Add login

docs/android-app-inspection.md

@@ -0,0 +1,45 @@
+# Inspecting the SoundCloud Android App
+
+## Prerequisites
+
+* Ubuntu 18.04
+* Android Studio 4
+* mitmproxy (https://mitmproxy.org/)
+* Add Android Sdk tools to `PATH`:
+  ```bash
+  # Android Sdk
+  ANDROID_SDK_ROOT=~/Android/Sdk
+  export PATH=$PATH:$ANDROID_SDK_ROOT/build-tools/29.0.2
+  export PATH=$PATH:$ANDROID_SDK_ROOT/platform-tools
+  export PATH=$PATH:$ANDROID_SDK_ROOT/tools
+  ```
+
+## Download and patch APK
+
+* Open Android Virtual Device Manager and start a device with Play Store.
+* Install the SoundCloud-App from the Play Store.
+* Install [Split APKs Installer (SAI)](https://play.google.com/store/apps/details?id=com.aefyr.sai)
+  and backup (export) the SoundCloud app to the `Downloads` folder.
+* Download the exported `*.apks` file:
+```bash
+adb pull /sdcard/Download/SoundCloud_com,soundcloud,android_2021,06,02-release.apks
+mv SoundCloud_com,soundcloud,android_2021,06,02-release.apks com.soundcloud.android.apks
+```
+* Patch the APK:
+```bash
+npx apk-mitm com.soundcloud.android.apks
+```
+* Push the patched APK file back to the virtual device:
+```shell
+adb push com.soundcloud.android-patched.apks /sdcard/Download/
+```
+* Uninstall the original SoundCloud app.
+* Install the patched APK with SAI.
+
+## Inspect traffic
+
+* Start mitmproxy by running `mitmweb`.
+* Start the app on your virtual device. Add the proxy config to the emulator settings.
+  (Your IP [`ip a`] and port `8080`)
+* Install the mitm certificate inside Android by visiting [mitm.it](mitm.it).
+* You should now be able to inspect all network traffic.

resources/lib/soundcloud/api_mobile.py

@@ -0,0 +1,49 @@
+import requests
+
+
+class ApiMobile:
+    """This class uses the unofficial API used by the SoundCloud mobile app."""
+
+    api_host = "https://api-mobile.soundcloud.com"
+    api_client_id = "dbdsA8b6V6Lw7wzu1x0T4CLxt58yd4Bf"
+    api_client_secret = "aBK1xbehZvrBw0dtVYNY3BuJJOuDFrYs"
+    api_user_agent = "SoundCloud/2021.06.02-release (Android 11; Google sdk_gphone_x86)"
+    api_udid = "4787dcf7a801d396b5f3cfa654fd89ae"  # Unique Device Identifier
+
+    def __init__(self, settings, lang, cache):
+        self.cache = cache
+        self.settings = settings
+        self.lang = lang
+
+    def authenticate(self, identifier, password):
+        url = self.api_host + "/sign_in"
+
+        params = {
+            "client_id": self.api_client_id,
+        }
+
+        headers = {
+            "Content-Type": "application/json; charset=utf-8",
+            "User-Agent": self.api_user_agent,
+            "UDID": self.api_udid,
+        }
+
+        payload = {
+            "auth_method": "password",
+            "captcha_pubkey": "6LfuZ08UAAAAAEzW09iSDSG5t4ygnyGNz5ZGfj5h",
+            "captcha_solution": None,
+            "client_id": self.api_client_id,
+            "client_secret": self.api_client_secret,
+            "create_if_not_found": False,
+            "credentials": {
+                "identifier": identifier,
+                "password": password,
+            },
+            "flags": {},
+            "signature": "2:f3b1d672",
+        }
+
+        response = requests.post(url, params=params, json=payload, headers=headers).json()
+
+        return response.token.access_token
+