[deviantart] jwt token validation failed #4548
Comments
|
That sucks... |
|
I got those errors with Deviantart as well, since yesterday. Wasn't an issue till the day before. |
|
I recently reported a similar set of errors befalling another downloader. |
|
I wrote this in a different issue as an edit to my existing post so I don't know if anybody even saw it. I just wanted to mention downloading the full res of this paid art still works. I don't know if that's significant or might help or not. https://www.deviantart.com/darkflame75/art/The-Moon-Rises-603249824 |
Cannot reproduce. |
|
I tested it again right before posting my comment. It must be because I downloaded it right before the issue began so it still lets me I guess. |
That sounds very unlikely. Can you access the URL in a browser? |
|
Yes.
|
Can you access the url in incognito? Could you try reproducing with curl? |
|
It works in incognito. It doesn't work with curl: |
|
It could be a regional cache sort of thing. I just checked and Cloudfront caches the images for a long period of time: |
Likely. you can bypass Cloudfront cache by adding random query params like |
|
To confirm, once the commit goes live, should the issue with these errors (and the associated 401 errors) be resolved? |
|
@zakman4466 it "resolves" it by just always going with the lowres images since you can't get the highres pictures anyway. |
And again, a huge thank you to @Ironchest337 for discovering this.
|
Ironchest337 did it again! 20d1683 |
Weirdly enough, that trick does not work for the example given by @mdashlw (403 Forbidden), and that's the only exception I've noticed so far. At first I thought it was because it was a relatively new submission, but later I was able to download even newer submissions. |
|
It works when using the full DA URL, but this post is also downloadable without any JWT shenanigans. It doesn't actually get touched by any JWT logic to begin with, even when |
I went ahead and checked and I believe it's an issue of the original token they are using. Removing everything after urn:app: for sub and iss allows it to work |
|
It seems to accept |
Just to be clear, what gallery-dl feature exactly is working again? |
Same as before, i.e. downloading all deviantart images, including paid, in original resolution |
I just tried that The Moon Rises example (using https://github.com/mhogomchungu/media-downloader as a GUI), but it gave me this error:
Then it downloaded the low-resolution preview image. I went to the URL and it said "token validation failed". Another deviation I tried also insisted on using a low-res fallback. If original-res downloading is working again, then what am I doing wrong? |
the fix isn't released yet. install latest gallery-dl directly from github: |
That did it. I have to run it from my Python3 folder on the command line, but it works. Thank you. EDIT: Some of the deviations in three specific galleries I tried still give me errors that include " (no refresh-token)". Other people's galleries give me no such trouble at all. EDIT2: Here are links to a few of those images. They're not even blurred and don't even have pay buttons, but they are NSFW: The errors they give me are: |
DeviantArt extractor works by faking a JWT token by using alg=none, it appears to be no longer working.
Unsigned alg=none:
https://images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/1bf37f96-f0c0-4978-87d5-fec7a7860e96/dg9ewam-1771d013-9bb1-4bc9-82f7-3d145dbb4c76.png?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7InBhdGgiOiJcL2ZcLzFiZjM3Zjk2LWYwYzAtNDk3OC04N2Q1LWZlYzdhNzg2MGU5NlwvZGc5ZXdhbS0xNzcxZDAxMy05YmIxLTRiYzktODJmNy0zZDE0NWRiYjRjNzYucG5nIn1dXSwiYXVkIjpbInVybjpzZXJ2aWNlOmZpbGUuZG93bmxvYWQiXX0.(returns 401 token validation failed)SIgned alg=HS256 by deviantart:
https://images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/1bf37f96-f0c0-4978-87d5-fec7a7860e96/dg9ewam-1771d013-9bb1-4bc9-82f7-3d145dbb4c76.png?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7InBhdGgiOiJcL2ZcLzFiZjM3Zjk2LWYwYzAtNDk3OC04N2Q1LWZlYzdhNzg2MGU5NlwvZGc5ZXdhbS0xNzcxZDAxMy05YmIxLTRiYzktODJmNy0zZDE0NWRiYjRjNzYucG5nIn1dXSwiYXVkIjpbInVybjpzZXJ2aWNlOmZpbGUuZG93bmxvYWQiXX0.kNkEHMmmwEAdVlKIco8-ZZkxuttRF2KT39Yot4vhXa8(works)JWT payload for both of these is exactly the same:
{ "sub": "urn:app:7e0d188982264373a5f0d415ea0d26e0", "iss": "urn:app:7e0d188982264373a5f0d415ea0d26e0", "obj": [ [ { "path": "/f/1bf37f96-f0c0-4978-87d5-fec7a7860e96/dg9ewam-1771d013-9bb1-4bc9-82f7-3d145dbb4c76.png" } ] ], "aud": [ "urn:service:file.download" ] }The text was updated successfully, but these errors were encountered: