# -*- coding:utf-8 -*-## hotspot-login-manager# https://github.com/syam44/

1. # -*- coding:utf-8 -*-
2. #
3. # hotspot-login-manager
4. # https://github.com/syam44/Hotspot-Login-Manager
5. #
6. # Distributed under the GNU General Public License version 3
7. # https://www.gnu.org/copyleft/gpl.html
8. #
9. # Authors: syam ([email protected])
10. #
11. # Description: Authentication plugin for SFR.FR + FON hotspots
12. #
13.  
14.  
15. #-----------------------------------------------------------------------------
16. import re
17. import urllib.parse
18. #
19. from hotspot_login_manager.libs.daemon import hlm_auth_plugins
20. from hotspot_login_manager.libs.daemon import hlm_http
21.  
22.  
23. #-----------------------------------------------------------------------------
24. def getSupportedProviders():
25. # See daemon/hlm_auth_plugins
26. return { 'sfr.fr': ['SFR WiFi FON', 'SFR WiFi Public', 'Neuf WiFi FON', 'Neuf WiFi Public'],
27. 'fon': ['SFR WiFi FON', 'Neuf WiFi FON'],
28. }
29.  
30.  
31. #-----------------------------------------------------------------------------
32. def getSupportedRedirectPrefixes():
33. #return ['https://hotspot.neuf.fr/indexEncryptingChilli.php?']
34. return ['https://hotspot.wifi.sfr.fr/indexEncryptingChilli.php?']
35.  
36. #-----------------------------------------------------------------------------
37. def authenticate(redirectURL, connectedSSIDs):
38.  
39. debugMessageHeader = 'AuthPlugin {0}'.format(quote(pluginName))
40. def debugMessage(message, *args):
41. if args != tuple():
42. message = message.format(*args)
43. message = '{0}: {1}'.format(debugMessageHeader, message)
44. return message
45.  
46.  
47. def reportFailure(message, *args):
48. message = debugMessage('[FAILURE] ' + message, *args)
49. raise hlm_auth_plugins.Status_Error(pluginName, message)
50.  
51.  
52. # Extract the URL arguments
53. try:
54. urlArgs = hlm_http.splitUrlArguments(redirectURL, ['challenge', 'mode', 'uamip', 'uamport', 'channel'], 'redirect URL')
55. if __DEBUG__: logDebug(debugMessage('got all required arguments from the redirect URL.'))
56. except BaseException as exc:
57. reportFailure(exc)
58.  
59. # Get the login page
60. try:
61. result = hlm_http.urlOpener().open(redirectURL, timeout = 10)
62. pageData = hlm_http.readAll(result)
63. #gasp
64. #if not (type(pageData) is str): pageData = str(pageData, 'utf-8')
65. result.close()
66. if __DEBUG__: logDebug(debugMessage('grabbed the login webpage.'))
67. except hlm_http.CertificateError as exc:
68. raise
69. except BaseException as exc:
70. reportFailure('error while grabbing the login webpage: {0}'.format(exc))
71.  
72. # Basic check to see if we actually are on a SFR "NeufBox"
73. if _regexCheckNB4.search(pageData) == None:
74. if __DEBUG__: logDebug(debugMessage('this is not a "NeufBox4".'))
75. reportFailure('this is not a "NeufBox4".')
76. if __DEBUG__: logDebug(debugMessage('seems we have a "NeufBox".'))
77.  
78. # Is the hotspot FON-enabled?
79. hasFONsupport = (_regexCheckChoiceFON.search(pageData) != None)
80. if __DEBUG__:
81. if hasFONsupport:
82. logDebug(debugMessage('we have FON support.'))
83. else:
84. logDebug(debugMessage('we don\'t have FON support.'))
85.  
86. # Double-check the Chillispot URL
87. match = _regexChilliURL.search(pageData)
88. # gasp
89. if __DEBUG__: logDebug(debugMessage(pageData))
90. if __DEBUG__: logDebug(debugMessage(redirectURL))
91. if __DEBUG__: logDebug(debugMessage(match.group(1).decode() ) )
92.  
93. if match == None:
94. reportFailure('in-page data is missing.')
95. #gasp
96. if match.group(1).decode() != redirectURL:
97. reportFailure('in-page data conflicts with the redirected URL.')
98. if __DEBUG__: logDebug(debugMessage('in-page data confirms the redirect URL pour de faux.'))
99.  
100. # Prepare data that is dependent on the kind of hotspot / configured credentials
101. if 'sfr.fr' in pluginCredentials:
102. hotspotCredentials = 'sfr.fr'
103. hotspotAccessType = 'neuf'
104. if hasFONsupport:
105. hotspotChoice = 'choix=neuf&'
106. else:
107. hotspotChoice = ''
108. elif hasFONsupport and ('fon' in pluginCredentials):
109. hotspotCredentials = 'fon'
110. hotspotAccessType = 'fon'
111. hotspotChoice = 'choix=fon&'
112. else:
113. reportFailure('this plugin only supports «sfr.fr» and «fon» credentials.')
114.  
115. if __DEBUG__: logDebug(debugMessage('using {0} credentials'.format(quote(hotspotCredentials))))
116. debugMessageHeader = 'AuthPlugin {0} (credentials {1})'.format(quote(pluginName), quote(hotspotCredentials))
117.  
118. (user, password) = pluginCredentials[hotspotCredentials]
119. postData = hotspotChoice + 'username={0}&password={1}&conditions=on&challenge={2}&accessType={7}&lang=fr&mode={3}&userurl=http%253a%252f%252fwww.google.com%252f&uamip={4}&uamport={5}&channel={6}&connexion=Connexion'.format(urllib.parse.quote(user), urllib.parse.quote(password), urlArgs['challenge'], urlArgs['mode'], urlArgs['uamip'], urlArgs['uamport'], urlArgs['channel'], hotspotAccessType)
120.  
121. # Ask the hotspot gateway to give us the Chillispot URL
122. try:
123. #result = hlm_http.urlOpener().open('https://hotspot.neuf.fr/nb4_crypt.php', data = postData, timeout = 10)
124. result = hlm_http.urlOpener().open('https://hotspot.wifi.sfr.fr/nb4_crypt.php', data = postData, timeout = 10)
125. pageData = hlm_http.readAll(result)
126. result.close()
127. if __DEBUG__: logDebug(debugMessage('grabbed the encryption gateway (JS redirect) result webpage.'))
128. except hlm_http.CertificateError as exc:
129. raise
130. except BaseException as exc:
131. reportFailure('error while grabbing the encryption gateway (JS redirect) result webpage: {0}'.format(exc))
132.  
133. # OK, now we have to put up with a Javascript redirect. I mean, WTF?
134. match = _regexJSRedirect.search(pageData)
135. if match == None:
136. reportFailure('missing URL in the encryption gateway (JS redirect) result webpage.')
137.  
138. #gasp
139. redirectURL = match.group(1).decode()
140. #debug
141. if __DEBUG__: logDebug(debugMessage(redirectURL))
142.  
143. # Let's see what Chillispot will answer us...
144. redirectURL = hlm_http.detectRedirect(redirectURL)
145. if redirectURL == None:
146. reportFailure('something went wrong during the Chillispot query (redirect expected, but none obtained).')
147.  
148. # Check the final URL arguments
149. try:
150. urlArgs = hlm_http.splitUrlArguments(redirectURL, ['res'], 'redirect URL')
151. urlArgs = urlArgs['res'].lower()
152. except BaseException as exc:
153. reportFailure(exc)
154.  
155. if urlArgs == 'failed':
156. raise hlm_auth_plugins.Status_WrongCredentials(pluginName, hotspotCredentials)
157.  
158. if (urlArgs != 'success') and (urlArgs != 'already'):
159. reportFailure('Chillispot didn\'t let us log in, no idea why. Here\'s the redirected URL: {0}'.format(redirectURL))
160.  
161. raise hlm_auth_plugins.Status_Success(pluginName, hotspotCredentials)
162.  
163.  
164. #-----------------------------------------------------------------------------
165. #
166. # Pre-compiled regular expressions for authenticate()
167. #
168. _regexCheckNB4 = re.compile(b'<form action="nb4_crypt.php" ')
169. _regexCheckChoiceFON = re.compile(b'<select name="choix" id="choix">[^<]+<option value="neuf" selected>SFR</option>[^<]+<option value="fon">Fonero</option>')
170. _regexChilliURL = re.compile(b'SFRLoginURL_JIL=(https://hotspot.wifi.sfr.fr/indexEncryptingChilli.php?[^>]+)-->')
171.  
172. _regexJSRedirect = re.compile(b'window.location = "([^"]+)";')
173.  
174.  
175. #-----------------------------------------------------------------------------
176. # vim: tabstop=4 expandtab shiftwidth=4 softtabstop=4