python-carnet-client icon indicating copy to clipboard operation
python-carnet-client copied to clipboard
verified publisher icon reneboer

Continue when not logged out

Open JimKnopf1503 opened this issue 6 years ago • 0 comments

Hi! While writing my C++ code, I connected to VW without logging out, because the code was not ready. If I had proceed to the end of step7, login has completed and stay this way, even over night. When starting my code again it failed in step 1, there is no csrf . We are redirected direcly to the end of step 6 and can continue there. May be this can improve the script, for the ones hwo thought they were blocked.

Burkhard Edit: textformating here is hell, cant place the spaces to look right. Hope you see what I mean.

Here is what I mean:(sorry, my python knowledge is verry far below basics) if debug: print ("Step 1 ===========") # Get initial CSRF from landing page to get login process started. # Python Session handles JSESSIONID cookie landing_page_url = base_url + '/portal/en_GB/web/guest/home' landing_page_response = session.get(landing_page_url, verify=False, stream=True)

    if landing_page_response.status_code != 200:
        return '', 'Failed getting to portal landing page.'
    csrf = extract_csrf(landing_page_response.text)
    if csrf == '':
        return '', 'Failed to get CSRF from landing page.'
        if landing_page_response.url != landing_page_url # we are redirected
            login_post_response=landing_page_response # set the variable used in step 6
            goto ContinueSession  # enter step 6
if debug: print("_csrf from landing page : ", csrf)
if debug: print ("Step 2 ===========")
if debug: print ("Step 6 ===========")
# Post login data to "login action 2" url
# https://identity.vwgroup.io/signin-service/v1/<client_id>/login/authenticate 
auth_request_headers['Referer'] = login_action_url
auth_request_headers['Content-Type'] = 'application/x-www-form-urlencoded'
login_data = {
    'email': email,
    'password': password,
    'relayState': login_relay_state_token,
    'hmac': hmac_token2,
    '_csrf': login_csrf,
    'login': 'true'
}
login_action2_url = auth_base_url + '/signin-service/v1/' + client_id + '/login/authenticate'
login_post_response = session.post(login_action2_url, data=login_data, headers=auth_request_headers, allow_redirects=True, verify=certverify)
if login_post_response.status_code != 200:
    return '', 'Failed to process login sequence.'
#ref2_url = login_post_response.headers.get('location') # there is no location attribute, but does not seem to matter much.

ContinueSession: # here we enter comming from step 1 if still logged in ref2_url = login_post_response.url portlet_code = extract_url_parameter(ref2_url, 'code') state = extract_url_parameter(ref2_url, 'state') if debug: print ("state found: ", state) if portlet_code == '': return '', 'Failed to get portlet code.' if state == '': return '', 'Failed to get state.'

# Step 7
if debug: print ("Step 7 ===========")

JimKnopf1503 avatar Jan 31 '20 09:01 JimKnopf1503