googleplay-api icon indicating copy to clipboard operation
googleplay-api copied to clipboard
verified publisher icon NoMore201

Ability to reuse gsf-ids instead of creating new ones each time?

Open SeBsZ opened this issue 7 years ago • 13 comments

Hello @NoMore201,

It seems that I'm a bit confused right now on how to properly use this. I've noticed that NoMore201/googleplay-api supports two methods to authenticate with Google - either I

  1. specify a token and gsf-id, or
  2. specify an email and password

If I use method 1. Everything works as long as I specify a valid token and gsf-id in the constructor, and that device already exists in the Google account. If I use method 2, every time it creates a new gsf-id and uploads my device config using uploadDeviceConfig(). This works the way I want it to, but it feels like creating new gsf-ids every single time for the same device is a waste.

What I'm looking for is a way to reuse gsf-ids but create new ones only when they expire or stop working.

Ideally googleplay-api would accept an auth token as well as an email, password, gsf-id and device codename. It should then check if the auth token and gsf-id are valid. If they are not, it could use the email and password to create a new gsf-id and upload the device config. However, it should return the gsf-id and auth token to me somehow so I can store it somewhere. Then I also don't need to use token-dispenser.

I also use @matlink gplaycli, but I'm working on modifying it to better suit my needs (I added a command line parameter to get --details). I feel like these libraries can work better together. Why are we using token-dispenser to get authentication tokens, when NoMore201/googleplay-api also supports getting authentication tokens?

I hope what I managed to type makes sense. Please let me know if I got any of this wrong. Thanks for all your work.

SeBsZ avatar Mar 08 '18 16:03 SeBsZ

Basically I introduced tokens in gplaycli to have an outofbox working apk downloader. Moreover, it was designed to be shipped in Debian, and providing default login and password was something unwanted. Also, having an unique instance providing tokens can handle the privacy issue: as far as you use proxy or Tor, Google cannot know who you are.

matlink avatar Mar 08 '18 17:03 matlink

Very interested to see @NoMore201's comments on reusing GSFIDs without duplicating them every time the API runs.

archon810 avatar Mar 08 '18 17:03 archon810

GSFIDs are reused in gplaycli until they expire. I don't think it's the job of this api to check for token validity as it should remain simple.

matlink avatar Mar 08 '18 17:03 matlink

@matlink you are only storing one gsfid in your token cache file. I don't understand how your code allows for multiple gsfids for a single google account.

Also, I agree the API should remain simple, but it currently already grabs tokens. It already has this functionality right now.

SeBsZ avatar Mar 08 '18 17:03 SeBsZ

Why would need you multiple gsfid for one account ?

matlink avatar Mar 08 '18 17:03 matlink

When you want to download multiple APKs for different devices?

SeBsZ avatar Mar 08 '18 17:03 SeBsZ

  1. There are multi-APKs with different DPIs, architectures, and minAPIs. Here's YouTube with 40 variants https://www.apkmirror.com/apk/google-inc/youtube/youtube-13-03-58-release/.

  2. APK device compatibility could very widely. Some APKs can only be downloaded by specific makers (Samsung apps by Samsung devices, HTC by HTC, etc), some are Android TV-only, some are Android Wear only, etc.

There are many reasons to use multiple profiles and GSF IDs, and it seems gpapi already realized this because https://github.com/NoMore201/googleplay-api/blob/e05d126f6b61942cedc8003c9dcd154569bfc0f2/gpapi/device.properties contains many different profiles.

archon810 avatar Mar 08 '18 17:03 archon810

If I remember well, GSF ID is not bound to a specific device. So you can use the same GSF ID to download different apk for different devices.

matlink avatar Mar 08 '18 20:03 matlink

That is something I'd like to know for sure. Can you or anyone confirm this?

SeBsZ avatar Mar 08 '18 20:03 SeBsZ

I've never heard this - GSF ID has always been specific to a registered device under a certain account. You then use the GSF ID to download an app, and it's what tells Google Play what device is downloading.

For example, DummyDroid http://www.onyxbits.de/dummydroid registers a device and gives you a GSF ID you can then use.

Various GSF ID apps on the Play Store show you GSF IDs, which vary with devices under your account https://play.google.com/store/search?q=gsf%20id&c=apps. Device A will show a different GSF ID from device B.

How else would you tell the Google Play API what device is trying to download a given APK? As far as I know, GSF ID is basically a device identifier.

archon810 avatar Mar 08 '18 20:03 archon810

In the request User-Agent there is a 'device=' argument to specify the device making the request.

matlink avatar Mar 08 '18 22:03 matlink

@matlink Yes, that's indeed used by Google API as well, but it's nowhere near enough for the real full compatibility. It also looks at features, libraries, arch, DPI information, and other things that were used to create the GSF ID to see if it should serve you a given APK or not. The user agent alone, while important, is only a small piece of the puzzle.

archon810 avatar Mar 08 '18 23:03 archon810

I've made a pull request with token reuse capability but I'm not sure either my request will be merged or not as I'm basically a PHP developer with limited Python understanding. BTW if someone still needs this feature, then here is my fork: https://github.com/rehmatworks/googleplay-api

Use do_login() method instead login() to create (a device-specific) cache of gsfid and token and reuse it if valid.

rehmatworks avatar May 20 '18 21:05 rehmatworks