nodejs-insta-private-api-mqt 1.3.74 → 1.3.75

package/dist/core/request.js

@@ -264,7 +264,7 @@ class Request {
     if (!url) return;
     const path = url.toLowerCase();
 
-    if (path.includes('/accounts/login/') || path.includes('/launcher/sync/')) {
+    if (path.includes('/accounts/login/') || path.includes('/launcher/sync/') || path.includes('/bloks/async_action/com.bloks.www.bloks.caa.login')) {
       this.navChain.simulateAppOpen();
       return;
     }

package/dist/repositories/account.repository.js

@@ -45,22 +45,84 @@ class AccountRepository extends Repository {
     const { encrypted, time } = this.encryptPassword(password);
 
     return this.requestWithRetry(async () => {
-      const countryCode = this.client.state.countryCode || 1;
+      const aacInitTimestamp = Math.floor(Date.now() / 1000) - Math.floor(Math.random() * 50);
+      const aacjid = crypto.randomUUID ? crypto.randomUUID() : require('uuid').v4();
+      const aaccs = crypto.randomBytes(32).toString('base64url');
+
+      const clientInputParams = {
+        aac: JSON.stringify({
+          aac_init_timestamp: aacInitTimestamp,
+          aacjid: aacjid,
+          aaccs: aaccs,
+        }),
+        sim_phones: [],
+        aymh_accounts: [],
+        network_bssid: null,
+        secure_family_device_id: '',
+        has_granted_read_contacts_permissions: 0,
+        auth_secure_device_id: '',
+        has_whatsapp_installed: 1,
+        password: `#PWD_INSTAGRAM:4:${time}:${encrypted}`,
+        sso_token_map_json_string: '{}',
+        block_store_machine_id: '',
+        ig_vetted_device_nonces: '{}',
+        contact_point: username,
+        machine_id: this.client.state.mid || '',
+        login_attempt_count: '0',
+        reg_flow_taken: 'phone',
+        device_id: this.client.state.uuid,
+        phone_id: this.client.state.phoneId,
+        family_device_id: this.client.state.phoneId,
+        encryption_enabled: '1',
+        has_dbl_tap_login: 0,
+        jazoest: AccountRepository.createJazoest(this.client.state.phoneId),
+        openid_tokens: '{}',
+      };
+
+      const serverParams = {
+        credential_type: 'password',
+        device_id: this.client.state.uuid,
+      };
+
+      const paramsJson = JSON.stringify({
+        client_input_params: clientInputParams,
+        server_params: serverParams,
+      });
+
+      const attestParams = AccountRepository.generateAttestParams(this.client.state);
+
+      const bloksHeaders = {
+        'X-Bloks-Prism-Ax-Base-Colors-Enabled': 'false',
+        'X-Bloks-Prism-Button-Version': 'CONTROL',
+        'X-Bloks-Prism-Colors-Enabled': 'true',
+        'X-Bloks-Prism-Font-Enabled': 'false',
+        'X-Bloks-Prism-Indigo-Link-Version': '0',
+        'X-FB-Friendly-Name': 'IgApi: bloks/async_action/com.bloks.www.bloks.caa.login.async.send_login_request/',
+        'X-FB-Request-Analytics-Tags': JSON.stringify({
+          network_tags: {
+            product: this.client.state.fbAnalyticsApplicationId,
+            purpose: 'fetch',
+            surface: 'undefined',
+            request_category: 'api',
+            retry_attempt: '0',
+          },
+        }),
+        'X-IG-Client-Endpoint': 'com.bloks.www.caa.login.aymh_single_profile_screen_entry',
+        'X-Tigon-Is-Retry': 'False',
+        'X-FB-RMD': 'state=URL_ELIGIBLE',
+        'X-IG-Attest-Params': JSON.stringify(attestParams),
+        'X-FB-Connection-Type': 'MOBILE.LTE',
+        'X-FB-Network-Properties': 'VPN;Metered;Validated;LocalAddrs=/10.0.0.2,;',
+        'X-FB-Conn-UUID-Client': crypto.randomBytes(16).toString('hex'),
+        'Accept-Encoding': 'zstd',
+        'X-FB-HTTP-Engine': 'MNS/TCP',
+      };
+
       const response = await this.client.request.send({
         method: 'POST',
-        url: '/api/v1/accounts/login/',
-        form: this.client.request.sign({
-          jazoest: AccountRepository.createJazoest(this.client.state.phoneId),
-          country_codes: JSON.stringify([{ country_code: String(countryCode), source: ['default'] }]),
-          phone_id: this.client.state.phoneId,
-          enc_password: `#PWD_INSTAGRAM:4:${time}:${encrypted}`,
-          username,
-          adid: this.client.state.adid,
-          guid: this.client.state.uuid,
-          device_id: this.client.state.deviceId,
-          google_tokens: '[]',
-          login_attempt_count: '0',
-        }),
+        url: '/api/v1/bloks/async_action/com.bloks.www.bloks.caa.login.async.send_login_request/',
+        form: { params: paramsJson },
+        headers: bloksHeaders,
       });
 
       const body = response.body;
@@ -88,7 +150,51 @@ class AccountRepository extends Repository {
         throw err;
       }
 
-      return body.logged_in_user;
+      if (body.layout) {
+        const layoutStr = typeof body.layout === 'string' ? body.layout : JSON.stringify(body.layout);
+
+        if (layoutStr.includes('two_factor_required') || layoutStr.includes('"two_factor_info"')) {
+          let twoFactorInfo = null;
+          try {
+            const match = layoutStr.match(/"two_factor_info"\s*:\s*(\{[^}]+\})/);
+            if (match) twoFactorInfo = JSON.parse(match[1]);
+          } catch (e) {}
+          const err = new Error('Two factor authentication required');
+          err.name = 'IgLoginTwoFactorRequiredError';
+          err.twoFactorInfo = twoFactorInfo;
+          throw err;
+        }
+
+        if (layoutStr.includes('bad_password') || layoutStr.includes('incorrect_password')) {
+          const err = new Error('Bad password');
+          err.name = 'IgLoginBadPasswordError';
+          throw err;
+        }
+
+        if (layoutStr.includes('invalid_user') || layoutStr.includes('user_not_found')) {
+          const err = new Error('Invalid user');
+          err.name = 'IgLoginInvalidUserError';
+          throw err;
+        }
+
+        if (layoutStr.includes('challenge_required')) {
+          const err = new Error('Challenge required');
+          err.name = 'IgCheckpointError';
+          err.challengeInfo = body.challenge || null;
+          throw err;
+        }
+      }
+
+      if (body.logged_in_user) {
+        return body.logged_in_user;
+      }
+
+      try {
+        const userInfo = await this.currentUser();
+        return userInfo.user || userInfo;
+      } catch (e) {
+        return body;
+      }
     });
   }
 
@@ -459,6 +565,96 @@ class AccountRepository extends Repository {
     });
   }
 
+  static generateAttestParams(state) {
+    const challengeNonce = crypto.randomBytes(24).toString('base64url');
+
+    const { privateKey, publicKey } = crypto.generateKeyPairSync('ec', {
+      namedCurve: 'prime256v1',
+    });
+
+    const signedData = crypto.sign(null, Buffer.from(challengeNonce), privateKey);
+    const signedNonce = signedData.toString('base64');
+
+    const publicKeyDer = publicKey.export({ type: 'spki', format: 'der' });
+    const keyHash = crypto.createHash('sha256').update(publicKeyDer).digest('hex');
+
+    const leafCertPem = AccountRepository._generateSelfSignedCert(privateKey, publicKey, 'Android Keystore Key');
+    const intermediateCertPem = AccountRepository._generateSelfSignedCert(privateKey, publicKey, 'TEE');
+
+    const certificateChain = leafCertPem + '\n' + intermediateCertPem;
+
+    return {
+      attestation: [{
+        version: 2,
+        type: 'keystore',
+        errors: [0],
+        challenge_nonce: challengeNonce,
+        signed_nonce: signedNonce,
+        key_hash: keyHash,
+        certificate_chain: certificateChain,
+      }],
+    };
+  }
+
+  static _generateSelfSignedCert(privateKey, publicKey, cn) {
+    const publicKeyDer = publicKey.export({ type: 'spki', format: 'der' });
+    const serialNumber = crypto.randomBytes(8);
+    const now = new Date();
+    const notBefore = new Date(now.getTime() - 365 * 24 * 60 * 60 * 1000);
+    const notAfter = new Date(now.getTime() + 10 * 365 * 24 * 60 * 60 * 1000);
+
+    const cnBytes = Buffer.from(cn, 'utf8');
+    const cnSeq = Buffer.concat([
+      Buffer.from([0x30, cnBytes.length + 13]),
+      Buffer.from([0x31, cnBytes.length + 11]),
+      Buffer.from([0x30, cnBytes.length + 9]),
+      Buffer.from([0x06, 0x03, 0x55, 0x04, 0x03]),
+      Buffer.from([0x0c, cnBytes.length]),
+      cnBytes,
+    ]);
+
+    function encodeTime(date) {
+      const str = date.toISOString().replace(/[-:T]/g, '').slice(2, 14) + 'Z';
+      return Buffer.concat([Buffer.from([0x17, str.length]), Buffer.from(str)]);
+    }
+
+    const validityBuf = Buffer.concat([
+      encodeTime(notBefore),
+      encodeTime(notAfter),
+    ]);
+    const validity = Buffer.concat([Buffer.from([0x30, validityBuf.length]), validityBuf]);
+
+    const tbs = Buffer.concat([
+      Buffer.from([0xa0, 0x03, 0x02, 0x01, 0x02]),
+      Buffer.from([0x02, serialNumber.length]), serialNumber,
+      Buffer.from([0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02]),
+      cnSeq,
+      validity,
+      cnSeq,
+      publicKeyDer,
+    ]);
+
+    const tbsSeq = Buffer.concat([Buffer.from([0x30, 0x82]), Buffer.alloc(2), tbs]);
+    tbsSeq.writeUInt16BE(tbs.length, 2);
+
+    const signature = crypto.sign(null, tbsSeq, privateKey);
+
+    const sigBitString = Buffer.concat([
+      Buffer.from([0x03, signature.length + 1, 0x00]),
+      signature,
+    ]);
+
+    const algId = Buffer.from([0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02]);
+
+    const certBody = Buffer.concat([tbsSeq, algId, sigBitString]);
+    const cert = Buffer.concat([Buffer.from([0x30, 0x82]), Buffer.alloc(2), certBody]);
+    cert.writeUInt16BE(certBody.length, 2);
+
+    const b64 = cert.toString('base64');
+    const lines = b64.match(/.{1,76}/g) || [b64];
+    return '-----BEGIN CERTIFICATE-----\n' + lines.join('\n') + '\n-----END CERTIFICATE-----';
+  }
+
   static createJazoest(input) {
     const buf = Buffer.from(input, 'ascii');
     let sum = 0;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nodejs-insta-private-api-mqt",
-  "version": "1.3.74",
+  "version": "1.3.75",
   "description": "Complete Instagram MQTT protocol with FULL Featured REALTIME And api Rest All in one project .",
   "main": "dist/index.js",
   "scripts": {