toastal/get_tinder_facebook_access_token.lua

## get_tinder_facebook_access_token.lua
-- TODO: nil check the hell out of this

local https = require "ssl.https"
local ltn12 = require "ltn12"
local lub = require "lub"
local xml = require "xml"
local cookie = require "cookie"


function url_encode(str)
  if (str) then
    str = string.gsub (str, "\n", "\r\n")
    str = string.gsub (str, "([^%w %-%_%.%~])",
      function (c) return string.format ("%%%02X", string.byte(c)) end)
    str = string.gsub (str, " ", "+")
  end
  return str
end

function url_decode(str)
  if (str) then
    str = string.gsub (str, "+", " ")
    str = string.gsub (str, "%%(%x%x)",
      function(h) return string.char(tonumber(h,16)) end)
    str = string.gsub (str, "\r\n", "\n")
  end
  return str
end

local init_url = "https://m.facebook.com/login.php?skip_api_login=1&api_key=464891386855067&signed_next=1&next=https%3A%2F%2Fwww.facebook.com%2Fv2.0%2Fdialog%2Foauth%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.facebook.com%252Fconnect%252Flogin_success.html%26scope%3Duser_birthday%252Cuser_relationship_details%252Cuser_likes%252Cuser_activities%252Cuser_education_history%252Cuser_photos%252Cuser_friends%252Cuser_about_me%252Cemail%252Cpublic_profile%26response_type%3Dtoken%26client_id%3D464891386855067%26ret%3Dlogin%26logger_id%3D91bff3d1-b5aa-4146-a637-57c77f3284db&cancel_url=https%3A%2F%2Fwww.facebook.com%2Fconnect%2Flogin_success.html%3Ferror%3Daccess_denied%26error_code%3D200%26error_description%3DPermissions%2Berror%26error_reason%3Duser_denied%23_%3D_&display=page&locale=en_US&logger_id=91bff3d1-b5aa-4146-a637-57c77f3284db"

-- GET markup from login
local form_table = {}
local _, _, form_headers, _ = https.request
  { method = "GET"
  , url = init_url
  , protocol = "tlsv1_2"
  , headers =
    { ["User-Agent"] = "Mozilla/5.0 (X11; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0"
    }
  , sink = ltn12.sink.table(form_table)
}

local form_body = table.concat(form_table)

-- load the content into an XML parser
local login_page_xml = xml.load(form_body)

-- find the login <form>
local form = lub.search(login_page_xml, function(node)
  if node.xml == "form" and node.id == "login_form" and node.action ~= nil then
    return node
  end
end, 1000)

-- get the action so we can POST to it
local action = form.action

-- get hidden form data
local form_data = {}
lub.search(form, function(node)
  if node.xml == "input" and node.type == "hidden" and node.name ~= nil  and node.value ~= nil then
    form_data[#form_data+1] = node.name .. "=" .. node.value
  end
end, 10)

-- Add extra form datas
form_data[#form_data+1] = "login=Log+In"
form_data[#form_data+1] = "email=" .. url_encode("USERNAME")
form_data[#form_data+1] = "pass=" .. url_encode("PASSWORD")

-- Concat into POST data
form_data_cat = table.concat(form_data, "&")

-- Do the login POST
local _, _, login_headers, login_status_code = https.request
  { method = "POST"
  , url = action
  , protocol = "tlsv1_2"
  , headers =
    { ["Accept"] = "*/*"
    , ["Content-Type"] = "application/x-www-form-urlencoded"
    , ["Content-Length"] = #form_data_cat
    , ["Set-Cookie"] = form_headers["set-cookie"]
    , ["Referer"] = init_url
    , ["User-Agent"] = "Mozilla/5.0 (X11; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0"
    }
  , source = ltn12.source.string(form_data_cat)
  , redirect = false
  }

-- Parse "Set-Cookie"
local login_parsed_cookie, err = cookie.parse(login_headers["set-cookie"])

-- remove some entries
for _, key in pairs({"domain", "expires", "Max-Age", "path", "reg_fb_gate"}) do
  login_parsed_cookie[key] = nil
end

-- mutative string concat a cookie with an initial value
local oauth_cookie = "x-referer=" .. url_encode("https://touch.facebook.com/?soft=notifications#/?soft=messages")
for k, v in pairs(login_parsed_cookie) do
  oauth_cookie = oauth_cookie .. "; " .. k .. "=" .. v
end

--
local _, _, oauth_headers, oath_status_code = https.request
  { method = "GET"
  , url = login_headers.location
  , protocol = "tlsv1_2"
  , headers =
    { ["Cookie"] = oauth_cookie
    , ["Referer"] = "https://m.facebook.com/"
    , ["User-Agent"] = "Mozilla/5.0 (X11; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0"
    }
  , redirect = false
  }

-- Decode the Oauth Location header
local oauth_loc = url_decode(oauth_headers.location)

-- Find the access token from the Location
local access_token_match = string.match(oauth_loc, "access_token=[^&]+")
local tinder_facebook_access_token = string.gsub(access_token_match, "access_token=", "")

-- Print token
print(tinder_facebook_access_token)
	-- TODO: nil check the hell out of this

	local https = require "ssl.https"
	local ltn12 = require "ltn12"
	local lub = require "lub"
	local xml = require "xml"
	local cookie = require "cookie"


	function url_encode(str)
	if (str) then
	str = string.gsub (str, "\n", "\r\n")
	str = string.gsub (str, "([^%w %-%_%.%~])",
	function (c) return string.format ("%%%02X", string.byte(c)) end)
	str = string.gsub (str, " ", "+")
	end
	return str
	end

	function url_decode(str)
	if (str) then
	str = string.gsub (str, "+", " ")
	str = string.gsub (str, "%%(%x%x)",
	function(h) return string.char(tonumber(h,16)) end)
	str = string.gsub (str, "\r\n", "\n")
	end
	return str
	end

	local init_url = "https://m.facebook.com/login.php?skip_api_login=1&api_key=464891386855067&signed_next=1&next=https%3A%2F%2Fwww.facebook.com%2Fv2.0%2Fdialog%2Foauth%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.facebook.com%252Fconnect%252Flogin_success.html%26scope%3Duser_birthday%252Cuser_relationship_details%252Cuser_likes%252Cuser_activities%252Cuser_education_history%252Cuser_photos%252Cuser_friends%252Cuser_about_me%252Cemail%252Cpublic_profile%26response_type%3Dtoken%26client_id%3D464891386855067%26ret%3Dlogin%26logger_id%3D91bff3d1-b5aa-4146-a637-57c77f3284db&cancel_url=https%3A%2F%2Fwww.facebook.com%2Fconnect%2Flogin_success.html%3Ferror%3Daccess_denied%26error_code%3D200%26error_description%3DPermissions%2Berror%26error_reason%3Duser_denied%23_%3D_&display=page&locale=en_US&logger_id=91bff3d1-b5aa-4146-a637-57c77f3284db"

	-- GET markup from login
	local form_table = {}
	local _, _, form_headers, _ = https.request
	{ method = "GET"
	, url = init_url
	, protocol = "tlsv1_2"
	, headers =
	{ ["User-Agent"] = "Mozilla/5.0 (X11; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0"
	}
	, sink = ltn12.sink.table(form_table)
	}

	local form_body = table.concat(form_table)

	-- load the content into an XML parser
	local login_page_xml = xml.load(form_body)

	-- find the login <form>
	local form = lub.search(login_page_xml, function(node)
	if node.xml == "form" and node.id == "login_form" and node.action ~= nil then
	return node
	end
	end, 1000)

	-- get the action so we can POST to it
	local action = form.action

	-- get hidden form data
	local form_data = {}
	lub.search(form, function(node)
	if node.xml == "input" and node.type == "hidden" and node.name ~= nil and node.value ~= nil then
	form_data[#form_data+1] = node.name .. "=" .. node.value
	end
	end, 10)

	-- Add extra form datas
	form_data[#form_data+1] = "login=Log+In"
	form_data[#form_data+1] = "email=" .. url_encode("USERNAME")
	form_data[#form_data+1] = "pass=" .. url_encode("PASSWORD")

	-- Concat into POST data
	form_data_cat = table.concat(form_data, "&")

	-- Do the login POST
	local _, _, login_headers, login_status_code = https.request
	{ method = "POST"
	, url = action
	, protocol = "tlsv1_2"
	, headers =
	{ ["Accept"] = "/"
	, ["Content-Type"] = "application/x-www-form-urlencoded"
	, ["Content-Length"] = #form_data_cat
	, ["Set-Cookie"] = form_headers["set-cookie"]
	, ["Referer"] = init_url
	, ["User-Agent"] = "Mozilla/5.0 (X11; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0"
	}
	, source = ltn12.source.string(form_data_cat)
	, redirect = false
	}

	-- Parse "Set-Cookie"
	local login_parsed_cookie, err = cookie.parse(login_headers["set-cookie"])

	-- remove some entries
	for _, key in pairs({"domain", "expires", "Max-Age", "path", "reg_fb_gate"}) do
	login_parsed_cookie[key] = nil
	end

	-- mutative string concat a cookie with an initial value
	local oauth_cookie = "x-referer=" .. url_encode("https://touch.facebook.com/?soft=notifications#/?soft=messages")
	for k, v in pairs(login_parsed_cookie) do
	oauth_cookie = oauth_cookie .. "; " .. k .. "=" .. v
	end

	--
	local _, _, oauth_headers, oath_status_code = https.request
	{ method = "GET"
	, url = login_headers.location
	, protocol = "tlsv1_2"
	, headers =
	{ ["Cookie"] = oauth_cookie
	, ["Referer"] = "https://m.facebook.com/"
	, ["User-Agent"] = "Mozilla/5.0 (X11; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0"
	}
	, redirect = false
	}

	-- Decode the Oauth Location header
	local oauth_loc = url_decode(oauth_headers.location)

	-- Find the access token from the Location
	local access_token_match = string.match(oauth_loc, "access_token=[^&]+")
	local tinder_facebook_access_token = string.gsub(access_token_match, "access_token=", "")

	-- Print token
	print(tinder_facebook_access_token)