally I managed to construct the correct HTTP requests, so here are the steps I've taken for everyone who's facing the same problem:

  1. Send a HTTP GET-request to https://socialclub.rockstargames.com/profile/signin, get the body and search for the hidden input field named __RequestVerificationToken. Note that there are multiple fields with this name. The one in front of <li class="twitter"> is used. Get the value of this input field and remember this verification token. The returned cookies must also be saved to a cookie jar.

  2. Now it is time to get the authentication cookie. Send a HTTP POST-request to https://socialclub.rockstargames.com/profile/signincompact with the cookie jar and add the following HTTP headers to this request:

    Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json; charset=UTF-8
RequestVerificationToken: <VERIFICATION_TOKEN>

    The body of the request is a JSON string, as follows:

    {"login":"<SOCIALCLUB_USERNAME>","password":"<SOCIALCLUB_PASSWORD>","rememberme":true}

    Again, store the cookies in the cookie jar.
    If status code 403 Forbidden is returned, then you must sign into SocialClub manually on the same machine to get rid of the requested CAPTCHA. This CAPTCHA is requested for your IP address when you keep signing in a couple times during a short time.
    If status code 429 Too Many Requests is returned, you should wait a few minutes before trying it again.
    We should get status code 200 OK. If that is not the case, something went wrong, like missing required HTTP headers. If your credentials were invalid, you still receive status code 200 OK. To check whether the sign in was successful, check for the existence of a cookie named AuthenticateCookie. Nowadays it seems like we get a status code 401 Unauthorized when you provide invalid credentials.

  3. The cookie jar contains now the necessary cookies to retrieve the information you need. So if you want to get the information from http://socialclub.rockstargames.com/games/gtav/career/overviewAjax?character=Freemode&nickname=<SOCIALCLUB_USERNAME>&slot=Freemode&gamerHandle=&gamerTag=&_=<TIMESTAMP>, then send a HTTP GET-request to this URL with the cookie jar that contains the AuthenticateCookie cookie after step 2.

To each HTTP request I add the following HTTP headers (and override the Accept header in step 2):

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.8,nl;q=0.6
Connection: keep-alive
Host: socialclub.rockstargames.com
Origin: https://socialclub.rockstargames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Some POST-requests require the verification token again in the body to some URL's of SocialClub.

I've created a Node.js script based on the gta5-map/Social-Club-example-parser project that uses these authentication steps. It can be found in this pull request: gta5-map/Social-Club-example-parser#12
@hkors hkors mentioned this issue Jan 5, 2017
Merged
@frdmn
Copy link
Member

frdmn commented Jan 9, 2017

Well done!

@LordTiggy
Copy link

Do you mind sharing your code with u? So we have a working example.

@hkors
Copy link
Author

hkors commented Jan 10, 2017

@LordTiggy Check the other repository of @frdmn at https://github.com/gta5-map/Social-Club-example-parser. The code can be found in the index.js file. It is in Node.js, but I suppose it can be helpful for doing it in PHP using cURL or any other way you prefer.

@timwoocker
Copy link

Anyone found a working solution yet?

@frdmn
Copy link
Member

frdmn commented Dec 14, 2017

@crey4fun The node.js parser doesn't work for you?

@timwoocker
Copy link

Nope, logging in does not work due to the recaptcha I guess

@frdmn
Copy link
Member

frdmn commented Dec 19, 2017

The parser should notice if a captcha blocks the signin:

https://github.com/gta5-map/Social-Club-example-parser/blob/master/index.js#L274-L276

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@frdmn @LordTiggy @hkors @timwoocker