Last active
June 13, 2016 01:49
-
-
Save toastal/99277cc63b2afe2080b21b9fd81998ad to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-- TODO: nil check the hell out of this | |
local https = require "ssl.https" | |
local ltn12 = require "ltn12" | |
local lub = require "lub" | |
local xml = require "xml" | |
local cookie = require "cookie" | |
function url_encode(str) | |
if (str) then | |
str = string.gsub (str, "\n", "\r\n") | |
str = string.gsub (str, "([^%w %-%_%.%~])", | |
function (c) return string.format ("%%%02X", string.byte(c)) end) | |
str = string.gsub (str, " ", "+") | |
end | |
return str | |
end | |
function url_decode(str) | |
if (str) then | |
str = string.gsub (str, "+", " ") | |
str = string.gsub (str, "%%(%x%x)", | |
function(h) return string.char(tonumber(h,16)) end) | |
str = string.gsub (str, "\r\n", "\n") | |
end | |
return str | |
end | |
local init_url = "https://m.facebook.com/login.php?skip_api_login=1&api_key=464891386855067&signed_next=1&next=https%3A%2F%2Fwww.facebook.com%2Fv2.0%2Fdialog%2Foauth%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.facebook.com%252Fconnect%252Flogin_success.html%26scope%3Duser_birthday%252Cuser_relationship_details%252Cuser_likes%252Cuser_activities%252Cuser_education_history%252Cuser_photos%252Cuser_friends%252Cuser_about_me%252Cemail%252Cpublic_profile%26response_type%3Dtoken%26client_id%3D464891386855067%26ret%3Dlogin%26logger_id%3D91bff3d1-b5aa-4146-a637-57c77f3284db&cancel_url=https%3A%2F%2Fwww.facebook.com%2Fconnect%2Flogin_success.html%3Ferror%3Daccess_denied%26error_code%3D200%26error_description%3DPermissions%2Berror%26error_reason%3Duser_denied%23_%3D_&display=page&locale=en_US&logger_id=91bff3d1-b5aa-4146-a637-57c77f3284db" | |
-- GET markup from login | |
local form_table = {} | |
local _, _, form_headers, _ = https.request | |
{ method = "GET" | |
, url = init_url | |
, protocol = "tlsv1_2" | |
, headers = | |
{ ["User-Agent"] = "Mozilla/5.0 (X11; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0" | |
} | |
, sink = ltn12.sink.table(form_table) | |
} | |
local form_body = table.concat(form_table) | |
-- load the content into an XML parser | |
local login_page_xml = xml.load(form_body) | |
-- find the login <form> | |
local form = lub.search(login_page_xml, function(node) | |
if node.xml == "form" and node.id == "login_form" and node.action ~= nil then | |
return node | |
end | |
end, 1000) | |
-- get the action so we can POST to it | |
local action = form.action | |
-- get hidden form data | |
local form_data = {} | |
lub.search(form, function(node) | |
if node.xml == "input" and node.type == "hidden" and node.name ~= nil and node.value ~= nil then | |
form_data[#form_data+1] = node.name .. "=" .. node.value | |
end | |
end, 10) | |
-- Add extra form datas | |
form_data[#form_data+1] = "login=Log+In" | |
form_data[#form_data+1] = "email=" .. url_encode("USERNAME") | |
form_data[#form_data+1] = "pass=" .. url_encode("PASSWORD") | |
-- Concat into POST data | |
form_data_cat = table.concat(form_data, "&") | |
-- Do the login POST | |
local _, _, login_headers, login_status_code = https.request | |
{ method = "POST" | |
, url = action | |
, protocol = "tlsv1_2" | |
, headers = | |
{ ["Accept"] = "*/*" | |
, ["Content-Type"] = "application/x-www-form-urlencoded" | |
, ["Content-Length"] = #form_data_cat | |
, ["Set-Cookie"] = form_headers["set-cookie"] | |
, ["Referer"] = init_url | |
, ["User-Agent"] = "Mozilla/5.0 (X11; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0" | |
} | |
, source = ltn12.source.string(form_data_cat) | |
, redirect = false | |
} | |
-- Parse "Set-Cookie" | |
local login_parsed_cookie, err = cookie.parse(login_headers["set-cookie"]) | |
-- remove some entries | |
for _, key in pairs({"domain", "expires", "Max-Age", "path", "reg_fb_gate"}) do | |
login_parsed_cookie[key] = nil | |
end | |
-- mutative string concat a cookie with an initial value | |
local oauth_cookie = "x-referer=" .. url_encode("https://touch.facebook.com/?soft=notifications#/?soft=messages") | |
for k, v in pairs(login_parsed_cookie) do | |
oauth_cookie = oauth_cookie .. "; " .. k .. "=" .. v | |
end | |
-- | |
local _, _, oauth_headers, oath_status_code = https.request | |
{ method = "GET" | |
, url = login_headers.location | |
, protocol = "tlsv1_2" | |
, headers = | |
{ ["Cookie"] = oauth_cookie | |
, ["Referer"] = "https://m.facebook.com/" | |
, ["User-Agent"] = "Mozilla/5.0 (X11; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0" | |
} | |
, redirect = false | |
} | |
-- Decode the Oauth Location header | |
local oauth_loc = url_decode(oauth_headers.location) | |
-- Find the access token from the Location | |
local access_token_match = string.match(oauth_loc, "access_token=[^&]+") | |
local tinder_facebook_access_token = string.gsub(access_token_match, "access_token=", "") | |
-- Print token | |
print(tinder_facebook_access_token) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment