Add support for new x-bc value

Fixes #7

Author: M-rcus

README.md

@@ -28,7 +28,7 @@ Follow the steps on [Chrome's "Getting Started" tutorial](https://developer.chro
 - The extension may say it contains errors and then highlight a permission called "contextualIdentities": ![](https://i.marcus.pw/ss/2021-10-22_qxfIFE.png)
     - It's safe to ignore, as it's a permission meant for Firefox users, but does not affect Chrome / Brave.
 
-These steps MAY work on Microsoft Edge (the new version), but no guarantees.
+These steps MAY work on Microsoft Edge, but no guarantees.
 
 ## How to use
 
@@ -49,13 +49,29 @@ For example:
 
 ### Preview
 
-Screenshot as of extension version v1.0.3.  
+Screenshot as of extension version v1.0.3, which means it's slightly outdated.  
 A few things to note:
 - `auth_hash`, `auth_uniq_`, `email` and `password` are _typically empty_. Don't panic if they don't have any values, as it's completely normal.
 - The `username` field is by default set to "u" plus the same number as `auth_id`. It _does not_ need to be your actual OnlyFans username.
 
 ![Preview of extension](https://i.marcus.pw/ss/2021-05-20_5hI4rK.png)
 
+## Permissions
+
+Overview of permissions and why they're required.
+
+- `cookies`
+    - Values such as `auth_id` and `sess` are contained within cookies.
+    - Keep in mind that the `cookies` permission only applies for `onlyfans.com` and no other websites.
+- `clipboardWrite`
+    - To copy the `auth.json` values into your clipboard
+- `storage`
+    - This is specifically just to "synchronize" the `x_bc` value to the popup (so it can be copied).
+    - `x_bc` isn't available via the regular `cookies` permission, so we need a workaround (which utilizes the `storage` permission).
+- `contextualIdentities`
+    - On Firefox, it's used to support multi-account containers.
+    - On Chromium-based browsers (Google Chrome, Brave, Microsoft Edge etc.) it does nothing. However, it will give a warning (that you can ignore).
+
 ## LICENSE
 
 [MIT License](./LICENSE.md)

background/background.js

@@ -0,0 +1,41 @@
+const ls = chrome.storage.local;
+
+/**
+ * Helper for storing the new bcTokens object
+ */
+function storeBcTokens(bcTokens)
+{
+    ls.set({'bcTokens': bcTokens});
+}
+
+/**
+ * Retrieve the stored bcTokens object
+ * If none, return a fresh object
+ */
+async function getStoredBcTokens()
+{
+    return new Promise((resolve, reject) => {
+        ls.get(['bcTokens'], function(data) {
+            if (!data.bcTokens) {
+                storeBcTokens({});
+                resolve({});
+                return;
+            }
+
+            resolve(data.bcTokens);
+        });
+    });
+}
+
+async function handleBcToken(data)
+{
+    const { bcTokenSha, id } = data;
+
+    const bcTokens = await getStoredBcTokens();
+    bcTokens[id] = bcTokenSha;
+    storeBcTokens(bcTokens);
+
+    return true;
+}
+
+chrome.runtime.onMessage.addListener(handleBcToken);

content_scripts/bcToken.js

@@ -0,0 +1,37 @@
+async function getBcToken()
+{
+    const ls = window.localStorage;
+    if (!ls.bcTokenSha) {
+        return;
+    }
+
+    const bcToken = ls.bcTokenSha;
+
+    /**
+     * We don't have access to all cookies here, so instead we use a workaround
+     * with the few cookie values we _do_ have access to.
+     */
+    const match = document.cookie.match(/st=(\w{64})/);
+    const id = match[1];
+
+    try {
+        const message = await chrome.runtime.sendMessage({
+            bcTokenSha: bcToken,
+            id: id,
+        });
+    }
+    catch (err) {
+        console.error('Error occurred when trying to send bcToken to background script', err);
+    }
+}
+
+// Handle changes/updates to localStorage
+window.addEventListener('storage', function() {
+    const ls = window.localStorage;
+
+    if (ls.bcTokenSha) {
+        getBcToken();
+    }
+});
+
+getBcToken();

manifest.json

@@ -1,15 +1,19 @@
 {
     "manifest_version": 2,
     "name": "OnlyFans Cookie Helper",
-    "version": "2.0.1",
-    "description": "Helper extension that makes it easier to copy config.json values for the DIGITALCRIMINAL/OnlyFans software",
+    "version": "2.1.0",
+    "description": "Helper extension that makes it easier to copy config.json values for the DIGITALCRIMINALS/OnlyFans scraper",
     "icons": {
         "48": "icons/cookie.png"
     },
+    "background": {
+        "scripts": ["background/background.js"]
+    },
     "permissions": [
         "*://*.onlyfans.com/",
         "cookies",
         "clipboardWrite",
+        "storage",
         "contextualIdentities"
     ],
     "web_accessible_resources": [],
@@ -20,5 +24,11 @@
         },
         "default_title": "OnlyFans Cookie Helper",
         "default_popup": "popup/cookies.html"
-    }
+    },
+    "content_scripts": [
+        {
+            "matches": ["*://*.onlyfans.com/*", "*://*.onlyfans.com/"],
+            "js": ["content_scripts/bcToken.js"]
+        }
+    ]
 }

popup/cookies.html

@@ -23,6 +23,7 @@
 <body>
     <div>
         <code><pre id="json"></pre></code>
+        <span id="errorMessage" class="hidden red"></span>
         <br><br>
         <button id="copy-to-clipboard">Copy to clipboard</button>
     </div>

popup/cookies.js

@@ -24,6 +24,25 @@ async function copyStringToClipboard (str) {
 const containerNames = {};
 const containersEnabled = browser.contextualIdentities !== undefined;
 
+/**
+ * Get the correct bcToken from storage
+ */
+async function getBcTokenSha(id)
+{
+    return new Promise((resolve, reject) => {
+        chrome.storage.local.get(['bcTokens'], function(data) {
+            const bcTokens = data.bcTokens || {};
+
+            if (bcTokens[id]) {
+                resolve(bcTokens[id]);
+                return;
+            }
+
+            resolve(null);
+        });
+    });
+}
+
 async function getContainers()
 {
     /**
@@ -113,6 +132,7 @@ async function grabCookies(cookieStoreId) {
     const sess = mappedCookies.sess;
     const copyBtn = document.querySelector('#copy-to-clipboard');
     const jsonElement = document.querySelector('#json');
+    const errorElement = document.querySelector('#errorMessage');
 
     /**
      * If authId isn't specified, user is not logged into
@@ -125,17 +145,41 @@ async function grabCookies(cookieStoreId) {
             errorMessage = `Could not find valid cookie values in container: <strong>${containerName}</strong><br>Make sure you are logged into OnlyFans.`;
         }
 
-        jsonElement.innerHTML = errorMessage;
+        errorElement.innerHTML = errorMessage;
+        errorElement.classList.remove('hidden');
+
+        if (!copyBtn.classList.contains('hidden')) {
+            copyBtn.classList.add('hidden');
+            jsonElement.classList.add('hidden');
+        }
+
+        return;
+    }
+
+    // See `background/background.js` as to why we use `st` here
+    const st = mappedCookies.st;
+    const bcToken = await getBcTokenSha(st);
+    if (!bcToken) {
+        let errorMessage = 'Could not find valid x_bc value. Please open OnlyFans.com once and make sure it fully loads.';
+        if (containersEnabled) {
+            const containerName = containerNames[cookieStoreId] || 'Default (no container)';
+            errorMessage = `Could not find valid x_bc value. Please open OnlyFans.com once in container: <strong>${containerName}</strong><br>Make sure it fully loads. If you are not logged in, please log in and <i>refresh the page</i>.`;
+        }
+
+        errorElement.innerHTML = errorMessage;
+        errorElement.classList.remove('hidden');
+
         if (!copyBtn.classList.contains('hidden')) {
             copyBtn.classList.add('hidden');
-            jsonElement.classList.add('red');
+            jsonElement.classList.add('hidden');
         }
 
         return;
     }
 
     copyBtn.classList.remove('hidden');
-    jsonElement.classList.remove('red');
+    jsonElement.classList.remove('hidden');
+    errorElement.classList.add('hidden');
 
     /**
      * Fill out the object that OnlyFans excepts
@@ -145,6 +189,7 @@ async function grabCookies(cookieStoreId) {
         cookie: `auth_id=${authId}; sess=${sess}; auth_hash=; auth_uniq_${authId}=; auth_uid_${authId}=;`,
         // TODO: Still need to handle this better...
         user_agent: navigator.userAgent,
+        x_bc: bcToken,
         support_2fa: true,
         active: true,
         email: "",