Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unknown problem causing a connection that would go through in other frameworks to 403 #290

Closed
gabrielmedici opened this issue Jul 8, 2022 · 1 comment
Closed

Unknown problem causing a connection that would go through in other frameworks to 403 #290

gabrielmedici opened this issue Jul 8, 2022 · 1 comment

Comments

@gabrielmedici
Copy link

I'm trying to connect to discord's qrcode server via websockets but something in tungstenite or the packages it depends on is making the server throw a 403.
I don't have enough knowledge to debug this and figure out what is happening so i thought i would share it here.

I was able to get the connection to work using the deprecated websocket crate and i was also able to run this python project that does the same thing using the websocket-client pip package

Discord doesn't do anything sophisticated to protect the service. Setting "origin" to "htttps://discord.com" is enough
And no, i'm not trying to create qrcodes to scam people. i'm trying to implement qr code login in my custom client to make the login process more convenient.

I don't really know what more information i need to give because i don't know what is happening. but if anyone wants more specific information i would be happy to try and help.

Anyways, here are some snippets that may or may not be useful and sorry for the vague description. i really don't know what's going on.

Code

The code i ran using the websocket crate 
use websocket::ClientBuilder;

fn main() {
  env_logger::init();

  let mut client = ClientBuilder::new("wss://remote-auth-gateway.discord.gg/?v=1")
      .unwrap()
      .origin("https://discord.com".to_string())
      .connect(None)
      .unwrap();

  let response = client.recv_message().unwrap();
  println!("{:?}", response);
}
The code i ran using tungstenite:

use tungstenite::{
    connect,
    handshake::client::generate_key,
    http::Request
};

fn main() {
    env_logger::init();

    let request = Request::builder()
        .uri("wss://remote-auth-gateway.discord.gg/?v=1")
        .header("Host", "remote-auth-gateway.discord.gg")
        .header("Origin", "https://discord.com")
        .header("Connection", "upgrade")
        .header("Upgrade", "websocket")
        .header("Sec-Websocket-Key", generate_key())
        .header("Sec-WebSocket-Version", "13")
        .body(())
        .unwrap();

    let (mut socket, response) = connect(request).unwrap();
}

Info

cargo.toml 
[package]
name = "discord-client"
version = "0.1.0"
edition = "2021"

[dependencies]
tokio = { version = "1.19.2", features=["full"] }
tungstenite = { version = "0.17.2", features=["rustls-tls-webpki-roots"] }
websocket = "0.26.4"
futures = "0.3.21"

log = "0.4.17"
env_logger = "0.9.0"

serde = "1.0.138"
serde_json = "1.0.82"

rsa = "0.6.1"
sha2 = "0.10.2"
base64 = "0.13.0"

qrcode = "0.12.0"

System information:

Windows 21H2 (OS Build 19044.1766)
rustc 1.61.0 (fe5b13d68 2022-05-18)

Outputs

Output with RUST_LOG=trace & native-tls (it's the same with "native-tls-vendored") 
[2022-07-08T21:58:32Z DEBUG tungstenite::client] Trying to contact wss://remote-auth-gateway.discord.gg/?v=1 at 162.159.134.234:443...
[2022-07-08T21:58:32Z TRACE tungstenite::handshake::client] Request: "GET /?v=1 HTTP/1.1\r\nHost: remote-auth-gateway.discord.gg\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nSec-WebSocket-Key: mNB+WBI1l3T4Xh5JEHSFow==\r\norigin: https://discord.com\r\n\r\n"
[2022-07-08T21:58:32Z TRACE tungstenite::handshake::client] Client handshake initiated.
[2022-07-08T21:58:32Z TRACE tungstenite::handshake::machine] Doing handshake round.
[2022-07-08T21:58:32Z TRACE tungstenite::handshake::machine] Doing handshake round.
thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: Http(Response { status: 403, version: HTTP/1.1, headers: {"date": "Fri, 08 Jul 2022 21:58:32 GMT", "content-type": "text/plain; charset=UTF-8", "content-length": "16", "connection": "keep-alive", "x-frame-options": "SAMEORIGIN", "referrer-policy": "same-origin", "cache-control": "private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0", "expires": "Thu, 01 Jan 1970 00:00:01 GMT", "expect-ct": "max-age=604800, report-uri=\"https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct\"", "report-to": "{\"endpoints\":[{\"url\":\"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhV6eA9fLmhgp%2BcvxzzE1NDAoJhEDWhzBLlKpuYyYwUblzk5vU4m2KeyQrilK9Bt4vSCcfouIKoZVsUabPFJEMcpZfpMQRoTg2OH%2FdZjF8Ftgh4JsiXuLOS93yAxsLqGGQrHxNetqY4F2ptb4HCIlQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}", "nel": "{\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "x-content-type-options": "nosniff", "server": "cloudflare", "cf-ray": "727c14f6983ba4c9-GRU"}, body: None })', src\main.rs:41:51
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
Output with RUST_LOG=trace & rustls-tls-native-roots (warning: very big.) (same with rustls-tls-webpki-roots) 
[2022-07-08T22:13:32Z DEBUG tungstenite::client] Trying to contact wss://remote-auth-gateway.discord.gg/?v=1 at 162.159.130.234:443...
[2022-07-08T22:13:32Z DEBUG rustls::client::hs] No cached session for DnsName(DnsName(DnsName("remote-auth-gateway.discord.gg")))
[2022-07-08T22:13:32Z DEBUG rustls::client::hs] Not resuming any session
[2022-07-08T22:13:32Z TRACE rustls::client::hs] Sending ClientHello Message {
      version: TLSv1_0,
      payload: Handshake {
          parsed: HandshakeMessagePayload {
              typ: ClientHello,
              payload: ClientHello(
                  ClientHelloPayload {
                      client_version: TLSv1_2,
                      random: e3f0737be41dda9d618a46fb7605b87a08533a3f6f7061407e78f4d12d6ad01c,
                      session_id: 4b0df79b1d5b34d9de8e94f58bb076b60ed43c1947c0909ac79452ecefae0038,
                      cipher_suites: [
                          TLS13_AES_256_GCM_SHA384,
                          TLS13_AES_128_GCM_SHA256,
                          TLS13_CHACHA20_POLY1305_SHA256,
                          TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
                          TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
                          TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
                          TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
                          TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
                          TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
                          TLS_EMPTY_RENEGOTIATION_INFO_SCSV,
                      ],
                      compression_methods: [
                          Null,
                      ],
                      extensions: [
                          SupportedVersions(
                              [
                                  TLSv1_3,
                                  TLSv1_2,
                              ],
                          ),
                          ECPointFormats(
                              [
                                  Uncompressed,
                              ],
                          ),
                          NamedGroups(
                              [
                                  X25519,
                                  secp256r1,
                                  secp384r1,
                              ],
                          ),
                          SignatureAlgorithms(
                              [
                                  ECDSA_NISTP384_SHA384,
                                  ECDSA_NISTP256_SHA256,
                                  ED25519,
                                  RSA_PSS_SHA512,
                                  RSA_PSS_SHA384,
                                  RSA_PSS_SHA256,
                                  RSA_PKCS1_SHA512,
                                  RSA_PKCS1_SHA384,
                                  RSA_PKCS1_SHA256,
                              ],
                          ),
                          ExtendedMasterSecretRequest,
                          CertificateStatusRequest(
                              OCSP(
                                  OCSPCertificateStatusRequest {
                                      responder_ids: [],
                                      extensions: ,
                                  },
                              ),
                          ),
                          ServerName(
                              [
                                  ServerName {
                                      typ: HostName,
                                      payload: HostName(
                                          (
                                              72656d6f74652d617574682d676174657761792e646973636f72642e6767,
                                              DnsName(
                                                  "remote-auth-gateway.discord.gg",
                                              ),
                                          ),
                                      ),
                                  },
                              ],
                          ),
                          SignedCertificateTimestampRequest,
                          KeyShare(
                              [
                                  KeyShareEntry {
                                      group: X25519,
                                      payload: 3fb9da981f834cf01e4dbae036ce514c08092e17c7c65aa966d15a6b62480f20,
                                  },
                              ],
                          ),
                          PresharedKeyModes(
                              [
                                  PSK_DHE_KE,
                              ],
                          ),
                          SessionTicket(
                              Request,
                          ),
                      ],
                  },
              ),
          },
          encoded: 010000fc0303e3f0737be41dda9d618a46fb7605b87a08533a3f6f7061407e78f4d12d6ad01c204b0df79b1d5b34d9de8e94f58bb076b60ed43c1947c0909ac79452ecefae00380014130213011303c02cc02bcca9c030c02fcca800ff0100009f002b00050403040303000b00020100000a00080006001d00170018000d001400120503040308070806080508040601050104010017000000050005010000000000000023002100001e72656d6f74652d617574682d676174657761792e646973636f72642e676700120000003300260024001d00203fb9da981f834cf01e4dbae036ce514c08092e17c7c65aa966d15a6b62480f20002d0002010100230000,
      },
  }
[2022-07-08T22:13:32Z TRACE tungstenite::handshake::client] Request: "GET /?v=1 HTTP/1.1\r\nHost: remote-auth-gateway.discord.gg\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nSec-WebSocket-Key: x+e559q0lG5lPiQANtmgsw==\r\norigin: https://discord.com\r\n\r\n"
[2022-07-08T22:13:32Z TRACE tungstenite::handshake::client] Client handshake initiated.
[2022-07-08T22:13:32Z TRACE tungstenite::handshake::machine] Doing handshake round.
[2022-07-08T22:13:32Z TRACE rustls::client::hs] We got ServerHello ServerHelloPayload {
      legacy_version: TLSv1_2,
      random: d1f884f529905958d0acfaa2ae5ac7f57cbbdece5e56009012b7f890db65c8cd,
      session_id: 4b0df79b1d5b34d9de8e94f58bb076b60ed43c1947c0909ac79452ecefae0038,
      cipher_suite: TLS13_AES_256_GCM_SHA384,
      compression_method: Null,
      extensions: [
          KeyShare(
              KeyShareEntry {
                  group: X25519,
                  payload: dfa19d709cb9b9caf30eb758d3e5595d222ad22f8b6c03b298459265a903a438,
              },
          ),
          SupportedVersions(
              TLSv1_3,
          ),
      ],
  }
[2022-07-08T22:13:32Z DEBUG rustls::client::hs] Using ciphersuite TLS13_AES_256_GCM_SHA384
[2022-07-08T22:13:32Z DEBUG rustls::client::tls13] Not resuming
[2022-07-08T22:13:32Z TRACE rustls::client::client_conn] EarlyData rejected
[2022-07-08T22:13:32Z TRACE rustls::conn] Dropping CCS
[2022-07-08T22:13:32Z DEBUG rustls::client::tls13] TLS1.3 encrypted extensions: [ServerNameAck]
[2022-07-08T22:13:32Z DEBUG rustls::client::hs] ALPN protocol is None
[2022-07-08T22:13:32Z TRACE rustls::client::tls13] Server cert is [Certificate(b"0\x82\x05\x110\x82\x04\xb7\xa0\x03\x02\x01\x02\x02\x10\x0b\xe68\xe2\xc6\xfb\x81\xbf\xe5Z\xc9\\\xedm\x81\xd00\n\x06\x08*\x86H\xce=\x04\x03\x020J1\x0b0\t\x06\x03U\x04\x06\x13\x02US1\x190\x17\x06\x03U\x04\n\x13\x10Cloudflare, Inc.1 0\x1e\x06\x03U\x04\x03\x13\x17Cloudflare Inc ECC CA-30\x1e\x17\r211211000000Z\x17\r221211235959Z0j1\x0b0\t\x06\x03U\x04\x06\x13\x02US1\x130\x11\x06\x03U\x04\x08\x13\nCalifornia1\x160\x14\x06\x03U\x04\x07\x13\rSan Francisco1\x190\x17\x06\x03U\x04\n\x13\x10Cloudflare, Inc.1\x130\x11\x06\x03U\x04\x03\x13\ndiscord.gg0Y0\x13\x06\x07*\x86H\xce=\x02\x01\x06\x08*\x86H\xce=\x03\x01\x07\x03B\0\x04YRo\xb1b\xff\x81\x01\x07P\x8ae\r\x0c\xf7\x8e\x0f4\xf7}\xab\xbf$\x81\xe4\xa6l\x8e\xd31\xe8:\xce\xe2x\xc5N$\xca\x0c\xc0\xediM\xa1_\xfd\x86\x8a\x0cFr\xa7\xfe\xa2\x8e\xf6\x1f\x9f9~T.\x14\xa3\x82\x03]0\x82\x03Y0\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xa5\xce7\xea\xeb\xb0u\x0e\x94g\x88\xb4E\xfa\xd9$\x10\x87\x96\x1f0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\x17\xe2A\x1d\xe1\xc4 \xb2O\x94\xabA\xf9\xde\x13 \x80}=\xe50#\x06\x03U\x1d\x11\x04\x1c0\x1a\x82\x0c*.discord.gg\x82\ndiscord.gg0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x07\x800\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020{\x06\x03U\x1d\x1f\x04t0r07\xa05\xa03\x861http://crl3.digicert.com/CloudflareIncECCCA-3.crl07\xa05\xa03\x861http://crl4.digicert.com/CloudflareIncECCCA-3.crl0>\x06\x03U\x1d \x0470503\x06\x06g\x81\x0c\x01\x02\x020)0'\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16\x1bhttp://www.digicert.com/CPS0v\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04j0h0$\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x18http://ocsp.digicert.com0@\x06\x08+\x06\x01\x05\x05\x070\x02\x864http://cacerts.digicert.com/CloudflareIncECCCA-3.crt0\x0c\x06\x03U\x1d\x13\x01\x01\xff\x04\x020\00\x82\x01~\x06\n+\x06\x01\x04\x01\xd6y\x02\x04\x02\x04\x82\x01n\x04\x82\x01j\x01h\0w\0)y\xbe\xf0\x9e99!\xf0Vs\x9fc\xa5w\xe5\xbeW}\x9c`\n\xf8\xf9M]&\\%]\xc7\x84\0\0\x01}\xa6\xee\r\xfb\0\0\x04\x03\0H0F\x02!\0\xeaA\x81\xa6\xd7iV\x16\xd5\x8d\x1a\x17\\\xea\xbb\x12 \xa6\xdd\xb4#\xad]\xeb\x7f\x16\xffA\xc9\x7fF%\x02!\0\xff\t\x17\xd7Z\xde\x0b=k-g1\xb3u\xbag\xe8\xa8\xc4\xef\xda\xc4\x18\xf9N\x94xP\x0c0\x0e\xaa\0u\0A\xc8\xca\xb1\xdf\"FJ\x10\xc6\xa1:\tB\x87^N1\x8b\x1b\x03\xeb\xebK\xc7h\xf0\x90b\x96\x06\xf6\0\0\x01}\xa6\xee\r\xfa\0\0\x04\x03\0F0D\x02 F\xfa\xb7d\x06B\xe0`tQW\x88{\xd4\xf51#\x95ER\xf3\xbc\xd6o\\q\xf4G~\xf0\xa75\x02 a\x19;\x19.|\x8a,\xb5N\x83\x81\xc3\xae\xbdZ\xca1\x14\xccs\x96\xce\xef\x89MSkE\x18NC\0v\0\xdf\xa5^\xabh\x82O\x1fl\xad\xee\xb8_N>Z\xea\xcd\xa2\x12\xa4j^\x8e;\x12\xc0 D\\*s\0\0\x01}\xa6\xee\x0eQ\0\0\x04\x03\0G0E\x02!\0\xfa\x1c \xbag\xbf\xb5k\x95,\x84\x05\xf12S5\x08>X9\xc0\xa4\x01\n\xda\x19*\xb3\xd8\xd0\xc8\xf6\x02 K,1*7\x15tN\xfd\xa5L\\\xf7A\xe6\x0f\x01\x06\xdc`\xb0q\xc1\xcfRU?\xb7\x84%n\xf40\n\x06\x08*\x86H\xce=\x04\x03\x02\x03H\00E\x02!\0\x8aVm\xfb!\xab\xaa\xeay\xf6\xbd\r\xae\xd2^\x16B\xdf\xcd'|b\xfb-j\xb3@\xefed\x07\x90\x02 >K\xab\xab\r\x08\x8e\xc6<\x0e9F\x9c1I\xbe\x8d\xd7\\\xf0A\x94\x81!\xa7\xc8j\xd9\x0b(\x16\xa6"), Certificate(b"0\x82\x03\xcd0\x82\x02\xb5\xa0\x03\x02\x01\x02\x02\x10\n7\x87d^_\xb4\x8c\"N\xfd\x1b\xed\x14\x0c<0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\00Z1\x0b0\t\x06\x03U\x04\x06\x13\x02IE1\x120\x10\x06\x03U\x04\n\x13\tBaltimore1\x130\x11\x06\x03U\x04\x0b\x13\nCyberTrust1\"0 \x06\x03U\x04\x03\x13\x19Baltimore CyberTrust Root0\x1e\x17\r200127124808Z\x17\r241231235959Z0J1\x0b0\t\x06\x03U\x04\x06\x13\x02US1\x190\x17\x06\x03U\x04\n\x13\x10Cloudflare, Inc.1 0\x1e\x06\x03U\x04\x03\x13\x17Cloudflare Inc ECC CA-30Y0\x13\x06\x07*\x86H\xce=\x02\x01\x06\x08*\x86H\xce=\x03\x01\x07\x03B\0\x04\xb9\xadMf\x99\x14\x0bF\xec\x1f\x81\xd1*P\x1e\x9d\x03\x15/4\x12}-\x96\xb8\x888\x9b\x85_\x8f\xbf\xbbM\xefaF\xc4\xc9s\xd4$O\xe0\xee\x1c\xcel\xb3Qq/j\xeeL\x05\tw\xd3rb\xa4\x9b\xd7\xa3\x82\x01h0\x82\x01d0\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14\xa5\xce7\xea\xeb\xb0u\x0e\x94g\x88\xb4E\xfa\xd9$\x10\x87\x96\x1f0\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14\xe5\x9dY0\x82GX\xcc\xac\xfa\x08T6\x86{:\xb5\x04M\xf00\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x860\x1d\x06\x03U\x1d%\x04\x160\x14\x06\x08+\x06\x01\x05\x05\x07\x03\x01\x06\x08+\x06\x01\x05\x05\x07\x03\x020\x12\x06\x03U\x1d\x13\x01\x01\xff\x04\x080\x06\x01\x01\xff\x02\x01\004\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x04(0&0$\x06\x08+\x06\x01\x05\x05\x070\x01\x86\x18http://ocsp.digicert.com0:\x06\x03U\x1d\x1f\x043010/\xa0-\xa0+\x86)http://crl3.digicert.com/Omniroot2025.crl0m\x06\x03U\x1d \x04f0d07\x06\t`\x86H\x01\x86\xfdl\x01\x010*0(\x06\x08+\x06\x01\x05\x05\x07\x02\x01\x16\x1chttps://www.digicert.com/CPS0\x0b\x06\t`\x86H\x01\x86\xfdl\x01\x020\x08\x06\x06g\x81\x0c\x01\x02\x010\x08\x06\x06g\x81\x0c\x01\x02\x020\x08\x06\x06g\x81\x0c\x01\x02\x030\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\0\x03\x82\x01\x01\0\x05$\x1d\xdd\x1b\xb0*\xeb\x98\xd6\x85\xe39M^kW\x9d\x82W\xfc\xeb\xe81\xa2W\x90e\x05\xbe\x16D8Zw\x02\xb9\xcf\x10B\xc6\xe1\x92\xa4\xe3E'\xf8\0G,h\xa8V\x99ST\x8f\xad\x9e@\xc1\xd0\x0f\xb6\xd7\r\x0b8HlP,I\x90\x06[d\x1d\x8b\xccH0.\xde\x08\xe2\x9bI\"\xc0\x92\x0c\x11^\x96\x92\x94\xd5\xfc \xdcVl\xe5\x92\x93\xbfz\x1c\xc07\xe3\x85I\x15\xfa+\xe1t9\x18\x0f\xb7\xda\xf3\xa2WX`O\xcc\x8e\x94\0\xfcF{41>MG\x82\x81:\xcb\xf4\x89]\x0e\xefM\rn\x9c\x1b\x82$\xdd2%]\x11xQ\x10=\xa05#\x04/eo\x9c\xc1\xd1C\xd7\xd0\x1e\xf31gY'\xddk\xd2u\t\x93\x11$$\x14\xcf)\xbe\xe6#\xc3\xb8\x8fr?\xe9\x07\xc8$DSz\xb3\xb9ae\xa1L\x0e\xc6H\0\xc9uc\x05\x87pER\x83\xd3\x95\x9dE\xea\xf0\xe81\x1d~\t\x1f\n\xfe>\xdd\xaa<^t\xd2\xac\xb1")]
[2022-07-08T22:13:32Z TRACE tungstenite::handshake::machine] Doing handshake round.
[2022-07-08T22:13:32Z DEBUG rustls::client::tls13] Ticket saved
[2022-07-08T22:13:32Z DEBUG rustls::client::tls13] Ticket saved
thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: Http(Response { status: 403, version: HTTP/1.1, headers: {"date": "Fri, 08 Jul 2022 22:13:32 GMT", "content-type": "text/plain; charset=UTF-8", "content-length": "16", "connection": "keep-alive", "x-frame-options": "SAMEORIGIN", "referrer-policy": "same-origin", "cache-control": "private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0", "expires": "Thu, 01 Jan 1970 00:00:01 GMT", "expect-ct": "max-age=604800, report-uri=\"https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct\"", "report-to": "{\"endpoints\":[{\"url\":\"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uml9w7zS4j%2BF6mMLB3zPbgdYicpX3eqle6TaWjwaOI1P2sW8VuUDYaaFnfZiuOxfpmmbkvKHElTF4oHson8va7Y9j%2FnmPewjSw1UgyCuJTMOsELd71uU3AVuTz8mLrhSkIekE7P2tOpa%2FSy8QpYuag%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}", "nel": "{\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "x-content-type-options": "nosniff", "server": "cloudflare", "cf-ray": "727c2aedfec0a5cb-GRU"}, body: None })', src\main.rs:35:51
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
The verbose output from the python project 
--- request header ---
GET /?v=1 HTTP/1.1
Upgrade: websocket
Host: remote-auth-gateway.discord.gg
Origin: http://remote-auth-gateway.discord.gg
Sec-WebSocket-Key: 6xXJJCmycK0LPoZkhF8Gkw==
Sec-WebSocket-Version: 13
Connection: upgrade
Origin: https://discord.com


-----------------------
--- response header ---
HTTP/1.1 101 Switching Protocols
Date: Fri, 08 Jul 2022 22:58:00 GMT
Connection: upgrade
sec-websocket-accept: tu1kEhffL/KhTRL/R3UIndnR3Gg=
upgrade: websocket
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtVYWuSYiSkXERk7%2FQ5veMMJyBNjPoQBOVS5xycjHDbjay8CYWfGRNXPRR9BBZtAedCg3FgbE1N2iQq3%2BwHqhLaG2Fgx%2F69nDoarn%2F0RNij2XUhKfeB1LDwzQrxR3fwK%2FQF6dH%2BrsWGmU7q2qxhvrg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 727c6c0edbdca6b8-GRU
-----------------------
Recv: {"timeout_ms":125818,"op":"hello","heartbeat_interval":41250}
Attempting server handshake...
Send: {'op': 'init', 'encoded_public_key': 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9YFvvN/xoOL3W4gXnNilOnBCe4mwUvyvMtIWGvPcqecT2a0/f4hhcn6KkbNipKrrJAJXfQkNlkaTtkyQ79Qjv/NgRUVG7LqTzR1f4mqJvV77h4xkuUTr/z2w7ccbdrxs/iUMcE1tZ906KB4YbBvcbXPxtUKAQvQp4jbx7LS/jXTkL9HPAWE8NuXf1uYyS2iwGvCDv1H36EdhZD4Uq5EZMTC8e0+dk3wZ21YASqSildSdinJNQzaD4RcxnblnRYFD4dp2ja0CtRAeKcLWhCJCTYVpAP8uMnQxput7miBp9rh1pYWoLcwbLeuN2EasvRLWpSVezOVAEtq13//o98nItQIDAQAB'}
send: b'\x81\xfe\x01\xb02\xf7\x14\xdcI\xd5{\xac\x10\xcd4\xfe[\x99}\xa8\x10\xdb4\xfeW\x99w\xb3V\x92p\x83B\x82v\xb0[\x94K\xb7W\x8e6\xe6\x12\xd5Y\x95{\xb5]\xb6s\xb9V\xbbY\x86|\xb7[\xb0-\xab\x02\xb5U\x8dw\xb1U\x9d}\xb4U\x8d\n\xb6Y\x95{\xb5W\xbby\xb4U\x8dw\xb6-\x85t\x81b\x92\x1d\x8f{\x93~\xc4C\xe8U\xafz\x92[\x9b[\xb2p\xb4q\xe8_\x80A\xaaK\x81Y\xa8{\xa0S\xaab\x94e\xb9Q\xa3&\xbd\x02\xd8r\xe8Z\x9fw\xb2\x04\xbc\x7f\xbe|\x9ed\x97@\x85^\x9dx\xafr\x8dY\xb9x\xb7S\xa3`\xb7K\xa6#\xe5c\x9db\xf3|\x90F\x89d\xb0#\x90C\xa3n\x8e\x03\x91 \xb1C\xbdb\x8a\x05\xc0|\xe8J\x9ca\x89f\x85;\xa6\x00\x80#\xbfQ\x95p\xaeJ\x84;\xb5g\xbaw\x99\x03\x83N\xe5\x02\xc1_\x9e\x06\xaev\x9eD\x94v\x84b\x8f`\x89y\xb6E\xaac\x87 \xb6P\x8f#\x90a\xd8~\x84f\x9cX\xe5z\xa7U\x8bw\xcfZ\xa9j\x91%\xa9k\x8eG\xee[\x80S\xaaq\xb3b\xedz\xc4"\x99V\x9fN\x98\x06\xa2e\xe9w\xadY\x88q\xcfq\xec\x19\x93\x7f\xefE\xad&\xedk\xb6G\xada\x9ex\xb8a\x93}\xb2x\xb9E\xa6S\xb3 \x8eQ\x8fz\xbe^\x99F\x85t\xb3 \xb8B\xc5~\xbd\x02\xb4`\x8es\x92_\xbf~\xa0|\x9fx\xb4@\x85d\x87U\x8c\n\x82Y\xb2c\x8fd\xa9F\xc0y\xb5p\x87-\xaeZ\xc6d\x85e\x98X\xbfE\x95X\xb9G\xb9&\x99S\x84b\x8e~\xa0d\x8fd\x92n\x93d\xb6Q\xa8C\xc6\'\xf3\x1d\x98-\xe4\\\xbe`\x8d{\xb3U\x8ds\xb56\xa1'
Recv: {"op":"nonce_proof","encrypted_nonce":"MqFM3uTlmRCGR1ZL7aK4DmxYZIejvdS42NB7vBZhMhbi2VEtBPHO0vBVq/FkGGgr2u+Rlztr8Gv03EyWhK2fUIavBpg/ge2NvyvITF5Ft/tYjGakYtwnbk09MSp9AWyI2YYZnY0A9eCkm/U6qBWisp/FSIn5SKf2sJlUGXqfL9Q21O8X3XUavMAwZ/UbuDdopX+FvhOMcZoEDBmi+JnrIFwvwEatjibImeisZf3+DdvicNfrJwjVpNt048raK+w0ykDGYSW5CsoDycrNceVzP8F4JRe58vELMUkVtAQrdV9OeSr8l8fkgH7k5/wD/96e3fJgXkiiVD8YwEaS/Od5CQ=="}
Send: {'op': 'nonce_proof', 'proof': 'XgiLRgBoxS1FzTFxOcHJx8v7NyfTmA18wzLfJJnxXdc'}
send: b'\x81\xcdY\n\xf0\xe0"(\x9f\x90{0\xd0\xc27e\x9e\x83<U\x80\x926e\x96\xc2u*\xd2\x90+e\x9f\x86{0\xd0\xc2\x01m\x99\xac\x0bm\xb2\x8f!Y\xc1\xa6#^\xb6\x98\x16i\xb8\xaa!2\x86\xd7\x17s\x96\xb44K\xc1\xd8.p\xbc\x86\x13@\x9e\x98\x01n\x93\xc2$'
Recv: {"op":"pending_remote_init","fingerprint":"1ESJ4iYie-jgRNQoOVjUXqxRbkrSE4DFp1KYMP9JWYI"}
Please scan the QR code to continue.
Send: {'op': 'heartbeat'}
send: b'\x81\x93$\xf1\x995_\xd3\xf6E\x06\xcb\xb9\x17L\x94\xf8GP\x93\xfcTP\xd3\xe4'
Recv: {"op":"heartbeat_ack"}
@daniel-abramov
Copy link
Member

Ok, the issue is caused by the Origin header. Some poorely-built servers expect case-sensitive headers. This issue has been mentioned a couple of times and has recently been fixed for Origin header here: #287

But the new version with the fix has not yet been released.

I'm going to release a new version. Meanwhile you can try to use the version from master:

tungstenite = { git = "https://github.com/snapview/tungstenite-rs", branch = "master", features = [ "rustls-tls-webpki-roots" ] }

I was able to make it work with the following simple code:

use tungstenite::{client::IntoClientRequest, http::HeaderValue};

fn main() {
    let mut request = "wss://remote-auth-gateway.discord.gg/?v=1".into_client_request().unwrap();
    request.headers_mut().append("Origin", HeaderValue::from_static("https://discord.com"));
    tungstenite::connect(request).unwrap();
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@daniel-abramov @gabrielmedici