-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Mimic the request workflow of official application #4605
Comments
Addtionnal information regarding GetAssetDigest can be found on reddit. GetAssetDigest and GetDownloadUrls must be implemented to be close of official app behavior. |
This seems more efficient that #4114 |
Awsome work @s0crat i hope this is a problem :-) |
Aren't we already mimic some parts of this sequence? request.get_player()
request.get_hatched_eggs()
request.get_inventory()
request.check_awarded_badges()
request.download_settings(hash="54b359c97e46900f87211ef6e6dd0b7f2a3ea1f5") |
The sequence you fingerpoint is located in app_simulation_login() function of src/pgoapi/pgoapi/pgoapi.py . Few comments:
|
Made some tests with pgoapi - calling DownloadSettings w/o params always returns same hash value, changing platfom to ADNROID, iOS, etc dont make any sense. |
Have you tried with different accounts ? I think this is linked to a specific account. Hash value retrieved with the account used for tests isn't the same as the value hardcoded. Moreover, DownloadSettings return lot of other stuffs related to a specific account (like the google_maps_api_key , etc.). I guess the hash value is per account ... |
Yeap, tried 3 accounts. Same hash value for all of them: {'hash': u'2788184af4004004d6ab0740f7632983332106f6'...} Values isn't the same as hardcoded hash value - 54b359c97e46900f87211ef6e6dd0b7f2a3ea1f5 |
Same hash value for me. Maybe linked with the version of the app ? |
Tried 0.33.0 and 0.35.0 - nothing changed. |
Short Description
Bot request workflow is not implemented in the same way as the official application do. It's a way for Niantic to detect bots. Below is the request workflow sent by my Android official application, latest version:
1st step:
2d step:
3rd Step
Next steps:
Possible solution
Start with GetPlayer request only. For each other actions, implement thefollowing workflow:
Note that GetAssetDigest and GetPlayer are sent periodically (1 time each 5 min ?).
How it would help others
Implementing the right request workflow can help to mimic the official application behavior and make more difficult the detection of bots.
The text was updated successfully, but these errors were encountered: