mirror of
https://github.com/sstent/go-garth.git
synced 2026-04-29 02:42:45 +00:00
porting - part 4 done
This commit is contained in:
@@ -19,6 +19,13 @@ var (
|
||||
ticketRegex = regexp.MustCompile(`embed\?ticket=([^"]+)"`)
|
||||
)
|
||||
|
||||
// MFAContext preserves state for resuming MFA login
|
||||
type MFAContext struct {
|
||||
SigninURL string
|
||||
CSRFToken string
|
||||
Ticket string
|
||||
}
|
||||
|
||||
// Client represents an SSO client
|
||||
type Client struct {
|
||||
Domain string
|
||||
@@ -34,7 +41,7 @@ func NewClient(domain string) *Client {
|
||||
}
|
||||
|
||||
// Login performs the SSO authentication flow
|
||||
func (c *Client) Login(email, password string) (*types.OAuth2Token, error) {
|
||||
func (c *Client) Login(email, password string) (*types.OAuth2Token, *MFAContext, error) {
|
||||
fmt.Printf("Logging in to Garmin Connect (%s) using SSO flow...\n", c.Domain)
|
||||
|
||||
// Step 1: Set up SSO parameters
|
||||
@@ -62,13 +69,13 @@ func (c *Client) Login(email, password string) (*types.OAuth2Token, error) {
|
||||
embedURL := fmt.Sprintf("https://sso.%s/sso/embed?%s", c.Domain, ssoEmbedParams.Encode())
|
||||
req, err := http.NewRequest("GET", embedURL, nil)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create embed request: %w", err)
|
||||
return nil, nil, fmt.Errorf("failed to create embed request: %w", err)
|
||||
}
|
||||
req.Header.Set("User-Agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36")
|
||||
|
||||
resp, err := c.HTTPClient.Do(req)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to initialize SSO: %w", err)
|
||||
return nil, nil, fmt.Errorf("failed to initialize SSO: %w", err)
|
||||
}
|
||||
resp.Body.Close()
|
||||
|
||||
@@ -77,26 +84,26 @@ func (c *Client) Login(email, password string) (*types.OAuth2Token, error) {
|
||||
signinURL := fmt.Sprintf("https://sso.%s/sso/signin?%s", c.Domain, signinParams.Encode())
|
||||
req, err = http.NewRequest("GET", signinURL, nil)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create signin request: %w", err)
|
||||
return nil, nil, fmt.Errorf("failed to create signin request: %w", err)
|
||||
}
|
||||
req.Header.Set("User-Agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36")
|
||||
req.Header.Set("Referer", embedURL)
|
||||
|
||||
resp, err = c.HTTPClient.Do(req)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to get signin page: %w", err)
|
||||
return nil, nil, fmt.Errorf("failed to get signin page: %w", err)
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
body, err := io.ReadAll(resp.Body)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to read signin response: %w", err)
|
||||
return nil, nil, fmt.Errorf("failed to read signin response: %w", err)
|
||||
}
|
||||
|
||||
// Extract CSRF token
|
||||
csrfToken := extractCSRFToken(string(body))
|
||||
if csrfToken == "" {
|
||||
return nil, fmt.Errorf("failed to find CSRF token")
|
||||
return nil, nil, fmt.Errorf("failed to find CSRF token")
|
||||
}
|
||||
fmt.Printf("Found CSRF token: %s\n", csrfToken[:10]+"...")
|
||||
|
||||
@@ -111,7 +118,7 @@ func (c *Client) Login(email, password string) (*types.OAuth2Token, error) {
|
||||
|
||||
req, err = http.NewRequest("POST", signinURL, strings.NewReader(formData.Encode()))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create login request: %w", err)
|
||||
return nil, nil, fmt.Errorf("failed to create login request: %w", err)
|
||||
}
|
||||
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
||||
req.Header.Set("User-Agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36")
|
||||
@@ -119,50 +126,110 @@ func (c *Client) Login(email, password string) (*types.OAuth2Token, error) {
|
||||
|
||||
resp, err = c.HTTPClient.Do(req)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to submit login: %w", err)
|
||||
return nil, nil, fmt.Errorf("failed to submit login: %w", err)
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
body, err = io.ReadAll(resp.Body)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to read login response: %w", err)
|
||||
return nil, nil, fmt.Errorf("failed to read login response: %w", err)
|
||||
}
|
||||
|
||||
// Check login result
|
||||
title := extractTitle(string(body))
|
||||
fmt.Printf("Login response title: %s\n", title)
|
||||
|
||||
// Handle MFA requirement
|
||||
if strings.Contains(title, "MFA") {
|
||||
return nil, fmt.Errorf("MFA required - not implemented yet")
|
||||
fmt.Println("MFA required - returning context for ResumeLogin")
|
||||
ticket := extractTicket(string(body))
|
||||
return nil, &MFAContext{
|
||||
SigninURL: signinURL,
|
||||
CSRFToken: csrfToken,
|
||||
Ticket: ticket,
|
||||
}, nil
|
||||
}
|
||||
|
||||
if title != "Success" {
|
||||
return nil, fmt.Errorf("login failed, unexpected title: %s", title)
|
||||
return nil, nil, fmt.Errorf("login failed, unexpected title: %s", title)
|
||||
}
|
||||
|
||||
// Step 5: Extract ticket for OAuth flow
|
||||
fmt.Println("Extracting OAuth ticket...")
|
||||
ticket := extractTicket(string(body))
|
||||
if ticket == "" {
|
||||
return nil, fmt.Errorf("failed to find OAuth ticket")
|
||||
return nil, nil, fmt.Errorf("failed to find OAuth ticket")
|
||||
}
|
||||
fmt.Printf("Found ticket: %s\n", ticket[:10]+"...")
|
||||
|
||||
// Step 6: Get OAuth1 token
|
||||
oauth1Token, err := oauth.GetOAuth1Token(c.Domain, ticket)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to get OAuth1 token: %w", err)
|
||||
return nil, nil, fmt.Errorf("failed to get OAuth1 token: %w", err)
|
||||
}
|
||||
fmt.Println("Got OAuth1 token")
|
||||
|
||||
// Step 7: Exchange for OAuth2 token
|
||||
oauth2Token, err := oauth.ExchangeToken(oauth1Token)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to exchange for OAuth2 token: %w", err)
|
||||
return nil, nil, fmt.Errorf("failed to exchange for OAuth2 token: %w", err)
|
||||
}
|
||||
fmt.Printf("Got OAuth2 token: %s\n", oauth2Token.TokenType)
|
||||
|
||||
return oauth2Token, nil
|
||||
return oauth2Token, nil, nil
|
||||
}
|
||||
|
||||
// ResumeLogin completes authentication after MFA challenge
|
||||
func (c *Client) ResumeLogin(mfaCode string, ctx *MFAContext) (*types.OAuth2Token, error) {
|
||||
fmt.Println("Resuming login with MFA code...")
|
||||
|
||||
// Submit MFA form
|
||||
formData := url.Values{
|
||||
"mfa-code": {mfaCode},
|
||||
"embed": {"true"},
|
||||
"_csrf": {ctx.CSRFToken},
|
||||
}
|
||||
|
||||
req, err := http.NewRequest("POST", ctx.SigninURL, strings.NewReader(formData.Encode()))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create MFA request: %w", err)
|
||||
}
|
||||
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
||||
req.Header.Set("User-Agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36")
|
||||
req.Header.Set("Referer", ctx.SigninURL)
|
||||
|
||||
resp, err := c.HTTPClient.Do(req)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to submit MFA: %w", err)
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
body, err := io.ReadAll(resp.Body)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to read MFA response: %w", err)
|
||||
}
|
||||
|
||||
// Verify MFA success
|
||||
title := extractTitle(string(body))
|
||||
if title != "Success" {
|
||||
return nil, fmt.Errorf("MFA failed, unexpected title: %s", title)
|
||||
}
|
||||
|
||||
// Continue with ticket flow
|
||||
fmt.Println("Extracting OAuth ticket after MFA...")
|
||||
ticket := extractTicket(string(body))
|
||||
if ticket == "" {
|
||||
return nil, fmt.Errorf("failed to find OAuth ticket after MFA")
|
||||
}
|
||||
|
||||
// Get OAuth1 token
|
||||
oauth1Token, err := oauth.GetOAuth1Token(c.Domain, ticket)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to get OAuth1 token: %w", err)
|
||||
}
|
||||
|
||||
// Exchange for OAuth2 token
|
||||
return oauth.ExchangeToken(oauth1Token)
|
||||
}
|
||||
|
||||
// extractCSRFToken extracts CSRF token from HTML
|
||||
|
||||
Reference in New Issue
Block a user