Last active
March 5, 2024 21:29
-
-
Save cmj/c45c46d9dd11fa2d4ba4de55c50598e6 to your computer and use it in GitHub Desktop.
Grab Twitter oauth token
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# returns oauth token for twitter account. can be used with low-traffic, private nitter instance | |
# key elements from https://unam.re/blog/developing-your-own-twitter-api | |
import requests | |
import json | |
import re | |
username="" | |
password="" | |
#email="" | |
#proxies = {'http': 'http://127.0.0.1:8888', 'https': 'http://127.0.0.1:8888'} | |
proxies = None | |
#verify = "/tmp/mitm.crt" | |
verify = True | |
authorization_bearer = 'Bearer AAAAAAAAAAAAAAAAAAAAAFXzAwAAAAAAMHCxpeSDG1gLNLghVe8d74hl6k4%3DRUMF4xAQLsbeBhTSRrCiQpJtxoGWeyHrDb5te2jpGskWDFW82F' | |
guest_token = requests.post("https://api.twitter.com/1.1/guest/activate.json", headers={'Authorization': authorization_bearer}).json()['guest_token'] | |
url_flow_1 = "https://twitter.com/i/api/1.1/onboarding/task.json?flow_name=login" | |
url_flow_2 = "https://twitter.com/i/api/1.1/onboarding/task.json" | |
# flow 1 | |
data = {'': ''} | |
headers = { 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0', 'Referer': 'https://twitter.com/sw.js', 'X-Guest-Token': guest_token, 'Content-Type': 'application/json', 'Authorization': authorization_bearer } | |
r = requests.post(url_flow_1, proxies=proxies, verify=verify, headers=headers, data=json.dumps(data)) | |
att = r.headers.get('att') | |
flow_token = json.loads(r.text)['flow_token'] | |
# flow 2 | |
data = {"flow_token": flow_token ,"subtask_inputs":[{"subtask_id":"LoginEnterUserIdentifierSSO","settings_list":{"setting_responses":[{"key":"user_identifier","response_data":{"text_data":{"result":username}}}],"link":"next_link"}}]} | |
# include att | |
headers = { 'att': att, 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0', 'Referer': 'https://twitter.com/sw.js', 'X-Guest-Token': guest_token, 'Content-Type': 'application/json', 'Authorization': authorization_bearer } | |
r = requests.post(url_flow_2, proxies=proxies, verify=verify, headers=headers, data=json.dumps(data)) | |
flow_token = json.loads(r.text)['flow_token'] | |
# email check. haven't seen this needed yet | |
if (json.loads(r.text)['subtasks'][0]['subtask_id'] == "LoginEnterAlternateIdentifierSubtask"): | |
data = {"flow_token": flow_token, "subtask_inputs":[{"subtask_id":"LoginEnterAlternateIdentifierSubtask","enter_text":{"text": email,"link":"next_link"}}]} | |
headers = { 'att': att, 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0', 'Referer': 'https://twitter.com/sw.js', 'X-Guest-Token': guest_token, 'Content-Type': 'application/json', 'Authorization': authorization_bearer } | |
r = requests.post(url_flow_2, proxies=proxies, verify=verify, headers=headers, data=json.dumps(data)) | |
flow_token = json.loads(r.text)['flow_token'] | |
# flow 3 | |
data = {"flow_token": flow_token ,"subtask_inputs":[{"subtask_id":"LoginEnterPassword","enter_password":{"password":password,"link":"next_link"}}]} | |
r = requests.post(url_flow_2, proxies=proxies, verify=verify, headers=headers, data=json.dumps(data)) | |
flow_token = json.loads(r.text)['flow_token'] | |
#user_id = json.loads(r.text)['subtasks'][0]['check_logged_in_account']['user_id'] | |
# flow 4 (final) | |
data = {"flow_token":flow_token,"subtask_inputs":[{"subtask_id":"AccountDuplicationCheck","check_logged_in_account":{"link":"AccountDuplicationCheck_false"}}]} | |
r = requests.post(url_flow_2, proxies=proxies, verify=verify, headers=headers, data=json.dumps(data)) | |
token = json.loads(r.text)['subtasks'][0]['open_account']['oauth_token'] | |
secret = json.loads(r.text)['subtasks'][0]['open_account']['oauth_token_secret'] | |
account = {"oauth_token": token, "oauth_token_secret": secret} | |
print(json.dumps(account)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment