### Confirm Setup Intent Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Confirms a Setup Intent. Requires intent ID, data, log, and merchant parameters. ```javascript confirm:function(e){var t=e.id,n=e.data,r=e.log,a=e.merchantParams;return(0,i.de)("setup\_intents/".concat(t,"/confirm"),"POST",n,{log:r,key:n.key,merchantParams:a,expectedErrors:o.Lf,extraLogData:{team:"pcfp",apiMethod:"SetupIntentApi.confirm"}},{includeErrorStatus:!0})} ``` -------------------------------- ### Verify Microdeposits for Setup Intent Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Verifies microdeposits for a Setup Intent. Requires intent ID and data. ```javascript verifyMicrodeposits:function(e){var t=e.id,n=e.data;return(0,a.AT)("setup\_intents/".concat(t,"/verify\_microdeposits"),"POST",n)} ``` -------------------------------- ### Retrieve Setup Intent Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Retrieves a Setup Intent. Supports optional retries and logging. Requires intent ID and data. ```javascript retrieve:function(e){var t=e.id,n=e.data,s=e.allowRetries,u=void 0!==s&&s,c=e.log;return(0,i.de)("setup\_intents/".concat(t),"GET",n,(0,r.A)((0,r.A)({log:c,key:n.key},u&&{retries:{shouldRetry:a.st,maxAttempts:2}}),{},{expectedErrors:o.VM,extraLogData:{team:"pcfp",apiMethod:"SetupIntentApi.retrieve"}}))} ``` -------------------------------- ### Attach Link Account Session for Setup Intent Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Attaches a link account session to a Setup Intent. Requires intent ID, link account session ID, and data. ```javascript attachLinkAccountSession:function(e){var t=e.id,n=e.linkAccountSessionId,r=e.data;return(0,a.AT)("setup\_intents/".concat(t,"/link\_account_sessions/").concat(n,"/attach"),"POST",r,{includeErrorStatus:!0})} ``` -------------------------------- ### Create ACSS Session for Setup Intent Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Creates an ACSS session for a Setup Intent. Requires intent ID and data. ```javascript createAcssSession:function(e){var t=e.id,n=e.data;return(0,a.AT)("setup\_intents/".concat(t,"/acss\_sessions"),"POST",n)} ``` -------------------------------- ### Cancel Challenge for Setup Intent Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Cancels a challenge for a Setup Intent. Requires intent ID and data. ```javascript cancelChallenge:function(e){var t=e.id,n=e.data;return(0,a.AT)("setup\_intents/".concat(t,"/cancel\_challenge"),"POST",n)}}} ``` -------------------------------- ### Setup PostMessage Listener Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Sets up a global event listener for 'message' events on the window. It parses incoming messages and handles them using the `handleMessage` method. ```javascript setupPostMessageListener:function(){var e=this;window.addEventListener("message",function(){var t=(0,a.A)((0,r.A)().mark((function t(n){var a;return(0,r.A)().wrap((function(t){for(;;)switch(t.prev=t.next){case 0:return t.next=2,e.parseMessageEvent(n);case 2:(a=t.sent)&&e.handleMessage(a);case 4:case"end":return t.stop()}}),t)})));return function(e){return t.apply(this,arguments)}}())}} ``` -------------------------------- ### Get Credentials or Reject Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Retrieves credentials and throws an error if credentials are not found for the given context. ```javascript credentialsOrReject:(v=(0,a.A)((0,r.A)().mark((function e(t){var n;return(0,r.A)().wrap((function(e){for(;;)switch(e.prev=e.next){case 0:return e.next=2,this.credentials(t);case 2:if(n=e.sent){e.next=5;break}throw new d.v(t?d.O.LJS003:d.O.LJS002);case 5:return e.abrupt("return",n);case 6:case"end":return e.stop()}}),e,this)}))),function(e){return v.apply(this,arguments)})} ``` -------------------------------- ### Cancel Setup Intent Source Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Cancels the source of a Setup Intent. Requires intent ID and data. ```javascript sourceCancel:function(e){var t=e.id,n=e.data;return(0,a.AT)("setup\_intents/".concat(t,"/source\_cancel"),"POST",n)} ``` -------------------------------- ### Run GoPay Worker with Parallelism Source: https://github.com/asz798838958/abaiautoplus/blob/main/platforms/gopay-deploy/README_GOPAY_DEPLOY.md Start multiple worker instances to handle registration, balance checks, and payments concurrently. The default PIN is used. ```bash ./start_worker.bat --workers 3 --pin 147258 ``` -------------------------------- ### Fetch Customer Detail Response Source: https://github.com/asz798838958/abaiautoplus/blob/main/gopay-auto-protocol/20260602/gopay_api_flow_doc.md Response containing customer details like QR ID, blocked status, and PIN setup status. ```json { "data": { "qr_id": "061ca365-65b2-45ee-970a-14e97a2da0cb", "blocked": false, "is_pin_setup": true }, "success": true } ``` -------------------------------- ### Get Credentials Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Retrieves credentials based on an email address, handling cache lookups and returning null if not found. ```javascript credentials:(b=(0,a.A)((0,r.A)().mark((function e(t){var n,a,i;return(0,r.A)().wrap((function(e){for(;;)switch(e.prev=e.next){case 0:return e.next=2,this.awaitPendingActions();case 2:if(n=e.sent,a=n.credentialsCache,i=t?a.keys[(0,c.e0)(t)]:a.activeEmailCacheKey){e.next=7;break}return e.abrupt("return",null);case 7:return e.abrupt("return",a.credentials[i]);case 8:case"end":return e.stop()}}),e,this)}))),function(e){return b.apply(this,arguments)})} ``` -------------------------------- ### Integrating React-Specific ESLint Plugins Source: https://github.com/asz798838958/abaiautoplus/blob/main/frontend/README.md Add ESLint plugins for React and React DOM to enforce React-specific linting rules. This requires installing the plugins and extending their recommended configurations. ```javascript // eslint.config.js import reactX from 'eslint-plugin-react-x' import reactDom from 'eslint-plugin-react-dom' export default defineConfig([ globalIgnores(['dist']), { files: ['**/*.{ts,tsx}'] extends: [ // Other configs... // Enable lint rules for React reactX.configs['recommended-typescript'], // Enable lint rules for React DOM reactDom.configs.recommended, ], languageOptions: { parserOptions: { project: ['./tsconfig.node.json', './tsconfig.app.json'], tsconfigRootDir: import.meta.dirname, }, // other options... }, }, ]) ``` -------------------------------- ### Stripe.js Initialization Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Initializes the Stripe.js library with a given publishable key and options. It handles loading Stripe.js if it's not already available. ```javascript var r, a = new(0, n(61776).K7)((function(e) { r = e }))(function() { return a }), i = function(e, t) { return window.Stripe(e, t) }, s = function(e, t) { if (window.Stripe) r(i(e, t)); else { var n = document.getElementById("stripe-js"); if (!n) throw new Error("Could not find Stripe.js script"); n.addEventListener("load", (function() { window.Stripe && r(i(e, t)) })) } } ``` -------------------------------- ### Create Source Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Creates a new source. Requires data and error log. ```javascript create:function(e){var t=e.data,n=e.errorLog,r=e.merchantPar ``` -------------------------------- ### Signup (For Unregistered Users Only) Source: https://github.com/asz798838958/abaiautoplus/blob/main/gopay-auto-protocol/20260602/gopay_api_flow_doc.md Registers a new user if they do not already exist in the system. ```APIDOC ## POST https://api.gojekapi.com/v7//customers/signup ### Description Registers a new user if they do not already exist in the system. ### Method POST ### Endpoint https://api.gojekapi.com/v7//customers/signup ### Headers - **Verification-Token**: `Bearer ` - **Authorization**: `Basic YmI2NDg0MTMtYjYzNy00NDNhLThlYmYtMTc2Y2Y5YjVkYzMy` ### Request Body - **client_name** (string) - Required - The client name for the application. - **client_secret** (string) - Required - The client secret for the application. - **data.name** (string) - Required - The user's full name. - **data.phone** (string) - Required - The user's phone number. - **data.email** (string) - Required - The user's email address. - **data.signed_up_country** (string) - Required - The country code where the user signed up. - **data.onboarding_partner** (string) - Required - The onboarding partner. ### Response #### Success Response (201 Created) ``` -------------------------------- ### Get Downscoped Client Secret Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Retrieves the downscoped client secret from the credentials cache after pending actions are resolved. ```javascript getDownscopedClientSecret:function(){return this.awaitPendingActions().then((function(e){return e.credentialsCache.downscopedClientSecret}))} ``` -------------------------------- ### Signup Request Source: https://github.com/asz798838958/abaiautoplus/blob/main/gopay-auto-protocol/20260602/gopay_api_flow_doc.md Sign up a new user with their details. Requires a Verification-Token header. ```json { "client_name": "gopay:consumer:app", "client_secret": "raOUumeMRBNifqvZRFjvsgTnjAlaA9", "data": { "name": "Indra Wijaya", "phone": "6283168621957", "email": "gojektest2026@gmail.com", "signed_up_country": "62", "onboarding_partner": "gopay_consumer_app" } } ``` -------------------------------- ### Get Cached Consumer Lookup Response Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Retrieves a specific consumer lookup response from the cache using a provided key. ```javascript getCachedConsumerLookupResponse:function(e){return this.awaitPendingActions().then((function(t){return t.consumerLookupResponseCache[e]}))} ``` -------------------------------- ### GET /checkoutweb/release/weasley/20.fd2c73114dd684ebf71a.js Source: https://github.com/asz798838958/abaiautoplus/blob/main/har_entries_otp_range.txt Retrieves a JavaScript file for the PayPal checkout web interface, specifically a release version of the 'weasley' module. ```APIDOC ## GET /checkoutweb/release/weasley/20.fd2c73114dd684ebf71a.js ### Description Retrieves a JavaScript file for the PayPal checkout web interface, specifically a release version of the 'weasley' module. ### Method GET ### Endpoint https://www.paypalobjects.com/checkoutweb/release/weasley/20.fd2c73114dd684ebf71a.js ### Parameters #### Query Parameters - **qs** (string) - Optional - Query string parameters. - **op** (string) - Optional - Operation parameter. ``` -------------------------------- ### POST /graphql (SignUpNewMemberMutation) Source: https://github.com/asz798838958/abaiautoplus/blob/main/har_entries_otp_range.txt Handles the mutation for signing up a new member to the PayPal platform using GraphQL. ```APIDOC ## POST /graphql (SignUpNewMemberMutation) ### Description Handles the mutation for signing up a new member to the PayPal platform using GraphQL. ### Method POST ### Endpoint https://www.paypal.com/graphql ### Parameters #### Query Parameters - **qs** (string) - Optional - Query string parameters. Expected value: 'SignUpNewMemberMutation'. - **op** (string) - Optional - Operation parameter. Expected value: 'SignUpNewMemberMutation'. ``` -------------------------------- ### Get Downscoped Link Session Key Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Retrieves the downscoped link session key from the credentials cache after pending actions are resolved. ```javascript getDownscopedLinkSessionKey:function(){return this.awaitPendingActions().then((function(e){return e.credentialsCache.downscopedLinkSessionKey}))} ``` -------------------------------- ### GET /checkoutweb/drop Source: https://github.com/asz798838958/abaiautoplus/blob/main/har_entries_otp_range.txt Retrieves resources or assets related to the PayPal checkout web interface, potentially for dynamic loading or specific features. ```APIDOC ## GET /checkoutweb/drop ### Description Retrieves resources or assets related to the PayPal checkout web interface, potentially for dynamic loading or specific features. ### Method GET ### Endpoint https://www.paypal.com/checkoutweb/drop ### Parameters #### Query Parameters - **qs** (string) - Optional - Query string parameters. - **op** (string) - Optional - Operation parameter. ``` -------------------------------- ### Project Structure Overview Source: https://github.com/asz798838958/abaiautoplus/blob/main/README.md The directory structure of the project, outlining the purpose of key directories and files such as FastAPI entry point, Docker configurations, API routes, application services, domain models, and platform-specific plugins. ```tree . ├── main.py # FastAPI 入口 ├── Dockerfile # Docker 构建 ├── docker-compose.yml # Docker Compose 编排 ├── requirements.txt # Python 依赖 ├── api/ # HTTP 路由层(账号 / 任务 / 配置 / 代理 / 统计 …) ├── application/ # 应用服务层 │ ├── gopay_pay_chatgpt.py # GoPay 付款 ChatGPT Plus 编排器(本项目扩展) │ ├── tasks.py / task_commands.py # 任务编排与执行 │ └── ... ├── domain/ # 领域模型 ├── infrastructure/ # 仓储与运行时适配 ├── core/ # 基础能力 │ ├── base_platform.py # 平台基类 │ ├── base_mailbox.py # 邮箱服务基类 │ ├── base_captcha.py # 验证码服务基类 │ ├── base_sms.py # 接码服务基类 │ ├── registration/ # 注册流程编排(适配器 + 流程) │ ├── lifecycle.py # 账号生命周期管理 │ ├── proxy_pool.py # 代理池(静态 + 动态) │ ├── registry.py # 平台插件注册表 │ └── any2api_sync.py # Any2API 自动推送 ├── platforms/ # 平台插件层 │ ├── chatgpt/ # ChatGPT(注册 / Plus 支付 / PayPal 结账) │ ├── gopay/ # GoPay 注册 + 接码渠道(本项目扩展) │ ├── gopay-deploy/ # GoPay 协议付款核心(Gojek / Midtrans) │ └── {platform}/ # 其他平台插件 ├── providers/ # Provider 插件层(mailbox / captcha / sms / proxy) ├── services/ # 后台服务(Solver 进程管理 / 任务执行器) ├── customer_portal_api/ # C 端 / 管理端独立 API ├── electron/ # Electron 桌面端打包 ├── tests/ # 测试 └── frontend/ # React 前端 ``` -------------------------------- ### Create Consumer Wallet Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Creates a consumer's wallet using their credentials and publishable key. Requires specific credentials and publishable key. ```javascript createConsumerWallet: (h = (0, v.A)((0, g.A)().mark((function e(t) { var n, r, a; return (0, g.A)().wrap((function(e) { for (;;) switch (e.prev = e.next) { case 0: return n = t.credentials, r = t.publishable_key, a = (0, y.A)(t, w), e.abrupt("return", (0, A.AT)("crypto/internal/wallet", "POST", (0, b.A)((0, b.A)({}, a), R(n)), Y({publishableKey: r}))) case 2: case "end": return e.stop() } }), e) }))), function() { return h.apply(this, arguments) }) ``` -------------------------------- ### Get Current Locale Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Determines the current locale based on the browser's language settings, falling back to 'en' if no specific locale is found. ```javascript var r = n(22058), a = n(50871), i = function(e) { for (var t = (0, r.$)(e), n = 0; n < t.length; n++) for (var i = t[n], o = 0; o < a.TU.length; o++) if (a.TU[o] === i) return a.TU[o]; return "en" } ``` -------------------------------- ### Any2API Integration Configuration Source: https://github.com/asz798838958/abaiautoplus/blob/main/README.md Configuration for integrating with the Any2API project to automatically push newly registered accounts to a gateway. Requires setting the `any2api_url` and `any2api_password` in global configuration. ```markdown | 平台 | 推送目标 | | -------- | ------------------------- | | Kiro | `kiroAccounts` 账号池 | | Grok | `grokTokens` token 池 | | Cursor | `cursorConfig` cookie | | ChatGPT | `chatgptConfig` token | | Blink | `blinkConfig` 凭证 | | Windsurf | `windsurfAccounts` 账号池 | ``` -------------------------------- ### Fetch Payment Options Profiles Response Source: https://github.com/asz798838958/abaiautoplus/blob/main/gopay-auto-protocol/20260602/gopay_api_flow_doc.md Response detailing available payment options and their additional details. ```json { "data": [ { "type": "GOPAY_WALLET", "additional_details": { "kyc_name": "", "kyc_status": "SET_NOW", "group_id": "CGOJEK" } } ], "success": true } ``` -------------------------------- ### New Platform Plugin Directory Structure Source: https://github.com/asz798838958/abaiautoplus/blob/main/README.md The required directory and file structure for adding a new platform plugin. The `platforms/myplatform/` directory must contain `__init__.py` and `plugin.py` for the system to recognize it. ```tree platforms/myplatform/ ├── __init__.py ├── plugin.py # 平台适配层(必须) ├── protocol_mailbox.py # 协议模式注册逻辑(按需) ├── browser_register.py # 浏览器注册逻辑(按需) └── browser_oauth.py # 浏览器 OAuth 逻辑(按需) ``` -------------------------------- ### Initiate Risk-Based Two-Factor Phone Confirmation Mutation Source: https://github.com/asz798838958/abaiautoplus/blob/main/otp_bodies.txt Use this mutation to start the process of verifying a phone number via a risk-based two-factor authentication flow. It requires phone number details, locale, and a token. ```graphql { "operationName": "InitiateRiskBasedTwoFactorPhoneConfirmationMutation", "variables": { "locale": { "country": "US", "lang": "en" }, "phoneCountry": "US", "phoneNumber": "5722188973", "token": "EC-7PS427879W537435X" }, "query": "mutation InitiateRiskBasedTwoFactorPhoneConfirmationMutation($phoneNumber: String!, $locale: LocaleInput!, $phoneCountry: CountryCodes!, $token: String!) {\n initiateRiskBasedTwoFactorPhoneConfirmation(\n locale: $locale\n phoneCountry: $phoneCountry\n phoneNumber: $phoneNumber\n token: $token\n ) {\n authId\n challengeId\n state\n __typename\n }\n}" } ``` -------------------------------- ### Create Consumer Wallet Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Creates a new consumer wallet. Handles session expiry and requires credentials and a publishable key. ```javascript createConsumerWallet:(I=(0,o.A)((0,i.A)().mark((function e(t){return(0,i.A)().wrap((function(e){for(;;)switch(e.prev=e.next){case 0:return e.abrupt("return",ne.retryOnConsumerSessionExpiry((0,o.A)((0,i.A)().mark((function e(){return(0,i.A)().wrap((function(e){for(;;)switch(e.prev=e.next){case 0:return e.t0=v.Z,e.t1=c.A,e.t2=(0,c.A)({},t),e.t3={},e.next=6,ne.credentialsOrReject();case 6:return e.t4=e.sent,e.next=9,ne.consumerPublishableKeyOrReject();case 9:return e.t5=e.sent,e.t6={credentials:e.t4,publishable_key:e.t5},e.t7=(0,e.t1)(e.t2,e.t3,e.t6),e.abrupt("return",e.t0.createConsumerWallet.call(e.t0,e.t7));case 13:case"end":return e.stop()}}),e)})))));case 1:case"end":return e.stop()}}),e)}))),function(e){return I.apply(this,arguments}), ``` -------------------------------- ### Main Function for Gopay Rebinding Source: https://github.com/asz798838958/abaiautoplus/blob/main/gopay-auto-protocol/20260602/gopay换绑.txt The main execution flow for rebinding a Gopay account. It initializes clients, purchases a virtual number, updates the profile, verifies the OTP, and confirms the transaction. Ensure 'latest_token.txt' and '_gopay_state.json' exist. ```python def main(): token_file = HERE / "latest_token.txt" if not token_file.exists(): print("[-] 找不到 latest_token.txt") return token = token_file.read_text(encoding="utf-8").strip() state_file = HERE / "_gopay_state.json" if not state_file.exists(): print("[-] 找不到 _gopay_state.json") return state = json.loads(state_file.read_text(encoding="utf-8")) client = GojekClient( d1=state["d1"], model=state["model"], uniqueid=state["uniqueid"], xm1=state["xm1_template"], phone_make=state["phone_make"], os_info=state["os_info"], version="5.60.1", appid="com.gojek.app", user_uuid=state.get("user_uuid", ""), session_id=state["session_id"], device_token=state.get("device_token", ""), access_token=token, ) print("[*] 检查当前账号 Profile 状态...") r_prof = client.get_user_profile() if r_prof["status"] != 200: print(f"[-] Profile 状态检查失败: {r_prof['status']}") print(r_prof["body"]) return print(f"[+] 当前账户封禁状态: {r_prof['body'].get('data', {}).get('blocked')}") # 1. 初始化 HeroSMS 并检查余额 print("\n[*] 初始化 HeroSMS ...") sms = HeroSMS(HEROSMS_API_KEY) bal = sms.balance() print(f"[+] HeroSMS 余额: {bal.get('balance', bal.get('raw'))}") # 2. 租用泰国号码 (国家代码 52, 服务 ni) print("[*] 正在购买泰国虚拟手机号...") try: order = sms.buy(service="ni", country=52) except Exception as e: print(f"[-] 购买手机号失败: {e}") return order_id = order["id"] new_phone_raw = order["phoneNumber"] # 格式化手机号 (带 + 前缀) new_phone = new_phone_raw if new_phone_raw.startswith("+") else f"{new_phone_raw}" print(f"[+] 购买成功! 泰国号码: {new_phone} (订单ID: {order_id})") # 3. 发起个人资料修改请求 pin = "303384" # 用户当前 PIN email = "gopay_test_user_released@gmail.com" body = { "phone": new_phone, "signed_up_country": "ID", "email": email } extra_headers = {"pin": pin} print(f"\n[*] 正在提交修改手机号请求到 GoPay 服务器...") print(f" 目标手机号: {new_phone}") r_update = gojek_api_patch(client, "/v5/customers", body, extra_headers) if r_update["status"] != 200: print(f"[-] 提交修改请求失败 (HTTP {r_update['status']})") print(json.dumps(r_update["body"], indent=2, ensure_ascii=False)) print("[*] 正在取消 HeroSMS 订单...") sms.cancel(order_id) return otp_token = r_update["body"].get("data", {}).get("otp_token") if not otp_token: print("[-] 未在响应中获取到 otp_token") print(r_update["body"]) print("[*] 正在取消 HeroSMS 订单...") sms.cancel(order_id) return print(f"[+] 提交成功! 获取到 OTP Token: {otp_token}") print("[*] 开始轮询 HeroSMS 等待 4 位验证码短信 (最多等待 3 分钟)...") # 4. 轮询验证码 try: otp_code, _ = sms.poll_code(order_id, timeout=180, interval=5) print(f"[+] 成功捕获到验证码: {otp_code}") except Exception as e: print(f"[-] 轮询验证码超时或失败: {e}") print("[*] 正在取消 HeroSMS 订单...") sms.cancel(order_id) return # 5. 提交验证码 print("\n[*] 正在提交验证码进行确认...") v_body = { "otp": otp_code, "otp_token": otp_token } r_verify = client._gojek_api_post("/v5/customers/verificationUpdateProfile", v_body) if r_verify["status"] == 200: print("\n" + "=" * 60) print("🎉 恭喜!手机号改绑并释放成功!") print(f" 旧手机号已释放。") print(f" 新绑定手机号: {new_phone}") print("=" * 60) # 确认 HeroSMS 订单 sms.finish(order_id) # 备份并清空本地已失效的 state/token,以备重新注册 if token_file.exists(): token_file.unlink() print("[*] 已清理旧的 Token 文件,现在可以安全注册主号了。") else: print(f"[-] 验证码提交失败 (HTTP {r_verify['status']})") print(r_verify["body"]) print("[*] 正在取消 HeroSMS 订单...") sms.cancel(order_id) if __name__ == "__main__": main() ``` -------------------------------- ### GoPay Unlink HTTP 403 Forbidden Response Source: https://github.com/asz798838958/abaiautoplus/blob/main/gopay-auto-protocol/20260603/unlink/ssl_dump_http.txt This is an example of an HTTP 403 Forbidden response received during the GoPay unlink process. It indicates an access issue and includes various headers related to rate limiting and request tracing. ```http HTTP/1.1 403 Forbidden Date: Wed, 03 Jun 2026 01:05:48 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive X-RateLimit-Remaining-Second: 398 X-RateLimit-Limit-Second: 400 RateLimit-Limit: 400 RateLimit-Remaining: 398 RateLimit-Reset: 1 content-encoding: gzip vary: Accept-Encoding server: istio-envoy service-request-id: f272a00c-4686-4071-b62e-e111c8312263 request-id: 566f41a5-9c0d-4b72-abb6-8367deae48fe transaction-id: 6439b94f-b3ab-4151-994c-11ca5e0f591e x-envoy-upstream-service-time: 1439 x-tencent: true X-Kong-Upstream-Latency: 1449 X-Kong-Proxy-Latency: 0 3ca � TTێ�8 |߯h�ܴ� �+ � n�jdq1`b0 ���� fF��7W�T�e��O& h�,>� &A�)( �H�, B+� ���� f����q� ̏w� k��(��� �� ?�ciƱ���Y1�CV�∍� �M����d� � Pr�� ����� �H� � � 5��� ]� 1 m�+�>� w> P��=� 9A ;#��olm�ݡ�>> 4�� G �� �_Wnb� QO�s��Z+&��'x� P �4) ��� L�岜M��F�E.��֢sZ��8��q��:�;ʡ���kW@�n �ݠ�Gt^ ڒ�Gw� �Q��M��sy%eĆ%�� ��� ����g_Ϋ��c �yg��i Q��z5~�k ���ٞ]�M/�EWԛ�Ut�])H(i�v��D|K ^�w ;o͛(�Nb�֫�m#ߚ�й@E̖�i�=ٳ���ա �̜w*/wk� �����W�H�N W��o� ����f�u��� - �� ��� S��+�� �~���" i �=Ji�5E���d�:�Y�Đ���=Ep)����`������ � �* � ��� i��v�S�n&n� 7K���02"�wHmyr<��L�W/ð �@[zj5��>_�[�y���Z =LA �$�K��5�Aײ��P�D"ׇ_9�'=�<������b�V�1� ���&~ ˛PxV7���i T�n �pAD `b� ]��[&���Љ ��go֨[� �]�R��Vl$ B�A' ׷a�w4Y���U�-g�� ����E� �b_� >�E�6�IJ f:�E5�� ���3�8�U�Ъ ���V$8F ��C?%8H���I iP �Q�B �E � �3�n c �'� �H[Rf��3 ��: �����Ũ �wT��i��醨����i X �WC ��53��u ,`]�z�#�LD�:hi��E/J8�l � N� 鸿%u�� �o5|����oc��XܼQ� �M7�A� e ư t� �"���a�~|�� �� ] ψ� ``` -------------------------------- ### List Payment Methods Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Lists available payment methods. Requires ephemeral key and optional Stripe version. ```javascript list:function(e){var t=e.ephemeralKey,n=e.stripeVersion,i=e.data;return(0,a.AT)("payment\_methods","GET",i,{headers:(0,r.A)((0,r.A)({},n&&{"Stripe-Version":n}),{},{Authorization:"Bearer ".concat(t)})})} ``` -------------------------------- ### Handle Action - Store Credentials Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Stores consumer credentials and related information into the cache. Optionally activates the session and prevents overwriting existing credentials. ```javascript storeCredentials:f=t.payload,h=f.consumerInfo,_=f.activate,g=f.disableOverwrite,y={consumerSessionClientSecret:h.consumer_session.client_secret,consumerPublishableKey:h.publishable_key,emailAddress:h.consumer_session.email_address},v=(0,c.e0)(y.emailAddress),b=null!==(l=i.keys[v])&&void 0!==l?(0,c.s1)():l,(p=i.keys)[v]||(p[v]=b),g&&i.credentials[b]||(i.credentials[b]=y),_&&(i.activeEmailCacheKey=b) ``` -------------------------------- ### Handle Action - Set Link Session Key Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Sets the link session key in the credentials cache. ```javascript setLinkSessionKey:i.linkSessionKey=t.payload.key ``` -------------------------------- ### Create Payment Method Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Creates a new payment method. Requires data, log, and merchant parameters. ```javascript create:function(e){var t=e.data,n=e.log,r=e.merchantParams;return(0,i.de)("payment\_methods","POST",t,{log:n,key:t.key,merchantParams:r,extraLogData:{team:"pcfp",apiMethod:"PaymentMethodApi.create"},expectedErrors:o.Qk})} ``` -------------------------------- ### Check Login Methods Response Source: https://github.com/asz798838958/abaiautoplus/blob/main/gopay-auto-protocol/20260602/gopay_api_flow_doc.md Response indicating the allowed authentication methods. ```json { "data": { "allowed_methods": ["otp_wa", "otp_sms", "goto_pin"] }, "success": true } ``` -------------------------------- ### POST /graphql (InitiateRiskBasedTwoFactorPhoneConfirmationMutation) Source: https://github.com/asz798838958/abaiautoplus/blob/main/har_entries_otp_range.txt Initiates a risk-based two-factor phone confirmation process using GraphQL. This mutation is part of a security flow. ```APIDOC ## POST /graphql (InitiateRiskBasedTwoFactorPhoneConfirmationMutation) ### Description Initiates a risk-based two-factor phone confirmation process using GraphQL. This mutation is part of a security flow. ### Method POST ### Endpoint https://www.paypal.com/graphql ### Parameters #### Query Parameters - **qs** (string) - Optional - Query string parameters. Expected value: 'InitiateRiskBasedTwoFactorPhoneConfirmationMutation'. - **op** (string) - Optional - Operation parameter. Expected value: 'InitiateRiskBasedTwoFactorPhoneConfirmationMutation'. ``` -------------------------------- ### Fetch Customer Detail Source: https://github.com/asz798838958/abaiautoplus/blob/main/gopay-auto-protocol/20260602/gopay_api_flow_doc.md Retrieves the detailed information of the logged-in customer. ```APIDOC ## GET https://api.gojekapi.com/gojek/v2/customer ### Description Retrieves the detailed information of the logged-in customer. ### Method GET ### Endpoint https://api.gojekapi.com/gojek/v2/customer ### Response #### Success Response (200) - **data.qr_id** (string) - The customer's QR ID. - **data.blocked** (boolean) - Indicates if the customer account is blocked. - **data.is_pin_setup** (boolean) - Indicates if the PIN is set up. - **success** (boolean) - Indicates if the request was successful. ``` -------------------------------- ### Attempt Login Using Link Auth Token Success Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Logs a successful attempt to log in using a link auth token and returns consumer information and a request ID. Handles potential internal errors during the process. ```javascript 9:return m.exists&&m.auth_session_client_secret&&this.sharedSessionManager.actions.setAuthSessionClientSecret({secret:m.auth_session_client_secret,options:{onlySessionStorage:!0}}),this.sharedSessionManager.actions.activateSession(_.consumer_session.email_address),this.logger.log(E.V.AttemptLogInUsingLinkAuthTokenSuccess),e.abrupt("return",{consumerInfo:F(_),requestId:h});case 25:return e.prev=25,e.t0=e.catch(1),this.logger.log(E.V.InternalError,{method:"attemptLogInUsingLinkAuthToken",message:e.t0 instanceof Error?e.t0.message:"Unknown error"}),e.abrupt("return",{});case 29:case"end":return e.stop()}}),e,this,[[\[1,25\]\]])} ``` -------------------------------- ### Browser Storage Strategy Initialization Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Initializes browser storage strategies including session storage, local storage, and HTTP cookies based on payment type and conditions. Used for managing payment-related data. ```javascript t.push(this.browserStorageStrategy.sessionStorage()),t.push(this.browserStorageStrategy.localStorage()),g.D4||g.Yw||t.push(this.browserStorageStrategy.httpCookie({domains:[d.LM.MerchantUiApi]})));break;case l.FM.CryptoPayins:case l.FM.CryptoOnramp:if(!(0,v.qZ)(e))break;t.push(this.browserStorageStrategy.sessionStorage()),t.push(this.browserStorageStrategy.localStorage());break;case l.FM.PaymentElement:case l.FM.LinkAuthenticationElement:break;default:throw(0,w.Dp)(this.requestSurface),new f.v(f.O.LJS001)}return t}}"}),e}() ``` -------------------------------- ### Preloading and Logging Authentication Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Fetches the authentication session client secret and logs its lifetime if it's not empty. This is useful for ensuring authentication data is readily available and tracked. ```javascript key:"preloadAndLogAuth",value:function(){var e=this;this.sharedSessionManager.getAuthSessionClientSecret().then((function(t){t.value.isEmpty()||e.logger.log(E.V.HasAuth,{lifetime:t.lifetime})}))} ``` -------------------------------- ### DOM Ready Utility Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Ensures that a callback function is executed only after the DOM is fully loaded and the document body is available. It handles different browser events for DOM readiness. ```javascript var r=new(0,n(61776).K7)((function(e){if(document.body)e();else{document.addEventListener("DOMContentLoaded",(function(){document.body&&e()})),window.addEventListener("load",(function(){document.body&&e()}));var t=1,n=setInterval((function(){(document.body||t>=600)&&(clearInterval(n),e()),t++}),100)}})),a=function(){return r.then((function(){return document.body}))} ``` -------------------------------- ### Base Logger with Custom Transports Source: https://github.com/asz798838958/abaiautoplus/blob/main/_gopay_capture/20260602_155534/017_160144_app.midtrans.com_snap_v4_redirection_2ad2fb75-7944-41d5-924d.html Initializes a base logger with a default prefix derived from the environment. It can be configured with custom transports, such as a specific logging schema, and supports updating parameters. ```javascript d=function(){function e(t){(0,r.A)(this,e),this.baseLogger=(0,i.h)();var n=(0,u.EN)(t);if(this.baseLogger.setDefaultPrefix(n),t===c.FM.Checkout&&!(0,s.qZ)(window.location.origin)){var a=Math.random()1?t-1:0),r=1;r