fut
fut copied to clipboard
Published
20 hours ago •
futapi
futapi
New login verification system
The reason of creating new issue is to collect all info about new verification system (code, secreat answer, captcha etc.) in one place.
- Secret answer is no used anymore since we got code validation?
- Captcha pops out in login process or just when you are logged in and make to fast requests?
PS. I've pushed new commit (33f7192f55fc89820fe301cf8dcbf2e3490210fd) that enables two step verification (email/sms code), it's not yet tested and probably doesn't work ;-).
TODO:
- Captcha exception should return image id/url so we can manage it
- add new method to solve captcha (sends string)
- new method/plugin(?) that uses some kind of captcha resolver (deathbycaptcha.com)
- All my test not asking the secret answer after code
- captcha only on to fast requests
update
- after changing computer the secret answer is aked after code
I have made a script that dips into the email inbox and gets the code - but i cannot for the life of me find out what URL to send the request too. The params are...
"twoFactorCode" => $thecode, "_trustThisDevice" => "on", "trustThisDevice" => "on", "_eventId" => "submit"
I dont need too I have a script that grabs the code from the email account.
Same discussion here if it can help you: https://github.com/trydis/FIFA-Ultimate-Team-2015-Toolkit/issues/93
@LUFCMOT url is not the problem https://github.com/oczkers/fut/blob/33f7192f55fc89820fe301cf8dcbf2e3490210fd/fut/core.py#L180
anyone tested my commit?
@oczkers but where is "twoFactorCode" => $thecode, "_trustThisDevice" => "on", "trustThisDevice" => "on", "_eventId" => "submit"
POST too?
fut.Core('login', 'password', 'secret_password', code=123456)
code is needed only on first launch (and every 90 days) if you use cookies.txt
my test
import fut
EmailAdd='[email protected]'
PassWord='password'
SecretAnswer='secret'
PlatF='xbox'
CodeOR=123456
Emu=''
Fifa = fut.Core(EmailAdd, PassWord, SecretAnswer, platform=PlatF, code=CodeOR ,emulate=Emu, cookies= EmailAdd)
result
Traceback (most recent call last):
File "J:\FUT\22-test connexion.py", line 16, in
and I receive a new code by email
@oczkers what url do you use for send the code? my step are:
Login -> send in POST the username / password -> RESPONSE: html page of "Two factor code" form -> i get URL of this page -> send in POST correctly the code -> RESPONSE: html page of "Two factor code" form.
the url of twofactorcode need of some extra cookie or extra header field?
I use a JAVA tool that i made for me.
@Innursery Post full logs (last response from server at least).
@christrato At the beggining of login process there is redirect to something like this:
https://signin.ea.com/p/web/login?execution=e279030983s1&initref=https://accounts.ea.com:443/connect/auth?scope=basic.identity+basic.persona+signin+offline+security.challenge&redirect_uri=http%3A%2F%2Fwww.easports.com%2Ffifa%2Flogin_check&locale=en_US&state=ii6eMmZdi2IxVeGx8jKEPOLFql0mEVioU-hvDviXjvw&response_type=code&client_id=EASFC-web
e279030983s1
s1 = post login data (username, password) s2 = request and post code s3 = dunno
There is no difference in headers between s1,s2,s3 besides referer.
EDIT: i'll release new stable version when we get more confirmations that it works (and logs from @Innursery) EDIT2: updated s1,s2,s3
@oczkers
2014-12-12 09:49:28,562 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTP connection (1): www.easports.com (line 171)
2014-12-12 09:49:28,768 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /uk/fifa/football-club/ultimate-team HTTP/1.1" 301 262 (line 344)
2014-12-12 09:49:28,770 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTPS connection (1): www.easports.com (line 635)
2014-12-12 09:49:29,471 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /uk/fifa/ultimate-team/web-app HTTP/1.1" 302 406 (line 344)
2014-12-12 09:49:29,475 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTPS connection (1): accounts.ea.com (line 635)
2014-12-12 09:49:29,666 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /connect/auth?response_type=code&client_id=EASFC-web&state=cyMOpPM8xPVCQ0aRC2VRtHN6G8eXkFnWMF2FL4sWC-4&redirect_uri=http%3A%2F%2Fwww.easports.com%2Ffifa%2Flogin_check&locale=en_GB&scope=basic.identity+basic.persona+signin+offline+security.challenge HTTP/1.1" 302 0 (line 344)
2014-12-12 09:49:29,668 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTPS connection (1): signin.ea.com (line 635)
2014-12-12 09:49:29,899 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /p/web/login?fid=F6i9vhuygGDc3rPSLK7ZY7YYluYYKwS HTTP/1.1" 302 0 (line 344)
2014-12-12 09:49:29,967 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /p/web/login?execution=e1332693757s1&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DcyMOpPM8xPVCQ0aRC2VRtHN6G8eXkFnWMF2FL4sWC-4%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 200 None (line 344)
2014-12-12 09:49:30,104 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "POST /p/web/login?execution=e1332693757s1&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DcyMOpPM8xPVCQ0aRC2VRtHN6G8eXkFnWMF2FL4sWC-4%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 302 0 (line 344)
2014-12-12 09:49:30,172 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /p/web/login?execution=e1332693757s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DcyMOpPM8xPVCQ0aRC2VRtHN6G8eXkFnWMF2FL4sWC-4%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 200 None (line 344)
2014-12-12 09:49:30,174 [DEBUG] [root] __login__: b'\n<!DOCTYPE html>\n<html lang="en">\n<head>\n <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>\n\n <title>Login Verification</title>\n <meta name="title" content="Login Verification"/>\n <meta name="description" content="Input your Two Factor Authentication Code"/>\n <link rel="shortcut icon" href="/p/favicon.ico"/>\n <meta name="lc" content="en_GB"/>\n <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"/>\n <meta http-equiv="X-UA-Compatible" content="IE=Edge">\n\n<script type="text/javascript">window.EA = {};</script>\n<script type="text/javascript" src="//fonts.ea.com/fbl8bgs.js"></script>\n<script type="text/javascript">(function () {\n try {\n Typekit.load();\n } catch (ex) {\n var html = document.getElementsByTagName(\'html\')[0];\n html.className = (html.className || \'\') + \' wf-inactive\'\n }\n})();</script>\n\n\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery-1.8.3.min.v_1418060428.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery.origin-ux-elements.v_1418060428-min.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery.origin-layout.v_1418060428-min.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/js/jquery.origin-challenge-tfa.v_1418060428-min.js"></script>\n\n<script type="text/javascript">\n if (!window.challenge_cancel) {\n window.challenge_cancel = function() {\n if ($("#btnCancel").length > 0) {\n $("#btnCancel").trigger("click");\n return true;\n } else {\n return false;\n }\n }\n }\n</script>\n\n<script type="text/javascript">\n $(document).ready(function() {\n $.fn.tfa({\n });\n $("#twoFactorCode").focus();\n });\n</script>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/css/origin-ux-elements.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/css/origin-layout.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/css/origin-challenge-tfa.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/css/origin-challenge-tfa.v_1418060428-min.css"/>\n\n<!-- GA -->\n<script type="text/javascript">\n var _gaq = _gaq || [];\n _gaq.push([\'_setAccount\', \'UA-38277543-1\']);\n _gaq.push([\'_setDomainName\', \'.ea.com\']);\n _gaq.push([\'_trackPageview\']);\n (function () {\n var ga = document.createElement(\'script\');\n ga.type = \'text/javascript\';\n ga.async = true;\n ga.src = (\'https:\' == document.location.protocol ? \'https://ssl\' : \'http://www\') + \'.google-analytics.com/ga.js\';\n var s = document.getElementsByTagName(\'script\')[0];\n s.parentNode.insertBefore(ga, s);\n })();\n</script>\n<!-- End of GA -->\n <!-- Tealium -->\n <script type="text/javascript">\n var utag_data = {\n region: "EMEA",\n locale: "en_GB",\n country: "GB",\n language: "en",\n userid: "",\n user_status: "",\n referring_site: "https://signin.ea.com/p/web/login?execution=e1332693757s1&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DcyMOpPM8xPVCQ0aRC2VRtHN6G8eXkFnWMF2FL4sWC-4%26response_type%3Dcode%26client_id%3DEASFC-web",\n page_name: "https://signin.ea.com/p/web/login"\n }\n </script>\n <script type="text/javascript">\n (function (a, b, c, d) {\n a = \'//tags.tiqcdn.com/utag/ea/eadp-web-identity/prod/utag.js\';\n b = document;\n c = \'script\';\n d = b.createElement(c);\n d.src = a;\n d.type = \'text/java\' + c;\n d.async = true;\n a = b.getElementsByTagName(c)[0];\n a.parentNode.insertBefore(d, a);\n })();\n </script>\n <!-- End of tealium -->\n\n<script type="text/javascript">\n $(document).ready(function () {\n var skin = \'origin\';\n var bodySelector = $("body");\n switch (skin) {\n case "origin":\n bodySelector.addClass("origin-com");\n break;\n case "franchisedark":\n bodySelector.addClass("ea-franchise").addClass("ea-franchise-dark");\n break;\n case "franchiselight":\n bodySelector.addClass("ea-franchise").addClass("ea-franchise-light");\n break;\n case "ea":\n default:\n bodySelector.addClass("ea-com");\n break;\n }\n })\n</script>\n\n\n\n</head>\n<body>\n\n\n<div class="loading-container"></div>\n\n<div class="tfa-container">\n <form method="post" id="challengeForm">\n <div class="dialog-info">\n <div id="resend-error-code">\n <div></div>\n </div>\n </div>\n\n<a class="logo-origin" title=""\n href="https://www.origin.com/store/?no-takeover=true">\n</a>\n\n <div class="panel" id="panel-tfa">\n <div class="tfa-form-container">\n <div class="panel-contents">\n <div class="panel-content">\n <h1 class="twoStepHeader">Login Verification</h1>\n\n <p class="check-your-type-text"><strong>Check your email.</strong></p>\n <p class="tfa-codeSent-text"><strong>Your security code was sent to: </strong>[email protected]</p>\n\n <ul>\n <li id="origin-tfa-container" class="origin-control-tip-container">\n<div class="origin-ux-element origin-ux-textbox origin-ux-textbox-web">\n <label class="origin-ux-textbox-label">\n Enter code:\n </label>\n <span class="origin-ux-textbox-control origin-ux-control">\n <span>\n <input type="text" id="twofactorCode"\n name="twofactorCode"\n value=""\n description="" data-description="" placeholder="Enter security code here" autocorrect="off" autocapitalize="off" autocomplete="off"/>\n </span>\n </span>\n <span class="origin-ux-textbox-status-icon"></span>\n <span class="origin-ux-textbox-status-message origin-ux-status-message">\n \n </span>\n</div>\n \n </li>\n </ul>\n\n <div style="clear: both">\n <a id="resend_code_link" href="/p/web/login?execution=e1332693757s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DcyMOpPM8xPVCQ0aRC2VRtHN6G8eXkFnWMF2FL4sWC-4%26response_type%3Dcode%26client_id%3DEASFC-web&_eventId=resend" class="tfa-login-link">Resend security code</a><br>\n </div>\n\n <div class="panel-action-area">\n<a class=\'origin-ux-element origin-ux-button\n origin-ux-button-primary \' href="#" id="btnTFAVerify">\n<span><span>Submit Security Code</span></span>\n</a>\n<a class=\'origin-ux-element origin-ux-button origin-ux-button-secondary btn-cancel\' href="#" id="btnCancel">\n<span><span>Cancel</span></span>\n</a>\n <input type="hidden" name="_eventId" value="submit" id="_eventId"/>\n </div>\n </div>\n </div>\n </div>\n </div>\n<div class="footer">\n <span class="copyright-notice">\xc2\xa9 2014 Electronic Arts Inc. Trademarks belong to their respective owners. All rights reserved.</span>\n <ul class="footer-navigation">\n <li class="item-2 even"><a\n href="https://www.origin.com/store"\n target="_blank"\n class="link link-origin "><span>Shop at Origin</span></a>\n </li><li class="item-3 odd">\n <a href="https://www.origin.com/legal"\n target="_blank"\n class="link link-origin"><span>Legal Notices</span></a>\n </li><li class="item-4 even">\n <a href="https://www.origin.com/termsofservice"\n target="_blank"\n class="link link-origin"><span>Terms of Services</span></a>\n </li><li class="item-5 odd">\n <a href="https://www.origin.com/privacypolicy"\n target="_blank"\n class="link link-origin"><span>Privacy Policy</span></a>\n </li><li class="item-6 even">\n <a href="http://aboutus.ea.com/" target="_blank"\n class="link link-origin"><span>Corporate Info</span></a>\n </li><li class="item-7 odd">\n <a href="https://www.origin.com/termsofsale"\n target="_blank"\n class="link link-origin"><span>EA Terms of Sale</span></a>\n </li><li class="item-8 even last">\n <a href="https://help.ea.com/uk" target="_blank"\n class="link link-origin"><span>Contact Us</span></a>\n </li> </ul>\n</div>\n </form>\n</div>\n\n<div id="form-errors">\n <span id="form-error-invalid-code">Incorrect code entered</span>\n</div>\n\n\n<!-- ### eanshprdaccounts10.eao.abn-iad.ea.com ### -->\n\n</body>\n</html>\n' (line 165)
2014-12-12 09:49:30,479 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /fifa/api/isUserLoggedIn HTTP/1.1" 200 40 (line 344)
@oczkers not better for me
2014-12-12 10:14:30,423 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTP connection (1): www.easports.com (line 171)
2014-12-12 10:14:30,642 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /uk/fifa/football-club/ultimate-team HTTP/1.1" 301 262 (line 344)
2014-12-12 10:14:30,642 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTPS connection (1): www.easports.com (line 635)
2014-12-12 10:14:31,392 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /uk/fifa/ultimate-team/web-app HTTP/1.1" 302 406 (line 344)
2014-12-12 10:14:31,408 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTPS connection (1): accounts.ea.com (line 635)
2014-12-12 10:14:31,611 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /connect/auth?response_type=code&client_id=EASFC-web&state=Lh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc&redirect_uri=http%3A%2F%2Fwww.easports.com%2Ffifa%2Flogin_check&locale=en_GB&scope=basic.identity+basic.persona+signin+offline+security.challenge HTTP/1.1" 302 0 (line 344)
2014-12-12 10:14:31,611 [INFO] [requests.packages.urllib3.connectionpool] _new_conn: Starting new HTTPS connection (1): signin.ea.com (line 635)
2014-12-12 10:14:31,845 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /p/web/login?fid=FqvIw2wv25hj85BVaXuxNMTFwz2j7hL HTTP/1.1" 302 0 (line 344)
2014-12-12 10:14:31,908 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /p/web/login?execution=e144050996s1&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 200 None (line 344)
2014-12-12 10:14:32,048 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "POST /p/web/login?execution=e144050996s1&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 302 0 (line 344)
2014-12-12 10:14:32,111 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /p/web/login?execution=e144050996s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 200 None (line 344)
2014-12-12 10:14:32,111 [DEBUG] [root] __login__: b'\n<!DOCTYPE html>\n<html lang="en">\n<head>\n <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>\n\n <title>Login Verification</title>\n <meta name="title" content="Login Verification"/>\n <meta name="description" content="Input your Two Factor Authentication Code"/>\n <link rel="shortcut icon" href="/p/favicon.ico"/>\n <meta name="lc" content="en_GB"/>\n <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"/>\n <meta http-equiv="X-UA-Compatible" content="IE=Edge">\n\n<script type="text/javascript">window.EA = {};</script>\n<script type="text/javascript" src="//fonts.ea.com/fbl8bgs.js"></script>\n<script type="text/javascript">(function () {\n try {\n Typekit.load();\n } catch (ex) {\n var html = document.getElementsByTagName(\'html\')[0];\n html.className = (html.className || \'\') + \' wf-inactive\'\n }\n})();</script>\n\n\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery-1.8.3.min.v_1418060428.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery.origin-ux-elements.v_1418060428-min.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery.origin-layout.v_1418060428-min.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/js/jquery.origin-challenge-tfa.v_1418060428-min.js"></script>\n\n<script type="text/javascript">\n if (!window.challenge_cancel) {\n window.challenge_cancel = function() {\n if ($("#btnCancel").length > 0) {\n $("#btnCancel").trigger("click");\n return true;\n } else {\n return false;\n }\n }\n }\n</script>\n\n<script type="text/javascript">\n $(document).ready(function() {\n $.fn.tfa({\n });\n $("#twoFactorCode").focus();\n });\n</script>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/css/origin-ux-elements.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/css/origin-layout.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/css/origin-challenge-tfa.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/css/origin-challenge-tfa.v_1418060428-min.css"/>\n\n<!-- GA -->\n<script type="text/javascript">\n var _gaq = _gaq || [];\n _gaq.push([\'_setAccount\', \'UA-38277543-1\']);\n _gaq.push([\'_setDomainName\', \'.ea.com\']);\n _gaq.push([\'_trackPageview\']);\n (function () {\n var ga = document.createElement(\'script\');\n ga.type = \'text/javascript\';\n ga.async = true;\n ga.src = (\'https:\' == document.location.protocol ? \'https://ssl\' : \'http://www\') + \'.google-analytics.com/ga.js\';\n var s = document.getElementsByTagName(\'script\')[0];\n s.parentNode.insertBefore(ga, s);\n })();\n</script>\n<!-- End of GA -->\n <!-- Tealium -->\n <script type="text/javascript">\n var utag_data = {\n region: "EMEA",\n locale: "en_GB",\n country: "GB",\n language: "en",\n userid: "",\n user_status: "",\n referring_site: "https://signin.ea.com/p/web/login?execution=e144050996s1&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web",\n page_name: "https://signin.ea.com/p/web/login"\n }\n </script>\n <script type="text/javascript">\n (function (a, b, c, d) {\n a = \'//tags.tiqcdn.com/utag/ea/eadp-web-identity/prod/utag.js\';\n b = document;\n c = \'script\';\n d = b.createElement(c);\n d.src = a;\n d.type = \'text/java\' + c;\n d.async = true;\n a = b.getElementsByTagName(c)[0];\n a.parentNode.insertBefore(d, a);\n })();\n </script>\n <!-- End of tealium -->\n\n<script type="text/javascript">\n $(document).ready(function () {\n var skin = \'origin\';\n var bodySelector = $("body");\n switch (skin) {\n case "origin":\n bodySelector.addClass("origin-com");\n break;\n case "franchisedark":\n bodySelector.addClass("ea-franchise").addClass("ea-franchise-dark");\n break;\n case "franchiselight":\n bodySelector.addClass("ea-franchise").addClass("ea-franchise-light");\n break;\n case "ea":\n default:\n bodySelector.addClass("ea-com");\n break;\n }\n })\n</script>\n\n\n\n</head>\n<body>\n\n\n<div class="loading-container"></div>\n\n<div class="tfa-container">\n <form method="post" id="challengeForm">\n <div class="dialog-info">\n <div id="resend-error-code">\n <div></div>\n </div>\n </div>\n\n<a class="logo-origin" title=""\n href="https://www.origin.com/store/?no-takeover=true">\n</a>\n\n <div class="panel" id="panel-tfa">\n <div class="tfa-form-container">\n <div class="panel-contents">\n <div class="panel-content">\n <h1 class="twoStepHeader">Login Verification</h1>\n\n <p class="check-your-type-text"><strong>Check your email.</strong></p>\n <p class="tfa-codeSent-text"><strong>Your security code was sent to: </strong>[email protected]</p>\n\n <ul>\n <li id="origin-tfa-container" class="origin-control-tip-container">\n<div class="origin-ux-element origin-ux-textbox origin-ux-textbox-web">\n <label class="origin-ux-textbox-label">\n Enter code:\n </label>\n <span class="origin-ux-textbox-control origin-ux-control">\n <span>\n <input type="text" id="twofactorCode"\n name="twofactorCode"\n value=""\n description="" data-description="" placeholder="Enter security code here" autocorrect="off" autocapitalize="off" autocomplete="off"/>\n </span>\n </span>\n <span class="origin-ux-textbox-status-icon"></span>\n <span class="origin-ux-textbox-status-message origin-ux-status-message">\n \n </span>\n</div>\n \n </li>\n </ul>\n\n <div style="clear: both">\n <a id="resend_code_link" href="/p/web/login?execution=e144050996s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web&_eventId=resend" class="tfa-login-link">Resend security code</a><br>\n </div>\n\n <div class="panel-action-area">\n<a class=\'origin-ux-element origin-ux-button\n origin-ux-button-primary \' href="#" id="btnTFAVerify">\n<span><span>Submit Security Code</span></span>\n</a>\n<a class=\'origin-ux-element origin-ux-button origin-ux-button-secondary btn-cancel\' href="#" id="btnCancel">\n<span><span>Cancel</span></span>\n</a>\n <input type="hidden" name="_eventId" value="submit" id="_eventId"/>\n </div>\n </div>\n </div>\n </div>\n </div>\n<div class="footer">\n <span class="copyright-notice">\xc2\xa9 2014 Electronic Arts Inc. Trademarks belong to their respective owners. All rights reserved.</span>\n <ul class="footer-navigation">\n <li class="item-2 even"><a\n href="https://www.origin.com/store"\n target="_blank"\n class="link link-origin "><span>Shop at Origin</span></a>\n </li><li class="item-3 odd">\n <a href="https://www.origin.com/legal"\n target="_blank"\n class="link link-origin"><span>Legal Notices</span></a>\n </li><li class="item-4 even">\n <a href="https://www.origin.com/termsofservice"\n target="_blank"\n class="link link-origin"><span>Terms of Services</span></a>\n </li><li class="item-5 odd">\n <a href="https://www.origin.com/privacypolicy"\n target="_blank"\n class="link link-origin"><span>Privacy Policy</span></a>\n </li><li class="item-6 even">\n <a href="http://aboutus.ea.com/" target="_blank"\n class="link link-origin"><span>Corporate Info</span></a>\n </li><li class="item-7 odd">\n <a href="https://www.origin.com/termsofsale"\n target="_blank"\n class="link link-origin"><span>EA Terms of Sale</span></a>\n </li><li class="item-8 even last">\n <a href="https://help.ea.com/uk" target="_blank"\n class="link link-origin"><span>Contact Us</span></a>\n </li> </ul>\n</div>\n </form>\n</div>\n\n<div id="form-errors">\n <span id="form-error-invalid-code">Incorrect code entered</span>\n</div>\n\n\n<!-- ### eanshprdaccounts11.eao.abn-iad.ea.com ### -->\n\n</body>\n</html>\n' (line 165)
2014-12-12 10:14:32,174 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "POST /p/web/login?execution=e144050996s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 302 0 (line 344)
2014-12-12 10:14:32,236 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /p/web/login?execution=e144050996s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web HTTP/1.1" 200 None (line 344)
2014-12-12 10:14:32,236 [DEBUG] [root] __login__: b'\n<!DOCTYPE html>\n<html lang="en">\n<head>\n <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>\n\n <title>Login Verification</title>\n <meta name="title" content="Login Verification"/>\n <meta name="description" content="Input your Two Factor Authentication Code"/>\n <link rel="shortcut icon" href="/p/favicon.ico"/>\n <meta name="lc" content="en_GB"/>\n <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"/>\n <meta http-equiv="X-UA-Compatible" content="IE=Edge">\n\n<script type="text/javascript">window.EA = {};</script>\n<script type="text/javascript" src="//fonts.ea.com/fbl8bgs.js"></script>\n<script type="text/javascript">(function () {\n try {\n Typekit.load();\n } catch (ex) {\n var html = document.getElementsByTagName(\'html\')[0];\n html.className = (html.className || \'\') + \' wf-inactive\'\n }\n})();</script>\n\n\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery-1.8.3.min.v_1418060428.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery.origin-ux-elements.v_1418060428-min.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/js/jquery.origin-layout.v_1418060428-min.js"></script>\n <script type="text/javascript" src="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/js/jquery.origin-challenge-tfa.v_1418060428-min.js"></script>\n\n<script type="text/javascript">\n if (!window.challenge_cancel) {\n window.challenge_cancel = function() {\n if ($("#btnCancel").length > 0) {\n $("#btnCancel").trigger("click");\n return true;\n } else {\n return false;\n }\n }\n }\n</script>\n\n<script type="text/javascript">\n $(document).ready(function() {\n $.fn.tfa({\n });\n $("#twoFactorCode").focus();\n });\n</script>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/css/origin-ux-elements.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/ui/core/css/origin-layout.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/css/origin-challenge-tfa.v_1418060428-min.css"/>\n <link rel="stylesheet" type="text/css" href="https://eaassets-a.akamaihd.net/signin_ea_com/p/statics/challenge/css/origin-challenge-tfa.v_1418060428-min.css"/>\n\n<!-- GA -->\n<script type="text/javascript">\n var _gaq = _gaq || [];\n _gaq.push([\'_setAccount\', \'UA-38277543-1\']);\n _gaq.push([\'_setDomainName\', \'.ea.com\']);\n _gaq.push([\'_trackPageview\']);\n (function () {\n var ga = document.createElement(\'script\');\n ga.type = \'text/javascript\';\n ga.async = true;\n ga.src = (\'https:\' == document.location.protocol ? \'https://ssl\' : \'http://www\') + \'.google-analytics.com/ga.js\';\n var s = document.getElementsByTagName(\'script\')[0];\n s.parentNode.insertBefore(ga, s);\n })();\n</script>\n<!-- End of GA -->\n <!-- Tealium -->\n <script type="text/javascript">\n var utag_data = {\n region: "EMEA",\n locale: "en_GB",\n country: "GB",\n language: "en",\n userid: "",\n user_status: "",\n referring_site: "https://signin.ea.com/p/web/login?execution=e144050996s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web",\n page_name: "https://signin.ea.com/p/web/login"\n }\n </script>\n <script type="text/javascript">\n (function (a, b, c, d) {\n a = \'//tags.tiqcdn.com/utag/ea/eadp-web-identity/prod/utag.js\';\n b = document;\n c = \'script\';\n d = b.createElement(c);\n d.src = a;\n d.type = \'text/java\' + c;\n d.async = true;\n a = b.getElementsByTagName(c)[0];\n a.parentNode.insertBefore(d, a);\n })();\n </script>\n <!-- End of tealium -->\n\n<script type="text/javascript">\n $(document).ready(function () {\n var skin = \'origin\';\n var bodySelector = $("body");\n switch (skin) {\n case "origin":\n bodySelector.addClass("origin-com");\n break;\n case "franchisedark":\n bodySelector.addClass("ea-franchise").addClass("ea-franchise-dark");\n break;\n case "franchiselight":\n bodySelector.addClass("ea-franchise").addClass("ea-franchise-light");\n break;\n case "ea":\n default:\n bodySelector.addClass("ea-com");\n break;\n }\n })\n</script>\n\n\n\n</head>\n<body>\n\n\n<div class="loading-container"></div>\n\n<div class="tfa-container">\n <form method="post" id="challengeForm">\n <div class="dialog-info">\n <div id="resend-error-code">\n <div></div>\n </div>\n </div>\n\n<a class="logo-origin" title=""\n href="https://www.origin.com/store/?no-takeover=true">\n</a>\n\n <div class="panel" id="panel-tfa">\n <div class="tfa-form-container">\n <div class="panel-contents">\n <div class="panel-content">\n <h1 class="twoStepHeader">Login Verification</h1>\n\n <p class="check-your-type-text"><strong>Check your email.</strong></p>\n <p class="tfa-codeSent-text"><strong>Your security code was sent to: </strong>[email protected]</p>\n\n <ul>\n <li id="origin-tfa-container" class="origin-control-tip-container">\n<div class="origin-ux-element origin-ux-textbox origin-ux-textbox-web field-error">\n <label class="origin-ux-textbox-label">\n Enter code:\n </label>\n <span class="origin-ux-textbox-control origin-ux-control">\n <span>\n <input type="text" id="twofactorCode"\n name="twofactorCode"\n value=""\n description="" data-description="" placeholder="Enter security code here" autocorrect="off" autocapitalize="off" autocomplete="off"/>\n </span>\n </span>\n <span class="origin-ux-textbox-status-icon"></span>\n <span class="origin-ux-textbox-status-message origin-ux-status-message">\n Incorrect code entered\n </span>\n</div>\n \n </li>\n </ul>\n\n <div style="clear: both">\n <a id="resend_code_link" href="/p/web/login?execution=e144050996s2&initref=https%3A%2F%2Faccounts.ea.com%3A443%2Fconnect%2Fauth%3Fscope%3Dbasic.identity%2Bbasic.persona%2Bsignin%2Boffline%2Bsecurity.challenge%26redirect_uri%3Dhttp%253A%252F%252Fwww.easports.com%252Ffifa%252Flogin_check%26locale%3Den_GB%26state%3DLh1HAOPpS_YOuU4iVNb3R6PsEGO3KnOXtG__9BoL8zc%26response_type%3Dcode%26client_id%3DEASFC-web&_eventId=resend" class="tfa-login-link">Resend security code</a><br>\n </div>\n\n <div class="panel-action-area">\n<a class=\'origin-ux-element origin-ux-button\n origin-ux-button-primary \' href="#" id="btnTFAVerify">\n<span><span>Submit Security Code</span></span>\n</a>\n<a class=\'origin-ux-element origin-ux-button origin-ux-button-secondary btn-cancel\' href="#" id="btnCancel">\n<span><span>Cancel</span></span>\n</a>\n <input type="hidden" name="_eventId" value="submit" id="_eventId"/>\n </div>\n </div>\n </div>\n </div>\n </div>\n<div class="footer">\n <span class="copyright-notice">\xc2\xa9 2014 Electronic Arts Inc. Trademarks belong to their respective owners. All rights reserved.</span>\n <ul class="footer-navigation">\n <li class="item-2 even"><a\n href="https://www.origin.com/store"\n target="_blank"\n class="link link-origin "><span>Shop at Origin</span></a>\n </li><li class="item-3 odd">\n <a href="https://www.origin.com/legal"\n target="_blank"\n class="link link-origin"><span>Legal Notices</span></a>\n </li><li class="item-4 even">\n <a href="https://www.origin.com/termsofservice"\n target="_blank"\n class="link link-origin"><span>Terms of Services</span></a>\n </li><li class="item-5 odd">\n <a href="https://www.origin.com/privacypolicy"\n target="_blank"\n class="link link-origin"><span>Privacy Policy</span></a>\n </li><li class="item-6 even">\n <a href="http://aboutus.ea.com/" target="_blank"\n class="link link-origin"><span>Corporate Info</span></a>\n </li><li class="item-7 odd">\n <a href="https://www.origin.com/termsofsale"\n target="_blank"\n class="link link-origin"><span>EA Terms of Sale</span></a>\n </li><li class="item-8 even last">\n <a href="https://help.ea.com/uk" target="_blank"\n class="link link-origin"><span>Contact Us</span></a>\n </li> </ul>\n</div>\n </form>\n</div>\n\n<div id="form-errors">\n <span id="form-error-invalid-code">Incorrect code entered</span>\n</div>\n\n\n<!-- ### eanshprdaccounts11.eao.abn-iad.ea.com ### -->\n\n</body>\n</html>\n' (line 181)
2014-12-12 10:14:32,767 [DEBUG] [requests.packages.urllib3.connectionpool] _make_request: "GET /fifa/api/isUserLoggedIn HTTP/1.1" 200 40 (line 344)
@oczkers I am sending the code to (s3)
https://signin.ea.com/p/web/login?execution=e279030983s3&initref=https://accounts.ea.com:443/connect/auth?scope=basic.identity+basic.persona+signin+offline+security.challenge&redirect_uri=http%3A%2F%2Fwww.easports.com%2Ffifa%2Flogin_check&locale=en_US&state=ii6eMmZdi2IxVeGx8jKEPOLFql0mEVioU-hvDviXjvw&response_type=code&client_id=EASFC-web
but I just get a 400 error Bad request.
@LUFCMOT I might be wrong and it's s2 but hard to say whats wrong with your request if you don't attach headers etc. How about referer?
EDIT: it's dynamic url, for example e279030983 is changing on every login
$url = "https://signin.ea.com/p/web/login?execution=e279030983s3&initref=https://accounts.ea.com:443/connect/auth?scope=basic.identity+basic.persona+signin+offline+security.challenge&redirect_uri=http%3A%2F%2Fwww.easports.com%2Ffifa%2Flogin_check&locale=en_US&state=ii6eMmZdi2IxVeGx8jKEPOLFql0mEVioU-hvDviXjvw&response_type=code&client_id=EASFC-web";
private function Verify($url) {
$request = $this->_client->post($url, array(), array(
"twoFactorCode" => "84725048",
"_trustThisDevice" => "on",
"trustThisDevice" => "on",
"_eventId" => "submit"
));
$response = $request->send();
}
I was getting this problem, but now I believe I found out what was happening.
Only in the first time I needed to log in the webapp. I believe is was necessary to activate something in the account.
Next time I asked for another code and the script worked like a charm. I'm using cookies and restarted the script, its still working with a random code.
If someone is getting this invalid code error, try it. I used an anonymous google chrome tab to login in the first time and to ask for a new code in the second time, but in the second time we don't log in the browser again.
