fut
fut copied to clipboard
futapi
New login verification system
The reason of creating new issue is to collect all info about new verification system (code, secreat answer, captcha etc.) in one place.
- Secret answer is no used anymore since we got code validation?
- Captcha pops out in login process or just when you are logged in and make to fast requests?
PS. I've pushed new commit (33f7192f55fc89820fe301cf8dcbf2e3490210fd) that enables two step verification (email/sms code), it's not yet tested and probably doesn't work ;-).
TODO:
- Captcha exception should return image id/url so we can manage it
- add new method to solve captcha (sends string)
- new method/plugin(?) that uses some kind of captcha resolver (deathbycaptcha.com)
- All my test not asking the secret answer after code
- captcha only on to fast requests
update
- after changing computer the secret answer is aked after code
I have made a script that dips into the email inbox and gets the code - but i cannot for the life of me find out what URL to send the request too. The params are...
"twoFactorCode" => $thecode, "_trustThisDevice" => "on", "trustThisDevice" => "on", "_eventId" => "submit"
I dont need too I have a script that grabs the code from the email account.
Same discussion here if it can help you: https://github.com/trydis/FIFA-Ultimate-Team-2015-Toolkit/issues/93
@LUFCMOT url is not the problem https://github.com/oczkers/fut/blob/33f7192f55fc89820fe301cf8dcbf2e3490210fd/fut/core.py#L180
anyone tested my commit?
@oczkers but where is "twoFactorCode" => $thecode, "_trustThisDevice" => "on", "trustThisDevice" => "on", "_eventId" => "submit"
POST too?
fut.Core('login', 'password', 'secret_password', code=123456)
code is needed only on first launch (and every 90 days) if you use cookies.txt
my test
import fut
EmailAdd='[email protected]'
PassWord='password'
SecretAnswer='secret'
PlatF='xbox'
CodeOR=123456
Emu=''
Fifa = fut.Core(EmailAdd, PassWord, SecretAnswer, platform=PlatF, code=CodeOR ,emulate=Emu, cookies= EmailAdd)
result
Traceback (most recent call last):
File "J:\FUT\22-test connexion.py", line 16, in
and I receive a new code by email
@oczkers what url do you use for send the code? my step are:
Login -> send in POST the username / password -> RESPONSE: html page of "Two factor code" form -> i get URL of this page -> send in POST correctly the code -> RESPONSE: html page of "Two factor code" form.
the url of twofactorcode need of some extra cookie or extra header field?
I use a JAVA tool that i made for me.
@Innursery Post full logs (last response from server at least).
@christrato At the beggining of login process there is redirect to something like this:
https://signin.ea.com/p/web/login?execution=e279030983s1&initref=https://accounts.ea.com:443/connect/auth?scope=basic.identity+basic.persona+signin+offline+security.challenge&redirect_uri=http%3A%2F%2Fwww.easports.com%2Ffifa%2Flogin_check&locale=en_US&state=ii6eMmZdi2IxVeGx8jKEPOLFql0mEVioU-hvDviXjvw&response_type=code&client_id=EASFC-web
e279030983s1
s1 = post login data (username, password) s2 = request and post code s3 = dunno
There is no difference in headers between s1,s2,s3 besides referer.
EDIT: i'll release new stable version when we get more confirmations that it works (and logs from @Innursery) EDIT2: updated s1,s2,s3
@oczkers
2014-12-12 09:49:28,562 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTP connection (1): www.easports.com (line 171)
2014-12-12 09:49:28,768 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /uk/fifa/football-club/ultimate-team HTTP/1.1" 301 262 (line 344)
2014-12-12 09:49:28,770 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTPS connection (1): www.easports.com (line 635)
2014-12-12 09:49:29,471 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /uk/fifa/ultimate-team/web-app HTTP/1.1" 302 406 (line 344)
2014-12-12 09:49:29,475 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTPS connection (1): accounts.ea.com (line 635)
2014-12-12 09:49:29,666 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /connect/auth?response_type=code&client_id=EASFC-web&state=cyMOpPM8xPVCQ0aRC2VRtHN6G8eXkFnWMF2FL4sWC-4&redirect_uri=http%3A%2F%2Fwww.easports.com%2Ffifa%2Flogin_check&locale=en_GB&scope=basic.identity+basic.persona+signin+offline+security.challenge HTTP/1.1" 302 0 (line 344)
2014-12-12 09:49:29,668 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTPS connection (1): signin.ea.com (line 635)
2014-12-12 09:49:29,899 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /p/web/login?fid=F6i9vhuygGDc3rPSLK7ZY7YYluYYKwS HTTP/1.1" 302 0 (line 344)
2014-12-12 09:49:29,967 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /p/web/login?execution=e1332693757s1&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DcyMOpPM8xPVCQ0aRC2VRtHN6G8eXkFnWMF2FL4sWC-4%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 200 None (line 344)
2014-12-12 09:49:30,104 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "POST /p/web/login?execution=e1332693757s1&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DcyMOpPM8xPVCQ0aRC2VRtHN6G8eXkFnWMF2FL4sWC-4%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 302 0 (line 344)
2014-12-12 09:49:30,172 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /p/web/login?execution=e1332693757s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DcyMOpPM8xPVCQ0aRC2VRtHN6G8eXkFnWMF2FL4sWC-4%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 200 None (line 344)
2014-12-12 09:49:30,174 [DEBUG] [root] __login__: b'\n<!DOCTYPE html>\n<html lang="en">\n<head>\n <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>\n\n <title>Login Verification</title>\n <meta name="title" content="Login Verification"/>\n <meta name="description" content="Input your Two Factor Authentication Code"/>\n <link rel="shortcut icon" href="/p/favicon.ico"/>\n <meta name="lc" content="en_GB"/>\n <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"/>\n <meta http-equiv="X-UA-Compatible" content="IE=Edge">\n\n<script type="text/javascript">window.EA = {};</script>\n<script type="text/javascript" src="//fonts.ea.com/fbl8bgs.js"></script>\n<script type="text/javascript">(function () {\n try {\n Typekit.load();\n } catch (ex) {\n var html = document.getElementsByTagName(\'html\')[0];\n html.className = (html.className || \'\') + \' wf-inactive\'\n }\n})();</script>\n\n\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery-1.8.3.min.v_1418060428.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery.origin-ux-elements.v_1418060428-min.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery.origin-layout.v_1418060428-min.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/js/jquery.origin-challenge-tfa.v_1418060428-min.js"></script>\n\n<script type="text/javascript">\n if (!window.challenge_cancel) {\n window.challenge_cancel = function() {\n if ($("#btnCancel").length > 0) {\n $("#btnCancel").trigger("click");\n return true;\n } else {\n return false;\n }\n }\n }\n</script>\n\n<script type="text/javascript">\n $(document).ready(function() {\n $.fn.tfa({\n });\n $("#twoFactorCode").focus();\n });\n</script>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/css/origin-ux-elements.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/css/origin-layout.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/css/origin-challenge-tfa.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/css/origin-challenge-tfa.v_1418060428-min.css"/>\n\n<!-- GA -->\n<script type="text/javascript">\n var _gaq = _gaq || [];\n _gaq.push([\'_setAccount\', \'UA-38277543-1\']);\n _gaq.push([\'_setDomainName\', \'.ea.com\']);\n _gaq.push([\'_trackPageview\']);\n (function () {\n var ga = document.createElement(\'script\');\n ga.type = \'text/javascript\';\n ga.async = true;\n ga.src = (\'https:\' == document.location.protocol ? \'https://ssl\' : \'http://www\') + \'.google-analytics.com/ga.js\';\n var s = document.getElementsByTagName(\'script\')[0];\n s.parentNode.insertBefore(ga, s);\n })();\n</script>\n<!-- End of GA -->\n <!-- Tealium -->\n <script type="text/javascript">\n var utag_data = {\n region: "EMEA",\n locale: "en_GB",\n country: "GB",\n language: "en",\n userid: "",\n user_status: "",\n referring_site: "https://signin.ea.com/p/web/login?execution=e1332693757s1&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DcyMOpPM8xPVCQ0aRC2VRtHN6G8eXkFnWMF2FL4sWC-4%26response_type%3Dcode%26client_id%3DEASFC-web",\n page_name: "https://signin.ea.com/p/web/login"\n }\n </script>\n <script type="text/javascript">\n (function (a, b, c, d) {\n a = \'//tags.tiqcdn.com/utag/ea/eadp-web-identity/prod/utag.js\';\n b = document;\n c = \'script\';\n d = b.createElement(c);\n d.src = a;\n d.type = \'text/java\' + c;\n d.async = true;\n a = b.getElementsByTagName(c)[0];\n a.parentNode.insertBefore(d, a);\n })();\n </script>\n <!-- End of tealium -->\n\n<script type="text/javascript">\n $(document).ready(function () {\n var skin = \'origin\';\n var bodySelector = $("body");\n switch (skin) {\n case "origin":\n bodySelector.addClass("origin-com");\n break;\n case "franchisedark":\n bodySelector.addClass("ea-franchise").addClass("ea-franchise-dark");\n break;\n case "franchiselight":\n bodySelector.addClass("ea-franchise").addClass("ea-franchise-light");\n break;\n case "ea":\n default:\n bodySelector.addClass("ea-com");\n break;\n }\n })\n</script>\n\n\n\n</head>\n<body>\n\n\n<div class="loading-container"></div>\n\n<div class="tfa-container">\n <form method="post" id="challengeForm">\n <div class="dialog-info">\n <div id="resend-error-code">\n <div></div>\n </div>\n </div>\n\n<a class="logo-origin" title=""\n href="https://www.origin.com/store/?no-takeover=true">\n</a>\n\n <div class="panel" id="panel-tfa">\n <div class="tfa-form-container">\n <div class="panel-contents">\n <div class="panel-content">\n <h1 class="twoStepHeader">Login Verification</h1>\n\n <p class="check-your-type-text"><strong>Check your email.</strong></p>\n <p class="tfa-codeSent-text"><strong>Your security code was sent to: </strong>[email protected]</p>\n\n <ul>\n <li id="origin-tfa-container" class="origin-control-tip-container">\n<div class="origin-ux-element origin-ux-textbox origin-ux-textbox-web">\n <label class="origin-ux-textbox-label">\n Enter code:\n </label>\n <span class="origin-ux-textbox-control origin-ux-control">\n <span>\n <input type="text" id="twofactorCode"\n name="twofactorCode"\n value=""\n description="" data-description="" placeholder="Enter security code here" autocorrect="off" autocapitalize="off" autocomplete="off"/>\n </span>\n </span>\n <span class="origin-ux-textbox-status-icon"></span>\n <span class="origin-ux-textbox-status-message origin-ux-status-message">\n \n </span>\n</div>\n \n </li>\n </ul>\n\n <div style="clear: both">\n <a id="resend_code_link" href="/p/web/login?execution=e1332693757s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DcyMOpPM8xPVCQ0aRC2VRtHN6G8eXkFnWMF2FL4sWC-4%26response_type%3Dcode%26client_id%3DEASFC-web&_eventId=resend" class="tfa-login-link">Resend security code</a><br>\n </div>\n\n <div class="panel-action-area">\n<a class=\'origin-ux-element origin-ux-button\n origin-ux-button-primary \' href="#" id="btnTFAVerify">\n<span><span>Submit Security Code</span></span>\n</a>\n<a class=\'origin-ux-element origin-ux-button origin-ux-button-secondary btn-cancel\' href="#" id="btnCancel">\n<span><span>Cancel</span></span>\n</a>\n <input type="hidden" name="_eventId" value="submit" id="_eventId"/>\n </div>\n </div>\n </div>\n </div>\n </div>\n<div class="footer">\n <span class="copyright-notice">\xc2\xa9 2014 Electronic Arts Inc. Trademarks belong to their respective owners. All rights reserved.</span>\n <ul class="footer-navigation">\n <li class="item-2 even"><a\n href="https://www.origin.com/store"\n target="_blank"\n class="link link-origin "><span>Shop at Origin</span></a>\n </li><li class="item-3 odd">\n <a href="https://www.origin.com/legal"\n target="_blank"\n class="link link-origin"><span>Legal Notices</span></a>\n </li><li class="item-4 even">\n <a href="https://www.origin.com/termsofservice"\n target="_blank"\n class="link link-origin"><span>Terms of Services</span></a>\n </li><li class="item-5 odd">\n <a href="https://www.origin.com/privacypolicy"\n target="_blank"\n class="link link-origin"><span>Privacy Policy</span></a>\n </li><li class="item-6 even">\n <a href="http://aboutus.ea.com/" target="_blank"\n class="link link-origin"><span>Corporate Info</span></a>\n </li><li class="item-7 odd">\n <a href="https://www.origin.com/termsofsale"\n target="_blank"\n class="link link-origin"><span>EA Terms of Sale</span></a>\n </li><li class="item-8 even last">\n <a href="https://help.ea.com/uk" target="_blank"\n class="link link-origin"><span>Contact Us</span></a>\n </li> </ul>\n</div>\n </form>\n</div>\n\n<div id="form-errors">\n <span id="form-error-invalid-code">Incorrect code entered</span>\n</div>\n\n\n<!-- ### eanshprdaccounts10.eao.abn-iad.ea.com ### -->\n\n</body>\n</html>\n' (line 165)
2014-12-12 09:49:30,479 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /fifa/api/isUserLoggedIn HTTP/1.1" 200 40 (line 344)
@oczkers not better for me
2014-12-12 10:14:30,423 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTP connection (1): www.easports.com (line 171)
2014-12-12 10:14:30,642 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /uk/fifa/football-club/ultimate-team HTTP/1.1" 301 262 (line 344)
2014-12-12 10:14:30,642 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTPS connection (1): www.easports.com (line 635)
2014-12-12 10:14:31,392 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /uk/fifa/ultimate-team/web-app HTTP/1.1" 302 406 (line 344)
2014-12-12 10:14:31,408 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTPS connection (1): accounts.ea.com (line 635)
2014-12-12 10:14:31,611 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /connect/auth?response_type=code&client_id=EASFC-web&state=Lh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc&redirect_uri=http%3A%2F%2Fwww.easports.com%2Ffifa%2Flogin_check&locale=en_GB&scope=basic.identity+basic.persona+signin+offline+security.challenge HTTP/1.1" 302 0 (line 344)
2014-12-12 10:14:31,611 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTPS connection (1): signin.ea.com (line 635)
2014-12-12 10:14:31,845 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /p/web/login?fid=FqvIw2wv25hj85BVaXuxNMTFwz2j7hL HTTP/1.1" 302 0 (line 344)
2014-12-12 10:14:31,908 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /p/web/login?execution=e144050996s1&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 200 None (line 344)
2014-12-12 10:14:32,048 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "POST /p/web/login?execution=e144050996s1&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 302 0 (line 344)
2014-12-12 10:14:32,111 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /p/web/login?execution=e144050996s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 200 None (line 344)
2014-12-12 10:14:32,111 [DEBUG] [root] __login__: b'\n<!DOCTYPE html>\n<html lang="en">\n<head>\n <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>\n\n <title>Login Verification</title>\n <meta name="title" content="Login Verification"/>\n <meta name="description" content="Input your Two Factor Authentication Code"/>\n <link rel="shortcut icon" href="/p/favicon.ico"/>\n <meta name="lc" content="en_GB"/>\n <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"/>\n <meta http-equiv="X-UA-Compatible" content="IE=Edge">\n\n<script type="text/javascript">window.EA = {};</script>\n<script type="text/javascript" src="//fonts.ea.com/fbl8bgs.js"></script>\n<script type="text/javascript">(function () {\n try {\n Typekit.load();\n } catch (ex) {\n var html = document.getElementsByTagName(\'html\')[0];\n html.className = (html.className || \'\') + \' wf-inactive\'\n }\n})();</script>\n\n\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery-1.8.3.min.v_1418060428.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery.origin-ux-elements.v_1418060428-min.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery.origin-layout.v_1418060428-min.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/js/jquery.origin-challenge-tfa.v_1418060428-min.js"></script>\n\n<script type="text/javascript">\n if (!window.challenge_cancel) {\n window.challenge_cancel = function() {\n if ($("#btnCancel").length > 0) {\n $("#btnCancel").trigger("click");\n return true;\n } else {\n return false;\n }\n }\n }\n</script>\n\n<script type="text/javascript">\n $(document).ready(function() {\n $.fn.tfa({\n });\n $("#twoFactorCode").focus();\n });\n</script>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/css/origin-ux-elements.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/css/origin-layout.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/css/origin-challenge-tfa.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/css/origin-challenge-tfa.v_1418060428-min.css"/>\n\n<!-- GA -->\n<script type="text/javascript">\n var _gaq = _gaq || [];\n _gaq.push([\'_setAccount\', \'UA-38277543-1\']);\n _gaq.push([\'_setDomainName\', \'.ea.com\']);\n _gaq.push([\'_trackPageview\']);\n (function () {\n var ga = document.createElement(\'script\');\n ga.type = \'text/javascript\';\n ga.async = true;\n ga.src = (\'https:\' == document.location.protocol ? \'https://ssl\' : \'http://www\') + \'.google-analytics.com/ga.js\';\n var s = document.getElementsByTagName(\'script\')[0];\n s.parentNode.insertBefore(ga, s);\n })();\n</script>\n<!-- End of GA -->\n <!-- Tealium -->\n <script type="text/javascript">\n var utag_data = {\n region: "EMEA",\n locale: "en_GB",\n country: "GB",\n language: "en",\n userid: "",\n user_status: "",\n referring_site: "https://signin.ea.com/p/web/login?execution=e144050996s1&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web",\n page_name: "https://signin.ea.com/p/web/login"\n }\n </script>\n <script type="text/javascript">\n (function (a, b, c, d) {\n a = \'//tags.tiqcdn.com/utag/ea/eadp-web-identity/prod/utag.js\';\n b = document;\n c = \'script\';\n d = b.createElement(c);\n d.src = a;\n d.type = \'text/java\' + c;\n d.async = true;\n a = b.getElementsByTagName(c)[0];\n a.parentNode.insertBefore(d, a);\n })();\n </script>\n <!-- End of tealium -->\n\n<script type="text/javascript">\n $(document).ready(function () {\n var skin = \'origin\';\n var bodySelector = $("body");\n switch (skin) {\n case "origin":\n bodySelector.addClass("origin-com");\n break;\n case "franchisedark":\n bodySelector.addClass("ea-franchise").addClass("ea-franchise-dark");\n break;\n case "franchiselight":\n bodySelector.addClass("ea-franchise").addClass("ea-franchise-light");\n break;\n case "ea":\n default:\n bodySelector.addClass("ea-com");\n break;\n }\n })\n</script>\n\n\n\n</head>\n<body>\n\n\n<div class="loading-container"></div>\n\n<div class="tfa-container">\n <form method="post" id="challengeForm">\n <div class="dialog-info">\n <div id="resend-error-code">\n <div></div>\n </div>\n </div>\n\n<a class="logo-origin" title=""\n href="https://www.origin.com/store/?no-takeover=true">\n</a>\n\n <div class="panel" id="panel-tfa">\n <div class="tfa-form-container">\n <div class="panel-contents">\n <div class="panel-content">\n <h1 class="twoStepHeader">Login Verification</h1>\n\n <p class="check-your-type-text"><strong>Check your email.</strong></p>\n <p class="tfa-codeSent-text"><strong>Your security code was sent to: </strong>[email protected]</p>\n\n <ul>\n <li id="origin-tfa-container" class="origin-control-tip-container">\n<div class="origin-ux-element origin-ux-textbox origin-ux-textbox-web">\n <label class="origin-ux-textbox-label">\n Enter code:\n </label>\n <span class="origin-ux-textbox-control origin-ux-control">\n <span>\n <input type="text" id="twofactorCode"\n name="twofactorCode"\n value=""\n description="" data-description="" placeholder="Enter security code here" autocorrect="off" autocapitalize="off" autocomplete="off"/>\n </span>\n </span>\n <span class="origin-ux-textbox-status-icon"></span>\n <span class="origin-ux-textbox-status-message origin-ux-status-message">\n \n </span>\n</div>\n \n </li>\n </ul>\n\n <div style="clear: both">\n <a id="resend_code_link" href="/p/web/login?execution=e144050996s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web&_eventId=resend" class="tfa-login-link">Resend security code</a><br>\n </div>\n\n <div class="panel-action-area">\n<a class=\'origin-ux-element origin-ux-button\n origin-ux-button-primary \' href="#" id="btnTFAVerify">\n<span><span>Submit Security Code</span></span>\n</a>\n<a class=\'origin-ux-element origin-ux-button origin-ux-button-secondary btn-cancel\' href="#" id="btnCancel">\n<span><span>Cancel</span></span>\n</a>\n <input type="hidden" name="_eventId" value="submit" id="_eventId"/>\n </div>\n </div>\n </div>\n </div>\n </div>\n<div class="footer">\n <span class="copyright-notice">\xc2\xa9 2014 Electronic Arts Inc. Trademarks belong to their respective owners. All rights reserved.</span>\n <ul class="footer-navigation">\n <li class="item-2 even"><a\n href="https://www.origin.com/store"\n target="_blank"\n class="link link-origin "><span>Shop at Origin</span></a>\n </li><li class="item-3 odd">\n <a href="https://www.origin.com/legal"\n target="_blank"\n class="link link-origin"><span>Legal Notices</span></a>\n </li><li class="item-4 even">\n <a href="https://www.origin.com/termsofservice"\n target="_blank"\n class="link link-origin"><span>Terms of Services</span></a>\n </li><li class="item-5 odd">\n <a href="https://www.origin.com/privacypolicy"\n target="_blank"\n class="link link-origin"><span>Privacy Policy</span></a>\n </li><li class="item-6 even">\n <a href="http://aboutus.ea.com/" target="_blank"\n class="link link-origin"><span>Corporate Info</span></a>\n </li><li class="item-7 odd">\n <a href="https://www.origin.com/termsofsale"\n target="_blank"\n class="link link-origin"><span>EA Terms of Sale</span></a>\n </li><li class="item-8 even last">\n <a href="https://help.ea.com/uk" target="_blank"\n class="link link-origin"><span>Contact Us</span></a>\n </li> </ul>\n</div>\n </form>\n</div>\n\n<div id="form-errors">\n <span id="form-error-invalid-code">Incorrect code entered</span>\n</div>\n\n\n<!-- ### eanshprdaccounts11.eao.abn-iad.ea.com ### -->\n\n</body>\n</html>\n' (line 165)
2014-12-12 10:14:32,174 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "POST /p/web/login?execution=e144050996s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 302 0 (line 344)
2014-12-12 10:14:32,236 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /p/web/login?execution=e144050996s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 200 None (line 344)
2014-12-12 10:14:32,236 [DEBUG] [root] __login__: b'\n<!DOCTYPE html>\n<html lang="en">\n<head>\n <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>\n\n <title>Login Verification</title>\n <meta name="title" content="Login Verification"/>\n <meta name="description" content="Input your Two Factor Authentication Code"/>\n <link rel="shortcut icon" href="/p/favicon.ico"/>\n <meta name="lc" content="en_GB"/>\n <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"/>\n <meta http-equiv="X-UA-Compatible" content="IE=Edge">\n\n<script type="text/javascript">window.EA = {};</script>\n<script type="text/javascript" src="//fonts.ea.com/fbl8bgs.js"></script>\n<script type="text/javascript">(function () {\n try {\n Typekit.load();\n } catch (ex) {\n var html = document.getElementsByTagName(\'html\')[0];\n html.className = (html.className || \'\') + \' wf-inactive\'\n }\n})();</script>\n\n\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery-1.8.3.min.v_1418060428.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery.origin-ux-elements.v_1418060428-min.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery.origin-layout.v_1418060428-min.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/js/jquery.origin-challenge-tfa.v_1418060428-min.js"></script>\n\n<script type="text/javascript">\n if (!window.challenge_cancel) {\n window.challenge_cancel = function() {\n if ($("#btnCancel").length > 0) {\n $("#btnCancel").trigger("click");\n return true;\n } else {\n return false;\n }\n }\n }\n</script>\n\n<script type="text/javascript">\n $(document).ready(function() {\n $.fn.tfa({\n });\n $("#twoFactorCode").focus();\n });\n</script>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/css/origin-ux-elements.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/css/origin-layout.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/css/origin-challenge-tfa.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/css/origin-challenge-tfa.v_1418060428-min.css"/>\n\n<!-- GA -->\n<script type="text/javascript">\n var _gaq = _gaq || [];\n _gaq.push([\'_setAccount\', \'UA-38277543-1\']);\n _gaq.push([\'_setDomainName\', \'.ea.com\']);\n _gaq.push([\'_trackPageview\']);\n (function () {\n var ga = document.createElement(\'script\');\n ga.type = \'text/javascript\';\n ga.async = true;\n ga.src = (\'https:\' == document.location.protocol ? \'https://ssl\' : \'http://www\') + \'.google-analytics.com/ga.js\';\n var s = document.getElementsByTagName(\'script\')[0];\n s.parentNode.insertBefore(ga, s);\n })();\n</script>\n<!-- End of GA -->\n <!-- Tealium -->\n <script type="text/javascript">\n var utag_data = {\n region: "EMEA",\n locale: "en_GB",\n country: "GB",\n language: "en",\n userid: "",\n user_status: "",\n referring_site: "https://signin.ea.com/p/web/login?execution=e144050996s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web",\n page_name: "https://signin.ea.com/p/web/login"\n }\n </script>\n <script type="text/javascript">\n (function (a, b, c, d) {\n a = \'//tags.tiqcdn.com/utag/ea/eadp-web-identity/prod/utag.js\';\n b = document;\n c = \'script\';\n d = b.createElement(c);\n d.src = a;\n d.type = \'text/java\' + c;\n d.async = true;\n a = b.getElementsByTagName(c)[0];\n a.parentNode.insertBefore(d, a);\n })();\n </script>\n <!-- End of tealium -->\n\n<script type="text/javascript">\n $(document).ready(function () {\n var skin = \'origin\';\n var bodySelector = $("body");\n switch (skin) {\n case "origin":\n bodySelector.addClass("origin-com");\n break;\n case "franchisedark":\n bodySelector.addClass("ea-franchise").addClass("ea-franchise-dark");\n break;\n case "franchiselight":\n bodySelector.addClass("ea-franchise").addClass("ea-franchise-light");\n break;\n case "ea":\n default:\n bodySelector.addClass("ea-com");\n break;\n }\n })\n</script>\n\n\n\n</head>\n<body>\n\n\n<div class="loading-container"></div>\n\n<div class="tfa-container">\n <form method="post" id="challengeForm">\n <div class="dialog-info">\n <div id="resend-error-code">\n <div></div>\n </div>\n </div>\n\n<a class="logo-origin" title=""\n href="https://www.origin.com/store/?no-takeover=true">\n</a>\n\n <div class="panel" id="panel-tfa">\n <div class="tfa-form-container">\n <div class="panel-contents">\n <div class="panel-content">\n <h1 class="twoStepHeader">Login Verification</h1>\n\n <p class="check-your-type-text"><strong>Check your email.</strong></p>\n <p class="tfa-codeSent-text"><strong>Your security code was sent to: </strong>[email protected]</p>\n\n <ul>\n <li id="origin-tfa-container" class="origin-control-tip-container">\n<div class="origin-ux-element origin-ux-textbox origin-ux-textbox-web field-error">\n <label class="origin-ux-textbox-label">\n Enter code:\n </label>\n <span class="origin-ux-textbox-control origin-ux-control">\n <span>\n <input type="text" id="twofactorCode"\n name="twofactorCode"\n value=""\n description="" data-description="" placeholder="Enter security code here" autocorrect="off" autocapitalize="off" autocomplete="off"/>\n </span>\n </span>\n <span class="origin-ux-textbox-status-icon"></span>\n <span class="origin-ux-textbox-status-message origin-ux-status-message">\n Incorrect code entered\n </span>\n</div>\n \n </li>\n </ul>\n\n <div style="clear: both">\n <a id="resend_code_link" href="/p/web/login?execution=e144050996s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web&_eventId=resend" class="tfa-login-link">Resend security code</a><br>\n </div>\n\n <div class="panel-action-area">\n<a class=\'origin-ux-element origin-ux-button\n origin-ux-button-primary \' href="#" id="btnTFAVerify">\n<span><span>Submit Security Code</span></span>\n</a>\n<a class=\'origin-ux-element origin-ux-button origin-ux-button-secondary btn-cancel\' href="#" id="btnCancel">\n<span><span>Cancel</span></span>\n</a>\n <input type="hidden" name="_eventId" value="submit" id="_eventId"/>\n </div>\n </div>\n </div>\n </div>\n </div>\n<div class="footer">\n <span class="copyright-notice">\xc2\xa9 2014 Electronic Arts Inc. Trademarks belong to their respective owners. All rights reserved.</span>\n <ul class="footer-navigation">\n <li class="item-2 even"><a\n href="https://www.origin.com/store"\n target="_blank"\n class="link link-origin "><span>Shop at Origin</span></a>\n </li><li class="item-3 odd">\n <a href="https://www.origin.com/legal"\n target="_blank"\n class="link link-origin"><span>Legal Notices</span></a>\n </li><li class="item-4 even">\n <a href="https://www.origin.com/termsofservice"\n target="_blank"\n class="link link-origin"><span>Terms of Services</span></a>\n </li><li class="item-5 odd">\n <a href="https://www.origin.com/privacypolicy"\n target="_blank"\n class="link link-origin"><span>Privacy Policy</span></a>\n </li><li class="item-6 even">\n <a href="http://aboutus.ea.com/" target="_blank"\n class="link link-origin"><span>Corporate Info</span></a>\n </li><li class="item-7 odd">\n <a href="https://www.origin.com/termsofsale"\n target="_blank"\n class="link link-origin"><span>EA Terms of Sale</span></a>\n </li><li class="item-8 even last">\n <a href="https://help.ea.com/uk" target="_blank"\n class="link link-origin"><span>Contact Us</span></a>\n </li> </ul>\n</div>\n </form>\n</div>\n\n<div id="form-errors">\n <span id="form-error-invalid-code">Incorrect code entered</span>\n</div>\n\n\n<!-- ### eanshprdaccounts11.eao.abn-iad.ea.com ### -->\n\n</body>\n</html>\n' (line 181)
2014-12-12 10:14:32,767 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /fifa/api/isUserLoggedIn HTTP/1.1" 200 40 (line 344)
@oczkers I am sending the code to (s3)
https://signin.ea.com/p/web/login?execution=e279030983s3&initref=https://accounts.ea.com:443/connect/auth?scope=basic.identity+basic.persona+signin+offline+security.challenge&redirect_uri=http%3A%2F%2Fwww.easports.com%2Ffifa%2Flogin_check&locale=en_US&state=ii6eMmZdi2IxVeGx8jKEPOLFql0mEVioU-hvDviXjvw&response_type=code&client_id=EASFC-web
but I just get a 400 error Bad request.
@LUFCMOT I might be wrong and it's s2 but hard to say whats wrong with your request if you don't attach headers etc. How about referer?
EDIT: it's dynamic url, for example e279030983 is changing on every login
$url = "https://signin.ea.com/p/web/login?execution=e279030983s3&initref=https://accounts.ea.com:443/connect/auth?scope=basic.identity+basic.persona+signin+offline+security.challenge&redirect_uri=http%3A%2F%2Fwww.easports.com%2Ffifa%2Flogin_check&locale=en_US&state=ii6eMmZdi2IxVeGx8jKEPOLFql0mEVioU-hvDviXjvw&response_type=code&client_id=EASFC-web";
private function Verify($url) {
$request = $this->_client->post($url, array(), array(
"twoFactorCode" => "84725048",
"_trustThisDevice" => "on",
"trustThisDevice" => "on",
"_eventId" => "submit"
));
$response = $request->send();
}
I was getting this problem, but now I believe I found out what was happening.
Only in the first time I needed to log in the webapp. I believe is was necessary to activate something in the account.
Next time I asked for another code and the script worked like a charm. I'm using cookies and restarted the script, its still working with a random code.
If someone is getting this invalid code error, try it. I used an anonymous google chrome tab to login in the first time and to ask for a new code in the second time, but in the second time we don't log in the browser again.
