[ie/playsuisse] Fix login support (#12444)

Closes #12425 Authored by: bashonly
2025-03-01 13:30:33 +01:00 · 2025-02-23 03:22:51 -06:00 · 2025-02-23 03:22:51 -06:00 · 6933f5670c
commit 6933f5670c
parent 26a502fc72
1 changed files with 63 additions and 26 deletions
--- a/yt_dlp/extractor/playsuisse.py
+++ b/yt_dlp/extractor/playsuisse.py
@ -1,4 +1,7 @@
 import base64
 import hashlib
 import json
 import uuid
 from .common import InfoExtractor
 from ..utils import (
@ -142,39 +145,73 @@ class PlaySuisseIE(InfoExtractor):
            id
            url
        }'''
-    _LOGIN_BASE_URL = 'https://login.srgssr.ch/srgssrlogin.onmicrosoft.com'
+    _CLIENT_ID = '1e33f1bf-8bf3-45e4-bbd9-c9ad934b5fca'
-    _LOGIN_PATH = 'B2C_1A__SignInV2'
+    _LOGIN_BASE = 'https://account.srgssr.ch'
    _ID_TOKEN = None
    def _perform_login(self, username, password):
-        login_page = self._download_webpage(
+        code_verifier = uuid.uuid4().hex + uuid.uuid4().hex + uuid.uuid4().hex
-            'https://www.playsuisse.ch/api/sso/login', None, note='Downloading login page',
+        code_challenge = base64.urlsafe_b64encode(
-            query={'x': 'x', 'locale': 'de', 'redirectUrl': 'https://www.playsuisse.ch/'})
+            hashlib.sha256(code_verifier.encode()).digest()).decode().rstrip('=')
        settings = self._search_json(r'var\s+SETTINGS\s*=', login_page, 'settings', None)
-        csrf_token = settings['csrf']
+        request_id = parse_qs(self._request_webpage(
-        query = {'tx': settings['transId'], 'p': self._LOGIN_PATH}
+            f'{self._LOGIN_BASE}/authz-srv/authz', None, 'Requesting session ID', query={
                'client_id': self._CLIENT_ID,
                'redirect_uri': 'https://www.playsuisse.ch/auth',
                'scope': 'email profile openid offline_access',
                'response_type': 'code',
                'code_challenge': code_challenge,
                'code_challenge_method': 'S256',
                'view_type': 'login',
            }).url)['requestId'][0]
-        status = traverse_obj(self._download_json(
+        try:
-            f'{self._LOGIN_BASE_URL}/{self._LOGIN_PATH}/SelfAsserted', None, 'Logging in',
+            exchange_id = self._download_json(
-            query=query, headers={'X-CSRF-TOKEN': csrf_token}, data=urlencode_postdata({
+                f'{self._LOGIN_BASE}/verification-srv/v2/authenticate/initiate/password', None,
-                'request_type': 'RESPONSE',
+                'Submitting username', headers={'content-type': 'application/json'}, data=json.dumps({
-                'signInName': username,
+                    'usage_type': 'INITIAL_AUTHENTICATION',
-                'password': password,
+                    'request_id': request_id,
-            }), expected_status=400), ('status', {int_or_none}))
+                    'medium_id': 'PASSWORD',
-        if status == 400:
+                    'type': 'password',
-            raise ExtractorError('Invalid username or password', expected=True)
+                    'identifier': username,
                }).encode())['data']['exchange_id']['exchange_id']
        except ExtractorError:
            raise ExtractorError('Invalid username', expected=True)
-        urlh = self._request_webpage(
+        try:
-            f'{self._LOGIN_BASE_URL}/{self._LOGIN_PATH}/api/CombinedSigninAndSignup/confirmed',
+            login_data = self._download_json(
-            None, 'Downloading ID token', query={
+                f'{self._LOGIN_BASE}/verification-srv/v2/authenticate/authenticate/password', None,
-                'rememberMe': 'false',
+                'Submitting password', headers={'content-type': 'application/json'}, data=json.dumps({
-                'csrf_token': csrf_token,
+                    'requestId': request_id,
-                **query,
+                    'exchange_id': exchange_id,
-                'diags': '',
+                    'type': 'password',
-            })
+                    'password': password,
                }).encode())['data']
        except ExtractorError:
            raise ExtractorError('Invalid password', expected=True)
        authorization_code = parse_qs(self._request_webpage(
            f'{self._LOGIN_BASE}/login-srv/verification/login', None, 'Logging in',
            data=urlencode_postdata({
                'requestId': request_id,
                'exchange_id': login_data['exchange_id']['exchange_id'],
                'verificationType': 'password',
                'sub': login_data['sub'],
                'status_id': login_data['status_id'],
                'rememberMe': True,
                'lat': '',
                'lon': '',
            })).url)['code'][0]
        self._ID_TOKEN = self._download_json(
            f'{self._LOGIN_BASE}/proxy/token', None, 'Downloading token', data=b'', query={
                'client_id': self._CLIENT_ID,
                'redirect_uri': 'https://www.playsuisse.ch/auth',
                'code': authorization_code,
                'code_verifier': code_verifier,
                'grant_type': 'authorization_code',
            })['id_token']
        self._ID_TOKEN = traverse_obj(parse_qs(urlh.url), ('id_token', 0))
        if not self._ID_TOKEN:
            raise ExtractorError('Login failed')