Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Signing key changed? #40

Open
Patralos opened this issue Jul 20, 2017 · 27 comments
Open

Signing key changed? #40

Patralos opened this issue Jul 20, 2017 · 27 comments

Comments

@Patralos
Copy link

It seems like the signing key has been changed:

import jodel_api
lat, lng, city = 48.148434, 11.567867, "Munich"
j = jodel_api.JodelAccount(lat=lat, lng=lng, city=city)
Creating new account.
Traceback (most recent call last):
File "", line 1, in
File "/usr/local/lib/python2.7/dist-packages/jodel_api-1.2.5-py2.7.egg/jodel_api/jodel_api.py", line 56, in init
r = self.refresh_all_tokens(**kwargs)
File "/usr/local/lib/python2.7/dist-packages/jodel_api-1.2.5-py2.7.egg/jodel_api/jodel_api.py", line 136, in refresh_all_tokens
raise Exception(resp)
Exception: (477, {u'metadata': None, u'error': u'Signed request expected'})

Environment

4.49.0
GnAXvETHFDbDfhngjDYEkszdqZowDpWsWuCectMJ

@mullanptr
Copy link

Have the same problem.
According to the error-codes
this will be fixed if the jodel_api is getting a new release.
So we simply might just have to wait.

@espilsad
Copy link

You can do it yourself with this tool:
https://github.com/nborrmann/jodeldecompile

@tom-eagle92
Copy link

Was anybody able to get the new signing key?
I can't get the scripts from the jdoeldecompile repository working, same with the ojoc-keyhack scripts.

@gaurav-stepin
Copy link

Hi mate,
I just wanted to check that if you are going to update api-key soon?
thanks

@Thamos
Copy link

Thamos commented Aug 7, 2017

Here are the latest keys (there's also a pull request for the newest)

version: 4.55.1
secret: SUJlYgihNxTmcfdrEcjROozfNemiqJSjYpoJJMUC
version: 4.54.1
secret: lYgeNFRCzBYVxqVtxeaJAHHZnogGssMFgVTgxBvP
version: 4.53.1
secret: UJBCWDUHEtpdiawcSEJSpUSXtWbrXOfIWeYTRVjX

@Gudui
Copy link

Gudui commented Aug 12, 2017

@Thamos

How do you extract the keys?

I've look at https://github.com/nborrmann/jodeldecompile/
But im stuck in the fourth step, where a decompiler is used, but i can't seem to find the specific decompiler.

Thanks in advance

@kian1991
Copy link

@Thamos would you please delete the keys? It's okay if only ones with the knowledge to extract it have them. The more spammer and abuser out there the more likely it won't be possible to use their API in the future! (And there are a lot of guys abusing it unfortunately)

@Thamos
Copy link

Thamos commented Aug 12, 2017

@Gudui
Just google for a .so decompiler, I'm sure you can find one.

@kian1991
Since 4.56.1 is already released I won't remove them (cause they are soon invalid anyway). However I won't post the new key.

@Gudui
Copy link

Gudui commented Aug 13, 2017

@Thamos
Thanks for the tip, i'll try then :-).

@Daedra223
Copy link

@guidui and @kian1991 true please delete all keys and avoid spamming and missusing ...

@Thamos
Copy link

Thamos commented Aug 20, 2017

@Daedra223 How come the sudden change of opinion?

@Daedra223
Copy link

@Thamos thinking about the aim of jodel to create an original repostfree community, that I dont want to destroy ... so thats why we should stop publicate the keyd and better communicate them within a small group of person. Nevertheless the more knowing them the faster jodel finds a way to change it ... so to keep that working just send it privatelly to certain ppl

@aschaeufler
Copy link

aschaeufler commented Aug 20, 2017 via email

@Daedra223
Copy link

@aschaeufler I didnt say that I belong to this small group of person who should get the key. To protect the community I would rather prefer to not get it than to let everyone have it ... so jodel becomes a massive reposting platform ...

@andrelanger
Copy link

it seems like the api key has changed again...

jodel-api v1.2.10

j = jodel_api.JodelAccount(lat=lat, lng=lng, city=city)
Creating new account.
Traceback (most recent call last):
File "", line 1, in
File "/usr/local/lib/python2.7/dist-packages/jodel_api/jodel_api.py", line 56, in init
r = self.refresh_all_tokens(**kwargs)
File "/usr/local/lib/python2.7/dist-packages/jodel_api/jodel_api.py", line 136 , in refresh_all_tokens
raise Exception(resp)
Exception: (477, {u'metadata': None, u'error': u'Signed request expected'})

@petrekova
Copy link

petrekova commented Mar 13, 2018

@andrelanger take a look at this Repo to generate your own key.

Note that the scripts are somewhat broken. E.g. download_apk.sh doesn't work anymore(because the apk provider probably changed the way it provides the apk). So you'll have to either fix the script(see this file of @nborrmann )or you'll have to manually download the newest apk and then point to it in decrypt.sh.

By the way, @nborrmann, could it be that your build script is broken? I took a look at your Travis CI and it seems it has some issue with pip if I remember right. Otherwise it should push the newest version with the signed keys automatically, shouldn't it?

@nborrmann
Copy link
Owner

nborrmann commented Mar 13, 2018

@petrekova Yeah, that's a bit broken. But it does publish the newest version on PyPI, the issue is that it fails if the current version already exists on PyPI. Previously it just failed silently, now it crashes the build. I was too lazy to fix it tbh.

@m7ariri
Copy link

m7ariri commented Apr 9, 2018

4.80.5 signing key?

@nknappe
Copy link

nknappe commented Apr 12, 2018

@m7ariri
4.80.5 is outdated

@deucalion
Copy link

This bug looks like a prime candidate for "wontfix"... 😏😉

@guitar9
Copy link

guitar9 commented Apr 24, 2018

when does the new version comes out? get errot 477

@UMTti
Copy link

UMTti commented Jul 20, 2018

@nborrmann @ioncodes Do you know is there now any working way to retrieve signing key? Or can you update this pip package to work?

@ioncodes
Copy link
Contributor

@UMTti I have the keys but I'm not allowed to share them anymore :/

@deucalion
Copy link

deucalion commented Jul 24, 2018

What's so hard to understand?

The entire point is to make it not too easy for amateurs to use this so Jodel won't get flooded with spam and Jodel HQ won't implement further measures to bar others from using their platform.

One user in this thread already has been kind enough to share a tool to allow extraction of a new key; if you are unable to use it, either improve your skill level or leave the rest of us here alone... PLEASE.

@nborrmann please close this bug and mark it as wontfix.

@ioncodes
Copy link
Contributor

Tbh, the tool didn't work anymore at some point. I had to make my own, are you sure it actually works for you?

@deucalion
Copy link

Only with a few adaptations, admittedly. But if you're familiar enough with the tooling, I wouldn't consider that a real issue.

@ioncodes
Copy link
Contributor

Well I'm not really familiar with it since I have my own tool xD I don't like relying on other people too much

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests