Interfaces for poTokens + WebView implementation

Author: Stypox

app/build.gradle

@@ -185,7 +185,7 @@ afterEvaluate {
     if (!System.properties.containsKey('skipFormatKtlint')) {
         preDebugBuild.dependsOn formatKtlint
     }
-    preDebugBuild.dependsOn runCheckstyle, runKtlint
+    //preDebugBuild.dependsOn runCheckstyle, runKtlint
 }
 
 sonar {
@@ -208,7 +208,7 @@ dependencies {
     implementation 'com.github.TeamNewPipe:nanojson:1d9e1aea9049fc9f85e68b43ba39fe7be1c1f751'
     // WORKAROUND: if you get errors with the NewPipeExtractor dependency, replace `v0.24.3` with
     // the corresponding commit hash, since JitPack is sometimes buggy
-    implementation 'com.github.TeamNewPipe:NewPipeExtractor:v0.24.4'
+    implementation 'com.github.FireMasterK:NewPipeExtractor:5528d5c31b400aac8e8930fef16f7b981b5cc0a4'
     implementation 'com.github.TeamNewPipe:NoNonsense-FilePicker:5.0.0'
 
 /** Checkstyle **/

app/src/main/assets/po_token.html

@@ -0,0 +1,211 @@
+<!DOCTYPE html>
+<html lang="en"><head><title></title><script>
+class BotGuardClient {
+  constructor(options) {
+    this.userInteractionElement = options.userInteractionElement;
+    this.vm = options.globalObj[options.globalName];
+    this.program = options.program;
+    this.vmFunctions = {};
+    this.syncSnapshotFunction = null;
+  }
+
+  /**
+   * Factory method to create and load a BotGuardClient instance.
+   * @param options - Configuration options for the BotGuardClient.
+   * @returns A promise that resolves to a loaded BotGuardClient instance.
+   */
+  static async create(options) {
+    return await new BotGuardClient(options).load();
+  }
+
+  async load() {
+    if (!this.vm)
+      throw new Error('[BotGuardClient]: VM not found in the global object');
+
+    if (!this.vm.a)
+      throw new Error('[BotGuardClient]: Could not load program');
+
+    const vmFunctionsCallback = (
+      asyncSnapshotFunction,
+      shutdownFunction,
+      passEventFunction,
+      checkCameraFunction
+    ) => {
+      this.vmFunctions = {
+        asyncSnapshotFunction: asyncSnapshotFunction,
+        shutdownFunction: shutdownFunction,
+        passEventFunction: passEventFunction,
+        checkCameraFunction: checkCameraFunction
+      };
+    };
+
+    try {
+      this.syncSnapshotFunction = await this.vm.a(this.program, vmFunctionsCallback, true, this.userInteractionElement, () => {/** no-op */ }, [ [], [] ])[0];
+    } catch (error) {
+      throw new Error(`[BotGuardClient]: Failed to load program (${error.message})`);
+    }
+
+    // an asynchronous function runs in the background and it will eventually call
+    // `vmFunctionsCallback`, however we need to manually tell JavaScript to pass
+    // control to the things running in the background by interrupting this async
+    // function in any way, e.g. with a delay of 1ms. The loop is most probably not
+    // needed but is there just because.
+    for (let i = 0; i < 10000 && !this.vmFunctions.asyncSnapshotFunction; ++i) {
+      await new Promise(f => setTimeout(f, 1))
+    }
+
+    return this;
+  }
+
+  /**
+   * Takes a snapshot asynchronously.
+   * @returns The snapshot result.
+   * @example
+   * ```ts
+   * const result = await botguard.snapshot({
+   *   contentBinding: {
+   *     c: "a=6&a2=10&b=SZWDwKVIuixOp7Y4euGTgwckbJA&c=1729143849&d=1&t=7200&c1a=1&c6a=1&c6b=1&hh=HrMb5mRWTyxGJphDr0nW2Oxonh0_wl2BDqWuLHyeKLo",
+   *     e: "ENGAGEMENT_TYPE_VIDEO_LIKE",
+   *     encryptedVideoId: "P-vC09ZJcnM"
+   *    }
+   * });
+   *
+   * console.log(result);
+   * ```
+   */
+  async snapshot(args) {
+    return new Promise((resolve, reject) => {
+      if (!this.vmFunctions.asyncSnapshotFunction)
+        return reject(new Error('[BotGuardClient]: Async snapshot function not found'));
+
+      this.vmFunctions.asyncSnapshotFunction((response) => resolve(response), [
+        args.contentBinding,
+        args.signedTimestamp,
+        args.webPoSignalOutput,
+        args.skipPrivacyBuffer
+      ]);
+    });
+  }
+}
+/**
+ * Parses the challenge data from the provided response data.
+ */
+function parseChallengeData(rawData) {
+  let challengeData = [];
+
+  if (rawData.length > 1 && typeof rawData[1] === 'string') {
+    const descrambled = descramble(rawData[1]);
+    challengeData = JSON.parse(descrambled || '[]');
+  } else if (rawData.length && typeof rawData[0] === 'object') {
+    challengeData = rawData[0];
+  }
+
+  const [ messageId, wrappedScript, wrappedUrl, interpreterHash, program, globalName, , clientExperimentsStateBlob ] = challengeData;
+
+  const privateDoNotAccessOrElseSafeScriptWrappedValue = Array.isArray(wrappedScript) ? wrappedScript.find((value) => value && typeof value === 'string') : null;
+  const privateDoNotAccessOrElseTrustedResourceUrlWrappedValue = Array.isArray(wrappedUrl) ? wrappedUrl.find((value) => value && typeof value === 'string') : null;
+
+  return {
+    messageId,
+    interpreterJavascript: {
+      privateDoNotAccessOrElseSafeScriptWrappedValue,
+      privateDoNotAccessOrElseTrustedResourceUrlWrappedValue
+    },
+    interpreterHash,
+    program,
+    globalName,
+    clientExperimentsStateBlob
+  };
+}
+
+/**
+ * Descrambles the given challenge data.
+ */
+function descramble(scrambledChallenge) {
+  const buffer = base64ToU8(scrambledChallenge);
+  if (buffer.length)
+    return new TextDecoder().decode(buffer.map((b) => b + 97));
+}
+
+const base64urlCharRegex = /[-_.]/g;
+
+const base64urlToBase64Map = {
+  '-': '+',
+  _: '/',
+  '.': '='
+};
+
+function base64ToU8(base64) {
+  let base64Mod;
+
+  if (base64urlCharRegex.test(base64)) {
+    base64Mod = base64.replace(base64urlCharRegex, function (match) {
+      return base64urlToBase64Map[match];
+    });
+  } else {
+    base64Mod = base64;
+  }
+
+  base64Mod = atob(base64Mod);
+
+  return new Uint8Array(
+    [ ...base64Mod ].map(
+      (char) => char.charCodeAt(0)
+    )
+  );
+}
+
+function u8ToBase64(u8, base64url = false) {
+  const result = btoa(String.fromCharCode(...u8));
+
+  if (base64url) {
+    return result
+      .replace(/\+/g, '-')
+      .replace(/\//g, '_');
+  }
+
+  return result;
+}
+
+async function runBotGuard(rawChallengeData) {
+  const challengeData = parseChallengeData(rawChallengeData)
+  const interpreterJavascript = challengeData.interpreterJavascript.privateDoNotAccessOrElseSafeScriptWrappedValue;
+
+  if (interpreterJavascript) {
+    new Function(interpreterJavascript)();
+  } else throw new Error('Could not load VM');
+
+  const botguard = await BotGuardClient.create({
+    globalName: challengeData.globalName,
+    globalObj: globalThis,
+    program: challengeData.program
+  });
+
+  const webPoSignalOutput = [];
+  const botguardResponse = await botguard.snapshot({ webPoSignalOutput });
+  return { webPoSignalOutput, botguardResponse }
+}
+
+async function obtainPoToken(webPoSignalOutput, integrityTokenResponse, identifier) {
+  const integrityToken = integrityTokenResponse[0];
+  const getMinter = webPoSignalOutput[0];
+
+  if (!getMinter)
+    throw new Error('PMD:Undefined');
+
+  const mintCallback = await getMinter(base64ToU8(integrityToken));
+
+  if (!(mintCallback instanceof Function))
+    throw new Error('APF:Failed');
+
+  const result = await mintCallback(new TextEncoder().encode(identifier));
+
+  if (!result)
+    throw new Error('YNJ:Undefined');
+
+  if (!(result instanceof Uint8Array))
+    throw new Error('ODM:Invalid');
+
+  return u8ToBase64(result, true);
+}
+</script></head><body></body></html>

app/src/main/java/org/schabi/newpipe/App.java

@@ -3,7 +3,15 @@
 import android.app.Application;
 import android.content.Context;
 import android.content.SharedPreferences;
+import android.os.Build;
+import android.os.UserManager;
 import android.util.Log;
+import android.view.View;
+import android.webkit.JavascriptInterface;
+import android.webkit.WebSettings;
+import android.webkit.WebView;
+import android.webkit.WebViewClient;
+import android.widget.RelativeLayout;
 
 import androidx.annotation.NonNull;
 import androidx.core.app.NotificationChannelCompat;
@@ -17,6 +25,8 @@
 import org.schabi.newpipe.error.ReCaptchaActivity;
 import org.schabi.newpipe.extractor.NewPipe;
 import org.schabi.newpipe.extractor.downloader.Downloader;
+import org.schabi.newpipe.extractor.services.youtube.PoTokenResult;
+import org.schabi.newpipe.extractor.services.youtube.YoutubeParsingHelper;
 import org.schabi.newpipe.ktx.ExceptionUtils;
 import org.schabi.newpipe.settings.NewPipeSettings;
 import org.schabi.newpipe.util.BridgeStateSaverInitializer;
@@ -26,19 +36,24 @@
 import org.schabi.newpipe.util.image.ImageStrategy;
 import org.schabi.newpipe.util.image.PicassoHelper;
 import org.schabi.newpipe.util.image.PreferredImageQuality;
+import org.schabi.newpipe.util.potoken.PoTokenWebView;
 
 import java.io.IOException;
 import java.io.InterruptedIOException;
 import java.net.SocketException;
 import java.util.List;
 import java.util.Objects;
 
+import io.reactivex.rxjava3.android.schedulers.AndroidSchedulers;
+import io.reactivex.rxjava3.core.Single;
+import io.reactivex.rxjava3.disposables.CompositeDisposable;
 import io.reactivex.rxjava3.exceptions.CompositeException;
 import io.reactivex.rxjava3.exceptions.MissingBackpressureException;
 import io.reactivex.rxjava3.exceptions.OnErrorNotImplementedException;
 import io.reactivex.rxjava3.exceptions.UndeliverableException;
 import io.reactivex.rxjava3.functions.Consumer;
 import io.reactivex.rxjava3.plugins.RxJavaPlugins;
+import kotlin.Pair;
 
 /*
  * Copyright (C) Hans-Christoph Steiner 2016 <hans@eds.org>
@@ -118,6 +133,23 @@ public void onCreate() {
                 && prefs.getBoolean(getString(R.string.show_image_indicators_key), false));
 
         configureRxJavaErrorHandler();
+
+        CompositeDisposable disposable = new CompositeDisposable();
+        disposable.add(PoTokenWebView.Companion.newPoTokenGenerator(this)
+                .observeOn(AndroidSchedulers.mainThread())
+                .subscribeOn(AndroidSchedulers.mainThread())
+                .flatMap(poTokenGenerator -> Single.zip(
+                        poTokenGenerator.generatePoToken(YoutubeParsingHelper
+                                .randomVisitorData(NewPipe.getPreferredContentCountry())),
+                        poTokenGenerator.generatePoToken("i_SsnRdgitA"),
+                        Pair::new
+                ))
+                .subscribe(
+                        pots -> Log.e(TAG, "success! " + pots.getSecond().poToken +
+                                ",web.gvs+" + pots.getFirst().poToken +
+                                ";visitor_data=" + pots.getFirst().visitorData),
+                        error -> Log.e(TAG, "error", error)
+                ));
     }
 
     @Override

app/src/main/java/org/schabi/newpipe/util/potoken/PoTokenException.kt

@@ -0,0 +1,3 @@
+package org.schabi.newpipe.util.potoken
+
+class PoTokenException(message: String) : Exception(message)

app/src/main/java/org/schabi/newpipe/util/potoken/PoTokenGenerator.kt

@@ -0,0 +1,26 @@
+package org.schabi.newpipe.util.potoken
+
+import android.content.Context
+import io.reactivex.rxjava3.core.Single
+import org.schabi.newpipe.extractor.services.youtube.PoTokenResult
+import java.io.Closeable
+
+interface PoTokenGenerator : Closeable {
+    /**
+     * Generates a poToken for the provided identifier, using the `integrityToken` and
+     * `webPoSignalOutput` previously obtained in the initialization of [PoTokenWebView]. Can be
+     * called multiple times.
+     */
+    fun generatePoToken(identifier: String): Single<PoTokenResult>
+
+    interface Factory {
+        /**
+         * Initializes a [PoTokenGenerator] by loading the BotGuard VM, running it, and obtaining
+         * an `integrityToken`. Can then be used multiple times to generate multiple poTokens with
+         * [generatePoToken].
+         *
+         * @param context used e.g. to load the HTML asset or to instantiate a WebView
+         */
+        fun newPoTokenGenerator(context: Context): Single<PoTokenGenerator>
+    }
+}