Skip to content

Instantly share code, notes, and snippets.

@LarchLiu

LarchLiu/twitter-token.mjs

Created February 27, 2024 12:58
Show Gist options
  • Save LarchLiu/c148537d4bd5b242a3baae0bf337456c to your computer and use it in GitHub Desktop.
Save LarchLiu/c148537d4bd5b242a3baae0bf337456c to your computer and use it in GitHub Desktop.
Download ZIP
Raw
twitter-token.mjs
// https://github.com/BANKA2017/twitter-monitor/blob/node/apps/open_account/scripts/login.mjs
import crypto from 'node:crypto'
import { v5 as uuidv5 } from 'uuid'
import { $fetch } from 'ofetch'
const bearerToken = 'Bearer AAAAAAAAAAAAAAAAAAAAAFXzAwAAAAAAMHCxpeSDG1gLNLghVe8d74hl6k4%3DRUMF4xAQLsbeBhTSRrCiQpJtxoGWeyHrDb5te2jpGskWDFW82F'
const baseUrl = 'https://api.twitter.com'
const guestActivateUrl = `${baseUrl}/1.1/guest/activate.json`
const NAMESPACE = 'd41d092b-b007-48f7-9129-e9538d2d8fe9'
const username = ''
const password = ''
let authentication = null
const headers = {
'User-Agent': 'TwitterAndroid/10.21.0-release.0 (310210000-r-0) ONEPLUS+A3010/9 (OnePlus;ONEPLUS+A3010;OnePlus;OnePlus3;0;;1;2016)',
'X-Twitter-API-Version': 5,
'X-Twitter-Client': 'TwitterAndroid',
'X-Twitter-Client-Version': '10.21.0-release.0',
'OS-Version': '28',
'System-User-Agent': 'Dalvik/2.1.0 (Linux; U; Android 9; ONEPLUS A3010 Build/PKQ1.181203.001)',
'X-Twitter-Active-User': 'yes',
'Content-Type': 'application/json',
'Authorization': bearerToken,
}
async function login() {
const android_id = uuidv5(username, NAMESPACE)
headers['X-Twitter-Client-DeviceID'] = android_id
const ct0 = crypto.randomUUID().replaceAll('-', '')
const guestToken = await $fetch(guestActivateUrl, {
headers: {
'authorization': bearerToken,
'x-csrf-token': ct0,
'cookie': `ct0=${ct0}`,
},
method: 'POST',
})
headers['x-guest-token'] = guestToken.guest_token
const task1 = await $fetch.raw(
`https://api.twitter.com/1.1/onboarding/task.json?${
new URLSearchParams({
flow_name: 'login',
api_version: '1',
known_device_token: `${ct0}${ct0}`.slice(0, 40),
sim_country_code: 'us',
}).toString()}`,
{
headers,
body: {
flow_token: null,
input_flow_data: {
country_code: null,
flow_context: {
referrer_context: {
referral_details: 'utm_source=google-play&utm_medium=organic',
referrer_url: '',
},
start_location: {
location: 'deeplink',
},
},
requested_variant: null,
target_user_id: 0,
},
},
method: 'POST',
},
)
headers.att = task1.headers.get('att')
let flow_token = task1._data.flow_token
const task2 = await $fetch('https://api.twitter.com/1.1/onboarding/task.json', {
headers,
body: {
flow_token,
subtask_inputs: [
{
enter_text: {
suggestion_id: null,
text: username,
link: 'next_link',
},
subtask_id: 'LoginEnterUserIdentifier',
},
],
},
method: 'POST',
})
flow_token = task2.flow_token
const task3 = await $fetch('https://api.twitter.com/1.1/onboarding/task.json', {
headers,
body: {
flow_token,
subtask_inputs: [
{
enter_password: {
password,
link: 'next_link',
},
subtask_id: 'LoginEnterPassword',
},
],
},
method: 'POST',
})
flow_token = task3.flow_token
const task4 = await $fetch('https://api.twitter.com/1.1/onboarding/task.json', {
headers,
body: {
flow_token,
subtask_inputs: [
{
check_logged_in_account: {
link: 'AccountDuplicationCheck_false',
},
subtask_id: 'AccountDuplicationCheck',
},
],
},
method: 'POST',
})
for (const subtask of task4.subtasks || []) {
if (subtask.open_account) {
authentication = subtask.open_account
break
}
}
console.log(authentication)
return authentication
}
await login()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment