Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Token und Map von Server holen #8

Open
Black-Blade opened this issue Apr 9, 2021 · 0 comments
Open

Token und Map von Server holen #8

Black-Blade opened this issue Apr 9, 2021 · 0 comments

Comments

@Black-Blade
Copy link

Hallo Wolbolar

hier ist der Code zum auslesen von der Token und Map in RRFileFormat
fiel Spaß damit

Einfach $user $password eingaben wie in der APP

Gruß Black-Blade
`<?php
$user ="";
$password="";
$server ="de";

function user($user)
{
return trim($user);
}
function encodePassword($password)
{
return strtoupper(md5($password));
}

function parseJson($jsonString) {
$jsonString = str_replace('&&&START&&&', '',$jsonString);
$jsonData = json_decode($jsonString, true);
if ($jsonData ===null) return false;

return $jsonData;

}

function clientId()
{
$clientId="";
for ($i=0; $i<7;$i++)
{
$clientId = $clientId.chr(rand(97,122)); // buschstaben a bis z
$clientId = substr($clientId,0,6);
}
return $clientId;
}

function generateSignature($ssecurity,$params,$path)
{
$nonce = random_bytes(16);
$nonce =substr( $nonce,4,12);
$bytes = pack('L',intval(microtime(true)/60));
$nonce=$bytes.$nonce;
$nonce = base64_encode($nonce);

$nonce = random_bytes(8);
$bytes = pack('N',intval(round(microtime(true)/60)));
$nonce=$nonce.$bytes;
$nonce = base64_encode($nonce);

$ctx = hash_init('sha256');
hash_update($ctx, base64_decode($ssecurity).base64_decode($nonce));
$signature = base64_encode(hash_final($ctx,true));


$paramsArray = Array();
array_push($paramsArray,$path);
array_push($paramsArray,$signature);
array_push($paramsArray,$nonce);

$data="";
foreach ($params as $key => $value)
{
    if ($key=="key") $data=$value."=";
    if ($key=="value") $data=$data.$value;

}
array_push($paramsArray, $data);

$postdata ="";
foreach ($paramsArray as $key => $value)
{
    $postdata = $postdata . $value . "&";
}
$postdata  = substr($postdata ,0,-1);

$body = Array ("signature" => HashHmacSHA256($postdata, $signature),
"_nonce"=> $nonce,
"data"=> $params["value"]);
return $body;

}

function HashHmacSHA256($data, $secret)
{
$test = base64_encode( hash_hmac ( 'sha256' , $data , base64_decode($secret) , true ));
return $test;
}

function login($user,$clientId)
{
$headers = ['Content-Type: application/x-www-form-urlencoded',
'User-Agent: Android-7.1.1-1.0.0-ONEPLUS A3010-136-9D28921C354D7 APP/xiaomi.smarthome APPV/62830',
'Cookie: sdkVersion=accountsdk-18.8.15; userId=' . user($user) . '; deviceId='.clientId()];
$ch = curl_init("https://account.xiaomi.com/pass/serviceLogin?sid=xiaomiio&_json=true");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_TIMEOUT,10);

$result=curl_exec ($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close ($ch);

if ($httpcode !=200) return false;
return parseJson($result);

}

function login_account($user,$password,$clientId,$callback,$qs,$sign)
{
$headers = ['Content-Type: application/x-www-form-urlencoded',
'User-Agent: Android-7.1.1-1.0.0-ONEPLUS A3010-136-9D28921C354D7 APP/xiaomi.smarthome APPV/62830',
'Cookie: sdkVersion=accountsdk-18.8.15; deviceId='.clientId()];
$form = Array ("sid" => "xiaomiio",
"hash"=> encodePassword($password),
"callback"=> $callback,
"qs"=> $qs,
"user"=> user($user),
"_sign"=> $sign,
"_json"=>"true",

            );


$form = http_build_query( $form);
$ch = curl_init("https://account.xiaomi.com/pass/serviceLoginAuth2");

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POSTFIELDS,$form);
curl_setopt($ch, CURLOPT_ENCODING, 'gzip');
curl_setopt($ch, CURLOPT_TIMEOUT,10);
$result=curl_exec ($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);

curl_close ($ch);
if ($httpcode !=200) return false;
return parseJson($result);

}

function login_location($clientId,$location)
{
$ckfile="";
$headers = ['Content-Type: application/x-www-form-urlencoded',
'User-Agent: Android-7.1.1-1.0.0-ONEPLUS A3010-136-9D28921C354D7 APP/xiaomi.smarthome APPV/62830',
'Cookie: sdkVersion=accountsdk-18.8.15; deviceId='.clientId()];
$ch = curl_init($location);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_ENCODING, 'gzip');
curl_setopt($ch, CURLOPT_TIMEOUT,10);
$result=curl_exec ($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);

$header = substr($result, 0, $header_size);
$result = substr($result, $header_size);

curl_close ($ch);

if ($httpcode !=200) return false;

if ($result=="ok")
{

    $userId= explode("userId=",$header)[1];
    $userId= explode(";",$userId)[0];

    $cUserId= explode("cUserId=",$header)[1];
    $cUserId= explode(";",$cUserId)[0];

    $serviceToken= explode("serviceToken=",$header)[1];
    $serviceToken= explode(";",$serviceToken)[0];
    
    $cookies = Array ("userId" => $userId,
                      "cUserId"=> $cUserId,
                      "serviceToken"=> $serviceToken);
    return $cookies;
}

return false;

}

function getDeviceStatus ($userid, $serviceToken, $server, $ssecurity)
{
$path ='/home/device_list';
$obj ='{"getVirtualModel":false,"getHuamiDevices":0}';
$headers = ['Content-Type: application/x-www-form-urlencoded',
'x-xiaomi-protocal-flag-cli: PROTOCAL-HTTP2',
'User-Agent: Android-7.1.1-1.0.0-ONEPLUS A3010-136-9D28921C354D7 APP/xiaomi.smarthome APPV/62830',
'Cookie: userId=' . $userid . '; yetAnotherServiceToken=' . $serviceToken . '; serviceToken=' . $serviceToken . '; locale=de_DE; timezone=GMT%2B01%3A00; is_daylight=1; dst_offset=3600000; channel=MI_APP_STORE'];

$url = 'https://' . $server . '.api.io.mi.com/app'.$path;
$params = Array ("key" => "data",
"value"=> $obj);

$body = generateSignature($ssecurity,$params,$path);
$body = http_build_query( $body);

$ch = curl_init($url);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POSTFIELDS,$body);
curl_setopt($ch, CURLOPT_ENCODING, 'gzip');
curl_setopt($ch, CURLOPT_TIMEOUT,10);
$result=curl_exec ($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);

curl_close ($ch);

if ($httpcode !=200) return false;
return json_decode($result, true);

}

function getMapURL ($userid, $serviceToken, $server, $ssecurity,$did)
{
$path ='/home/getmapfileurl';
$mapName ="robomap%2F".$did."%2F0";

$headers = ['Content-Type: application/x-www-form-urlencoded',
          'x-xiaomi-protocal-flag-cli: PROTOCAL-HTTP2',
          'User-Agent: Android-7.1.1-1.0.0-ONEPLUS A3010-136-9D28921C354D7 APP/xiaomi.smarthome APPV/62830',
          'Cookie: userId=' . $userid . '; yetAnotherServiceToken=' . $serviceToken . '; serviceToken=' . $serviceToken . '; locale=de_DE; timezone=GMT%2B01%3A00; is_daylight=1; dst_offset=3600000; channel=MI_APP_STORE'];


$url = 'https://' . $server . '.api.io.mi.com/app'.$path;
$params = Array ("key" => "data",
"value"=> '{"obj_name":"' . $mapName .'"}');

$body = generateSignature($ssecurity,$params,$path);
$body = http_build_query( $body);

$ch = curl_init($url);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POSTFIELDS,$body);
curl_setopt($ch, CURLOPT_ENCODING, 'gzip');
curl_setopt($ch, CURLOPT_TIMEOUT,10);
$result=curl_exec ($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);

curl_close ($ch);
if ($httpcode !=200) return false;
return json_decode($result, true);

}

$clientId = clientId();
$jsonData = login($user,$clientId);
if ($jsonData === false) return false;
print_r ("logindata\r\n");
print_r ($jsonData);
if(!isset($jsonData['qs'])) return false;
if(!isset($jsonData['callback'])) return false;
if(!isset($jsonData['_sign'])) return false;
$qs= $jsonData["qs"];
$callback= $jsonData["callback"];
$sign= $jsonData["_sign"];

$jsonData = login_account($user,$password,$clientId,$callback,$qs,$sign);
if ($jsonData === false) return false;
print_r ("login_account\r\n");
print_r ($jsonData);
if(!isset($jsonData['ssecurity'])) return false;
if(!isset($jsonData['userId'])) return false;
if(!isset($jsonData['location'])) return false;
$ssecurity = $jsonData["ssecurity"];
$userId = $jsonData["userId"];
$location=$jsonData["location"];

$jsonData = login_location($clientId,$location);
if ($jsonData === false) return false;
print_r ("login_location\r\n");
print_r ($jsonData);
if(!isset($jsonData['userId'])) return false;
if(!isset($jsonData['serviceToken'])) return false;
$userId = $jsonData["userId"];
$serviceToken = $jsonData["serviceToken"];

$jsonData = getDeviceStatus ($userId, $serviceToken, "de", $ssecurity);
if ($jsonData === false) return false;
print_r ("login_location\r\n");
print_r ($jsonData);
if(!isset($jsonData["result"]["list"][0]["did"])) return false;
if(!isset($jsonData["result"]["list"][0]["token"])) return false;
$did =($jsonData["result"]["list"][0]["did"]);

$jsonData =getMapURL($userId, $serviceToken, $server, $ssecurity,$did);
if ($jsonData === false) return false;
print_r ("getMapURL\r\n");
print_r ($jsonData);
if(!isset($jsonData["result"]["url"])) return false;
$url = ($jsonData["result"]["url"]);
print_r($url);

$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($ch, CURLOPT_ENCODING, 'gzip');
curl_setopt($ch, CURLOPT_TIMEOUT,10);
$result=curl_exec ($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close ($ch);

$RRFileFormat = gzdecode($result);

//print_r(bin2hex(gzdecode($result)));
//print_r($result);`
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Black-Blade