From 6be6f892a4eb159f5a27ce48f0ce615298071eac Mon Sep 17 00:00:00 2001 From: Matthew Esposito Date: Wed, 20 Nov 2024 19:19:29 -0500 Subject: [PATCH] feat(oauth): better oauth client matching --- Cargo.lock | 15 +++++++++++++++ Cargo.toml | 1 + src/client.rs | 36 +++++++++++++----------------------- src/oauth.rs | 20 +++++++++++++++----- src/oauth_resources.rs | 8 ++------ 5 files changed, 46 insertions(+), 34 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 4143b80..057234f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1327,6 +1327,8 @@ version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" dependencies = [ + "libc", + "rand_chacha", "rand_core", ] @@ -1345,6 +1347,9 @@ name = "rand_core" version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom", +] [[package]] name = "redlib" @@ -1380,6 +1385,7 @@ dependencies = [ "serde_json", "serde_json_path", "serde_yaml", + "tegen", "time", "tokio", "toml", @@ -1895,6 +1901,15 @@ dependencies = [ "syn", ] +[[package]] +name = "tegen" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "10a2d5a357b7c859b410139734a875136473c3b18b1bbd8d5bdc1769d9002acd" +dependencies = [ + "rand", +] + [[package]] name = "tempfile" version = "3.14.0" diff --git a/Cargo.toml b/Cargo.toml index 7bb7e93..616d8e9 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -49,6 +49,7 @@ serde_json_path = "0.7.1" async-recursion = "1.1.1" common-words-all = { version = "0.0.2", default-features = false, features = ["english", "one"] } hyper-rustls = { version = "0.24.2", features = [ "http2" ] } +tegen = "0.1.4" [dev-dependencies] diff --git a/src/client.rs b/src/client.rs index 248fc88..1e1661d 100644 --- a/src/client.rs +++ b/src/client.rs @@ -218,40 +218,30 @@ fn request(method: &'static Method, path: String, redirect: bool, quarantine: bo // Construct the hyper client from the HTTPS connector. let client: &Lazy> = &CLIENT; - let (token, vendor_id, device_id, user_agent, loid) = { - let client = OAUTH_CLIENT.load_full(); - ( - client.token.clone(), - client.headers_map.get("Client-Vendor-Id").cloned().unwrap_or_default(), - client.headers_map.get("X-Reddit-Device-Id").cloned().unwrap_or_default(), - client.headers_map.get("User-Agent").cloned().unwrap_or_default(), - client.headers_map.get("x-reddit-loid").cloned().unwrap_or_default(), - ) - }; - // Build request to Reddit. When making a GET, request gzip compression. // (Reddit doesn't do brotli yet.) - let mut headers = vec![ - ("User-Agent", user_agent), - ("Client-Vendor-Id", vendor_id), - ("X-Reddit-Device-Id", device_id), - ("x-reddit-loid", loid), - ("Host", host.to_string()), - ("Authorization", format!("Bearer {token}")), - ("Accept-Encoding", if method == Method::GET { "gzip".into() } else { "identity".into() }), + let mut headers: Vec<(String, String)> = vec![ + ("Host".into(), host.into()), + ("Accept-Encoding".into(), if method == Method::GET { "gzip".into() } else { "identity".into() }), ( - "Cookie", + "Cookie".into(), if quarantine { "_options=%7B%22pref_quarantine_optin%22%3A%20true%2C%20%22pref_gated_sr_optin%22%3A%20true%7D".into() } else { "".into() }, ), - ("X-Reddit-Width", fastrand::u32(300..500).to_string()), - ("X-Reddit-DPR", "2".to_owned()), - ("Device-Name", format!("Android {}", fastrand::u8(9..=14))), ]; + { + let client = OAUTH_CLIENT.load_full(); + for (key, value) in client.initial_headers.clone() { + headers.push((key, value)); + } + } + + trace!("Headers: {:#?}", headers); + // shuffle headers: https://github.com/redlib-org/redlib/issues/324 fastrand::shuffle(&mut headers); diff --git a/src/oauth.rs b/src/oauth.rs index 80bf318..576b647 100644 --- a/src/oauth.rs +++ b/src/oauth.rs @@ -7,8 +7,8 @@ use crate::{ use base64::{engine::general_purpose, Engine as _}; use hyper::{client, Body, Method, Request}; use log::{error, info, trace}; - use serde_json::json; +use tegen::tegen::TextGenerator; use tokio::time::{error::Elapsed, timeout}; static REDDIT_ANDROID_OAUTH_CLIENT_ID: &str = "ohXpoqrZYub1kg"; @@ -84,7 +84,7 @@ impl Oauth { // Set JSON body. I couldn't tell you what this means. But that's what the client sends let json = json!({ - "scopes": ["*","email"] + "scopes": ["*","email", "pii"] }); let body = Body::from(json.to_string()); @@ -185,11 +185,21 @@ impl Device { let android_user_agent = format!("Reddit/{android_app_version}/Android {android_version}"); + let qos = fastrand::u32(1000..=100_000); + let qos: f32 = qos as f32 / 1000.0; + let qos = format!("{:.3}", qos); + + let codecs = TextGenerator::new().generate("available-codecs=video/avc, video/hevc{, video/x-vnd.on2.vp9|}"); + // Android device headers - let headers = HashMap::from([ - ("Client-Vendor-Id".into(), uuid.clone()), - ("X-Reddit-Device-Id".into(), uuid.clone()), + let headers: HashMap = HashMap::from([ ("User-Agent".into(), android_user_agent), + ("x-reddit-retry".into(), "algo=no-retries".into()), + ("x-reddit-compression".into(), "1".into()), + ("x-reddit-qos".into(), qos), + ("x-reddit-media-codecs".into(), codecs), + ("Content-Type".into(), "application/json; charset=UTF-8".into()), + ("client-vendor-id".into(), uuid.clone()), ]); info!("[🔄] Spoofing Android client with headers: {headers:?}, uuid: \"{uuid}\", and OAuth ID \"{REDDIT_ANDROID_OAUTH_CLIENT_ID}\""); diff --git a/src/oauth_resources.rs b/src/oauth_resources.rs index a5dc2f3..faf7873 100644 --- a/src/oauth_resources.rs +++ b/src/oauth_resources.rs @@ -2,9 +2,7 @@ // Rerun scripts/update_oauth_resources.sh to update this file // Please do not edit manually // Filled in with real app versions -pub static _IOS_APP_VERSION_LIST: &[&str; 1] = &[ - "", -]; +pub static _IOS_APP_VERSION_LIST: &[&str; 1] = &[""]; pub static ANDROID_APP_VERSION_LIST: &[&str; 150] = &[ "Version 2024.22.1/Build 1652272", "Version 2024.23.1/Build 1665606", @@ -157,6 +155,4 @@ pub static ANDROID_APP_VERSION_LIST: &[&str; 150] = &[ "Version 2022.41.0/Build 630468", "Version 2022.41.1/Build 634168", ]; -pub static _IOS_OS_VERSION_LIST: &[&str; 1] = &[ - "", -]; +pub static _IOS_OS_VERSION_LIST: &[&str; 1] = &[""];