-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathapp.txt
51 lines (42 loc) · 1.75 KB
/
app.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
# APP generates this URL and opens it in webview
GET https://login.tidal.com/authorize
?response_type=code
&redirect_uri=https%3A%2F%2Ftidal.com%2Fandroid%2Flogin%2Fauth
&client_id=<client_id from .apk (inside compiled strings.xml, *_client_id, default_client_id is id used by my phone)>
&lang=pl_PL
&appMode=android
&client_unique_key=<idk wtf, probably android id>
&code_challenge=<code_challenge from https://tools.ietf.org/html/rfc7636#appendix-B>
&code_challenge_method=S256
&restrict_signup=true
# after successful login in webview it's getting redirected to this url which we need:
GET https://tidal.com/android/login/auth
?code=<auth code>
&state=na
&lang=pl
&appMode=android
# we need to generate this url and call it to get token for Authorize header
POST https://auth.tidal.com/v1/oauth2/token
HEADERS
Content-Type: application/x-www-form-urlencoded
BODY
code=<auth code>
&client_id=<client_id from .apk>
&grant_type=authorization_code
&redirect_uri=https%3A%2F%2Ftidal.com%2Fandroid%2Flogin%2Fauth
&scope=r_usr%20w_usr%20w_sub
&code_verifier=<code_verifier from https://tools.ietf.org/html/rfc7636#appendix-B>
&client_unique_key=<idk wtf, probably android id>
# expired token
HTTP/1.1 401 Unauthorized
Content-Type: application/json
{"status":401,"subStatus":11003,"userMessage":"The token has expired. (Expired on time)"}
# to refresh expired token we need to take refresh_token from auth response and put it in something like this:
POST https://auth.tidal.com/v1/oauth2/token
HEADERS
Content-Type: application/x-www-form-urlencoded
BODY
client_id=<client_id from .apk>
&refresh_token=<refresh token from @up>
&grant_type=refresh_token
&scope=r_usr%20w_usr%20w_sub