Compare commits
9 Commits
522a8b22f8
...
feat/all-c
| Author | SHA1 | Date | |
|---|---|---|---|
|
c74cbe5065
|
|||
| 4978d84196 | |||
|
07fade16d3
|
|||
|
666369714b
|
|||
| 122d00c8f9 | |||
|
ef10711b6e
|
|||
|
25729ce492
|
|||
| 04e7d3e0f4 | |||
| 2776d057cd |
24
README.md
24
README.md
@@ -21,15 +21,21 @@ go build -o canvasarchiver ./cmd/canvasarchiver
|
||||
./canvasarchiver
|
||||
```
|
||||
|
||||
Or for files-only mode:
|
||||
Or for files-only mode (all files flat, no videos):
|
||||
```bash
|
||||
./canvasarchiver -fo
|
||||
```
|
||||
|
||||
2. On first run, you'll be prompted to authenticate:
|
||||
- Visit the provided OAuth URL
|
||||
- Authorize the application
|
||||
- Copy the authorization code back to the terminal
|
||||
Or for videos-only mode (all Panopto videos flat, no files):
|
||||
```bash
|
||||
./canvasarchiver -vo
|
||||
```
|
||||
|
||||
2. On first run, you'll be prompted to choose an authentication method:
|
||||
- **[1] Login via browser (OAuth)**: Visit the provided URL, authorize, and paste the code
|
||||
- **[2] Use Canvas API token**: Enter a manually generated API token (e.g. `12230~...`)
|
||||
|
||||
The choice is saved and reused on subsequent runs.
|
||||
|
||||
3. Enter your Course ID when prompted (or use `-me` to download all enrolled courses)
|
||||
|
||||
@@ -38,15 +44,17 @@ go build -o canvasarchiver ./cmd/canvasarchiver
|
||||
- Module content (to `Modules/`)
|
||||
- Panopto recordings (to `Recordings/`)
|
||||
|
||||
In `-vo` mode, only videos are downloaded — all into the course root directory (no subdirectories).
|
||||
|
||||
### Flags
|
||||
|
||||
| Flag | Description |
|
||||
|------|-------------|
|
||||
| `-fo` | Files only mode - download all files to a single directory without module structure |
|
||||
| `-fo` | Files only — download all files flat into one directory; skips videos and module structure |
|
||||
| `-vo` | Videos only — scan recordings and all module video items, download everything flat into one directory; skips regular files |
|
||||
| `-me` | Download all enrolled courses |
|
||||
| `-n` | Prefix modules with order numbers `[1]`, `[2]`, etc. |
|
||||
|
||||
|
||||
## Configuration
|
||||
|
||||
The following constants can be modified in `internal/config/config.go`:
|
||||
@@ -58,7 +66,7 @@ The following constants can be modified in `internal/config/config.go`:
|
||||
|
||||
## Authentication
|
||||
|
||||
Credentials are stored in `credentials.json` after the first successful login. The refresh token is automatically used for subsequent runs.
|
||||
Credentials are stored in `credentials.json` after the first successful authentication. The chosen method is remembered for subsequent runs — OAuth refresh tokens are automatically refreshed, and API tokens are validated before saving.
|
||||
|
||||
## Notes
|
||||
|
||||
|
||||
@@ -16,20 +16,21 @@ func main() {
|
||||
filesOnly := flag.Bool("fo", false, "Files only mode - download all files to a single directory without module structure")
|
||||
videosOnly := flag.Bool("vo", false, "Videos only mode - download only Panopto videos to a single directory")
|
||||
me := flag.Bool("me", false, "Download all enrolled courses")
|
||||
all := flag.Bool("a", false, "Include concluded (old) courses when used with -me")
|
||||
moduleNumbers := flag.Bool("n", false, "Prefix modules with order numbers [1], [2], etc.")
|
||||
flag.Parse()
|
||||
|
||||
httpClient := &http.Client{}
|
||||
|
||||
authenticator := auth.NewAuthenticator(httpClient)
|
||||
accessToken, err := authenticator.GetAccessToken()
|
||||
accessToken, err := authenticator.GetToken()
|
||||
if err != nil {
|
||||
fmt.Printf("Authentication failed: %v\n", err)
|
||||
return
|
||||
}
|
||||
|
||||
if *me {
|
||||
canvasClient := canvas.NewClient(httpClient, accessToken, "", *filesOnly, *videosOnly, *moduleNumbers)
|
||||
canvasClient := canvas.NewClient(httpClient, accessToken, "", *filesOnly, *videosOnly, *moduleNumbers, *all)
|
||||
courses, err := canvasClient.GetEnrolledCourses()
|
||||
if err != nil {
|
||||
fmt.Printf("Error fetching courses: %v\n", err)
|
||||
@@ -39,7 +40,7 @@ func main() {
|
||||
fmt.Printf("[+] Found %d enrolled courses\n", len(courses))
|
||||
for _, course := range courses {
|
||||
fmt.Printf(" -> Downloading: %s (ID: %d)\n", course.Name, course.ID)
|
||||
downloadCourse(httpClient, accessToken, fmt.Sprintf("%d", course.ID), *filesOnly, *videosOnly, *moduleNumbers)
|
||||
downloadCourse(httpClient, accessToken, fmt.Sprintf("%d", course.ID), *filesOnly, *videosOnly, *moduleNumbers, *all)
|
||||
}
|
||||
return
|
||||
}
|
||||
@@ -48,11 +49,11 @@ func main() {
|
||||
fmt.Print("Enter Course ID: ")
|
||||
fmt.Scanln(&courseID)
|
||||
|
||||
downloadCourse(httpClient, accessToken, courseID, *filesOnly, *videosOnly, *moduleNumbers)
|
||||
downloadCourse(httpClient, accessToken, courseID, *filesOnly, *videosOnly, *moduleNumbers, *all)
|
||||
}
|
||||
|
||||
func downloadCourse(httpClient *http.Client, accessToken, courseID string, filesOnly, videosOnly, moduleNumbers bool) {
|
||||
canvasClient := canvas.NewClient(httpClient, accessToken, courseID, filesOnly, videosOnly, moduleNumbers)
|
||||
func downloadCourse(httpClient *http.Client, accessToken, courseID string, filesOnly, videosOnly, moduleNumbers, all bool) {
|
||||
canvasClient := canvas.NewClient(httpClient, accessToken, courseID, filesOnly, videosOnly, moduleNumbers, all)
|
||||
|
||||
if err := canvasClient.GetCourseInfo(); err != nil {
|
||||
fmt.Printf("Error: %v\n", err)
|
||||
|
||||
@@ -1,11 +1,17 @@
|
||||
package auth
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"crypto/rand"
|
||||
"crypto/sha256"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"git.directme.in/Joren/CanvasArchiver/internal/config"
|
||||
"git.directme.in/Joren/CanvasArchiver/internal/models"
|
||||
@@ -21,31 +27,38 @@ func NewAuthenticator(client *http.Client) *Authenticator {
|
||||
}
|
||||
}
|
||||
|
||||
func (a *Authenticator) GetAccessToken() (string, error) {
|
||||
func (a *Authenticator) GetToken() (string, error) {
|
||||
creds, err := LoadCredentials()
|
||||
if err == nil && creds.AuthMethod != "" {
|
||||
switch creds.AuthMethod {
|
||||
case "api":
|
||||
token := strings.TrimSpace(creds.APIToken)
|
||||
if token == "" {
|
||||
return a.promptMethod()
|
||||
}
|
||||
fmt.Print("[*] Validating saved API token... ")
|
||||
if err := a.validateAPIToken(token); err != nil {
|
||||
fmt.Println("FAILED")
|
||||
fmt.Printf("[!] %v\n", err)
|
||||
SaveCredentials(&models.Credentials{})
|
||||
return a.promptMethod()
|
||||
}
|
||||
fmt.Println("OK")
|
||||
return token, nil
|
||||
case "oauth":
|
||||
return a.refreshOrLogin()
|
||||
}
|
||||
}
|
||||
return a.promptMethod()
|
||||
}
|
||||
|
||||
func (a *Authenticator) refreshOrLogin() (string, error) {
|
||||
creds, err := LoadCredentials()
|
||||
if err != nil {
|
||||
|
||||
fmt.Println("--- Initial Canvas Login Required ---")
|
||||
fmt.Printf("Visit: %s/login/oauth2/auth?client_id=%s&response_type=code&redirect_uri=%s\n",
|
||||
config.BaseURL, config.ClientID, url.QueryEscape(config.RedirectURI))
|
||||
fmt.Print("Enter Code: ")
|
||||
var code string
|
||||
fmt.Scanln(&code)
|
||||
|
||||
tr, err := a.doTokenRequest(url.Values{
|
||||
"grant_type": {"authorization_code"},
|
||||
"client_id": {config.ClientID},
|
||||
"client_secret": {config.ClientSecret},
|
||||
"redirect_uri": {config.RedirectURI},
|
||||
"code": {code},
|
||||
})
|
||||
if err != nil {
|
||||
return "", err
|
||||
return a.login()
|
||||
}
|
||||
|
||||
SaveCredentials(&models.Credentials{RefreshToken: tr.RefreshToken})
|
||||
fmt.Println("[+] Login successful.")
|
||||
return tr.AccessToken, nil
|
||||
if strings.TrimSpace(creds.RefreshToken) == "" {
|
||||
return a.login()
|
||||
}
|
||||
|
||||
fmt.Println("[*] Reusing saved refresh token...")
|
||||
@@ -54,11 +67,111 @@ func (a *Authenticator) GetAccessToken() (string, error) {
|
||||
"client_id": {config.ClientID},
|
||||
"client_secret": {config.ClientSecret},
|
||||
"refresh_token": {creds.RefreshToken},
|
||||
"redirect_uri": {config.RedirectURI},
|
||||
})
|
||||
if err != nil {
|
||||
fmt.Printf("[!] Refresh failed: %v\n", err)
|
||||
return a.login()
|
||||
}
|
||||
fmt.Println("[+] Session refreshed.")
|
||||
return tr.AccessToken, nil
|
||||
}
|
||||
|
||||
func (a *Authenticator) promptMethod() (string, error) {
|
||||
fmt.Println("Select authentication method:")
|
||||
fmt.Println(" [1] Login via browser (OAuth)")
|
||||
fmt.Println(" [2] Use Canvas API token")
|
||||
fmt.Print("Choice (1/2): ")
|
||||
input, err := bufio.NewReader(os.Stdin).ReadString('\n')
|
||||
if err != nil && err != io.EOF {
|
||||
return "", err
|
||||
}
|
||||
switch strings.TrimSpace(input) {
|
||||
case "2":
|
||||
return a.setupAPIToken()
|
||||
default:
|
||||
return a.login()
|
||||
}
|
||||
}
|
||||
|
||||
func (a *Authenticator) setupAPIToken() (string, error) {
|
||||
fmt.Print("Enter Canvas API token: ")
|
||||
token, err := bufio.NewReader(os.Stdin).ReadString('\n')
|
||||
if err != nil && err != io.EOF {
|
||||
return "", err
|
||||
}
|
||||
token = strings.TrimSpace(token)
|
||||
if token == "" {
|
||||
return "", fmt.Errorf("empty API token")
|
||||
}
|
||||
|
||||
fmt.Print("[*] Validating API token... ")
|
||||
if err := a.validateAPIToken(token); err != nil {
|
||||
fmt.Println("FAILED")
|
||||
return "", err
|
||||
}
|
||||
fmt.Println("OK")
|
||||
|
||||
if err := SaveCredentials(&models.Credentials{
|
||||
AuthMethod: "api",
|
||||
APIToken: token,
|
||||
}); err != nil {
|
||||
return "", err
|
||||
}
|
||||
fmt.Println("[+] API token saved.")
|
||||
return token, nil
|
||||
}
|
||||
|
||||
func (a *Authenticator) validateAPIToken(token string) error {
|
||||
req, _ := http.NewRequest("GET", config.BaseURL+"/api/v1/users/self", nil)
|
||||
req.Header.Set("Authorization", "Bearer "+token)
|
||||
resp, err := a.HTTPClient.Do(req)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
if resp.StatusCode != 200 {
|
||||
body, _ := io.ReadAll(resp.Body)
|
||||
return fmt.Errorf("invalid token: %d %s", resp.StatusCode, strings.TrimSpace(string(body)))
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (a *Authenticator) login() (string, error) {
|
||||
codeVerifier, codeChallenge, err := generatePKCEPair()
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
fmt.Println("--- Initial Canvas Login Required ---")
|
||||
fmt.Printf("Visit: %s\n", buildAuthURL(codeChallenge))
|
||||
fmt.Print("Enter Code or redirect URL: ")
|
||||
input, err := bufio.NewReader(os.Stdin).ReadString('\n')
|
||||
if err != nil && err != io.EOF {
|
||||
return "", err
|
||||
}
|
||||
|
||||
code, err := extractCode(input)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
tr, err := a.doTokenRequest(url.Values{
|
||||
"grant_type": {"authorization_code"},
|
||||
"client_id": {config.ClientID},
|
||||
"client_secret": {config.ClientSecret},
|
||||
"redirect_uri": {config.RedirectURI},
|
||||
"code": {code},
|
||||
"code_verifier": {codeVerifier},
|
||||
})
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
fmt.Println("[+] Session refreshed.")
|
||||
|
||||
if err := SaveRefreshToken(tr.RefreshToken); err != nil {
|
||||
return "", err
|
||||
}
|
||||
fmt.Println("[+] Login successful.")
|
||||
return tr.AccessToken, nil
|
||||
}
|
||||
|
||||
@@ -70,17 +183,91 @@ func (a *Authenticator) doTokenRequest(v url.Values) (*models.TokenResponse, err
|
||||
defer resp.Body.Close()
|
||||
|
||||
if resp.StatusCode != 200 {
|
||||
return nil, fmt.Errorf("token request failed: %d", resp.StatusCode)
|
||||
body, _ := io.ReadAll(resp.Body)
|
||||
return nil, fmt.Errorf("token request failed: %d: %s", resp.StatusCode, string(body))
|
||||
}
|
||||
|
||||
var tr models.TokenResponse
|
||||
json.NewDecoder(resp.Body).Decode(&tr)
|
||||
if err := json.NewDecoder(resp.Body).Decode(&tr); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &tr, nil
|
||||
}
|
||||
|
||||
func SaveCredentials(creds *models.Credentials) {
|
||||
data, _ := json.MarshalIndent(creds, "", " ")
|
||||
os.WriteFile(config.CredsFile, data, 0o644)
|
||||
func buildAuthURL(codeChallenge string) string {
|
||||
u, _ := url.Parse(config.BaseURL + "/login/oauth2/auth")
|
||||
q := u.Query()
|
||||
q.Set("client_id", config.ClientID)
|
||||
q.Set("response_type", "code")
|
||||
q.Set("mobile", "1")
|
||||
q.Set("purpose", config.OAuthPurpose)
|
||||
q.Set("code_challenge", codeChallenge)
|
||||
q.Set("code_challenge_method", "S256")
|
||||
q.Set("redirect_uri", config.RedirectURI)
|
||||
if config.AuthProvider != "" {
|
||||
q.Set("authentication_provider", config.AuthProvider)
|
||||
}
|
||||
u.RawQuery = q.Encode()
|
||||
return u.String()
|
||||
}
|
||||
|
||||
func generatePKCEPair() (string, string, error) {
|
||||
randomBytes := make([]byte, 64)
|
||||
if _, err := rand.Read(randomBytes); err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
|
||||
verifier := base64.RawURLEncoding.EncodeToString(randomBytes)
|
||||
challengeBytes := sha256.Sum256([]byte(verifier))
|
||||
challenge := base64.RawURLEncoding.EncodeToString(challengeBytes[:])
|
||||
return verifier, challenge, nil
|
||||
}
|
||||
|
||||
func extractCode(input string) (string, error) {
|
||||
input = strings.TrimSpace(input)
|
||||
if input == "" {
|
||||
return "", fmt.Errorf("empty authorization code")
|
||||
}
|
||||
|
||||
for _, field := range strings.Fields(input) {
|
||||
if strings.Contains(field, "code=") {
|
||||
input = field
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
parsedURL, err := url.Parse(input)
|
||||
if err == nil {
|
||||
if code := parsedURL.Query().Get("code"); code != "" {
|
||||
return code, nil
|
||||
}
|
||||
}
|
||||
|
||||
if values, err := url.ParseQuery(input); err == nil {
|
||||
if code := values.Get("code"); code != "" {
|
||||
return code, nil
|
||||
}
|
||||
}
|
||||
|
||||
return input, nil
|
||||
}
|
||||
|
||||
func SaveCredentials(creds *models.Credentials) error {
|
||||
data, err := json.MarshalIndent(creds, "", " ")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return os.WriteFile(config.CredsFile, data, 0o644)
|
||||
}
|
||||
|
||||
func SaveRefreshToken(refreshToken string) error {
|
||||
creds, err := LoadCredentials()
|
||||
if err != nil {
|
||||
creds = &models.Credentials{}
|
||||
}
|
||||
creds.RefreshToken = refreshToken
|
||||
creds.AuthMethod = "oauth"
|
||||
return SaveCredentials(creds)
|
||||
}
|
||||
|
||||
func LoadCredentials() (*models.Credentials, error) {
|
||||
@@ -89,6 +276,8 @@ func LoadCredentials() (*models.Credentials, error) {
|
||||
return nil, err
|
||||
}
|
||||
var creds models.Credentials
|
||||
json.Unmarshal(data, &creds)
|
||||
if err := json.Unmarshal(data, &creds); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &creds, nil
|
||||
}
|
||||
|
||||
@@ -16,6 +16,13 @@ import (
|
||||
"git.directme.in/Joren/CanvasArchiver/internal/utils"
|
||||
)
|
||||
|
||||
func checkAPIResponse(resp *http.Response) error {
|
||||
if resp.StatusCode < 300 {
|
||||
return nil
|
||||
}
|
||||
return fmt.Errorf("API error: %d", resp.StatusCode)
|
||||
}
|
||||
|
||||
type Client struct {
|
||||
HTTPClient *http.Client
|
||||
AccessToken string
|
||||
@@ -24,10 +31,11 @@ type Client struct {
|
||||
FilesOnly bool
|
||||
VideosOnly bool
|
||||
ModuleNumbers bool
|
||||
All bool
|
||||
downloadedFiles map[string]bool
|
||||
}
|
||||
|
||||
func NewClient(httpClient *http.Client, accessToken, courseID string, filesOnly, videosOnly, moduleNumbers bool) *Client {
|
||||
func NewClient(httpClient *http.Client, accessToken, courseID string, filesOnly, videosOnly, moduleNumbers, all bool) *Client {
|
||||
return &Client{
|
||||
HTTPClient: httpClient,
|
||||
AccessToken: accessToken,
|
||||
@@ -35,6 +43,7 @@ func NewClient(httpClient *http.Client, accessToken, courseID string, filesOnly,
|
||||
FilesOnly: filesOnly,
|
||||
VideosOnly: videosOnly,
|
||||
ModuleNumbers: moduleNumbers,
|
||||
All: all,
|
||||
downloadedFiles: make(map[string]bool),
|
||||
}
|
||||
}
|
||||
@@ -48,6 +57,10 @@ func (c *Client) GetCourseInfo() error {
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
if err := checkAPIResponse(resp); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
var course models.Course
|
||||
json.NewDecoder(resp.Body).Decode(&course)
|
||||
|
||||
@@ -55,6 +68,11 @@ func (c *Client) GetCourseInfo() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type enrollmentResponse struct {
|
||||
CourseID int `json:"course_id"`
|
||||
EnrollmentState string `json:"enrollment_state"`
|
||||
}
|
||||
|
||||
func (c *Client) GetEnrolledCourses() ([]models.Course, error) {
|
||||
req, _ := http.NewRequest("GET", fmt.Sprintf("%s/api/v1/courses?enrollment_state=active&per_page=100", config.BaseURL), nil)
|
||||
req.Header.Set("Authorization", "Bearer "+c.AccessToken)
|
||||
@@ -64,8 +82,56 @@ func (c *Client) GetEnrolledCourses() ([]models.Course, error) {
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
if err := checkAPIResponse(resp); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
var courses []models.Course
|
||||
json.NewDecoder(resp.Body).Decode(&courses)
|
||||
|
||||
if c.All {
|
||||
completed, err := c.getCompletedCourses()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
courses = append(courses, completed...)
|
||||
}
|
||||
|
||||
return courses, nil
|
||||
}
|
||||
|
||||
func (c *Client) getCompletedCourses() ([]models.Course, error) {
|
||||
req, _ := http.NewRequest("GET", fmt.Sprintf("%s/api/v1/users/self/enrollments?state[]=completed&per_page=100", config.BaseURL), nil)
|
||||
req.Header.Set("Authorization", "Bearer "+c.AccessToken)
|
||||
resp, err := c.HTTPClient.Do(req)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
if err := checkAPIResponse(resp); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
var enrollments []enrollmentResponse
|
||||
json.NewDecoder(resp.Body).Decode(&enrollments)
|
||||
|
||||
var courses []models.Course
|
||||
for _, e := range enrollments {
|
||||
courseReq, _ := http.NewRequest("GET", fmt.Sprintf("%s/api/v1/courses/%d", config.BaseURL, e.CourseID), nil)
|
||||
courseReq.Header.Set("Authorization", "Bearer "+c.AccessToken)
|
||||
courseResp, err := c.HTTPClient.Do(courseReq)
|
||||
if err != nil {
|
||||
continue
|
||||
}
|
||||
var course models.Course
|
||||
json.NewDecoder(courseResp.Body).Decode(&course)
|
||||
courseResp.Body.Close()
|
||||
if course.ID != 0 {
|
||||
courses = append(courses, course)
|
||||
}
|
||||
}
|
||||
|
||||
return courses, nil
|
||||
}
|
||||
|
||||
|
||||
@@ -4,7 +4,9 @@ const (
|
||||
BaseURL = "https://canvas.vub.be"
|
||||
ClientID = "170000000000044"
|
||||
ClientSecret = "3sxR3NtgXRfT9KdpWGAFQygq6O9RzLN021h2lAzhHUZEeSQ5XGV41Ddi5iutwW6f"
|
||||
RedirectURI = "urn:ietf:wg:oauth:2.0:oob"
|
||||
RedirectURI = "https://sso.canvaslms.com/canvas/login"
|
||||
OAuthPurpose = "CanvasArchiver"
|
||||
AuthProvider = "microsoft"
|
||||
CredsFile = "credentials.json"
|
||||
PanoptoID = "15"
|
||||
UserAgent = "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Mobile Safari/537.36"
|
||||
|
||||
@@ -1,7 +1,9 @@
|
||||
package models
|
||||
|
||||
type Credentials struct {
|
||||
RefreshToken string `json:"refresh_token"`
|
||||
AuthMethod string `json:"auth_method,omitempty"`
|
||||
RefreshToken string `json:"refresh_token,omitempty"`
|
||||
APIToken string `json:"api_token,omitempty"`
|
||||
}
|
||||
|
||||
type TokenResponse struct {
|
||||
|
||||
@@ -377,186 +377,3 @@ func DownloadMainRecordings(httpClient *http.Client, accessToken, courseID, root
|
||||
}
|
||||
}
|
||||
|
||||
// DownloadExternalPanoptoURL authenticates via the module_item_redirect path
|
||||
// (exactly what the Canvas mobile app does for ExternalUrl items) and then
|
||||
// runs yt-dlp against the given Panopto URL with the resulting cookies.
|
||||
//
|
||||
// moduleItemURL – item.URL (https://canvas.vub.be/api/v1/.../module_item_redirect/<id>)
|
||||
// panoptoURL – item.ExternalURL (https://vub.cloud.panopto.eu/Panopto/Pages/...)
|
||||
func DownloadExternalPanoptoURL(httpClient *http.Client, accessToken, moduleItemURL, panoptoURL, modDir, title string) {
|
||||
fmt.Printf(" [dbg] moduleItemURL: %s\n", moduleItemURL)
|
||||
fmt.Printf(" [dbg] panoptoURL: %s\n", panoptoURL)
|
||||
|
||||
jar, _ := cookiejar.New(nil)
|
||||
// Manual redirect following so we can track cross-domain hops correctly.
|
||||
noRedirectClient := &http.Client{
|
||||
Jar: jar,
|
||||
CheckRedirect: func(req *http.Request, via []*http.Request) error {
|
||||
return http.ErrUseLastResponse
|
||||
},
|
||||
}
|
||||
|
||||
// Step 1: exchange the module item URL for a Canvas web session URL.
|
||||
returnTo := moduleItemURL + "?display=borderless"
|
||||
sessionTokenURL := config.BaseURL + "/login/session_token?return_to=" + url.QueryEscape(returnTo)
|
||||
fmt.Printf(" [dbg] session_token URL: %s\n", sessionTokenURL)
|
||||
bridgeReq, _ := http.NewRequest("GET", sessionTokenURL, nil)
|
||||
bridgeReq.Header.Set("Authorization", "Bearer "+accessToken)
|
||||
bridgeReq.Header.Set("User-Agent", config.UserAgent)
|
||||
bResp, err := httpClient.Do(bridgeReq)
|
||||
if err != nil {
|
||||
fmt.Printf(" [!] session_token request failed: %v\n", err)
|
||||
return
|
||||
}
|
||||
rawBody, _ := io.ReadAll(bResp.Body)
|
||||
bResp.Body.Close()
|
||||
fmt.Printf(" [dbg] session_token response (%d): %s\n", bResp.StatusCode, string(rawBody))
|
||||
|
||||
var bridgeData struct {
|
||||
SessionURL string `json:"session_url"`
|
||||
}
|
||||
json.Unmarshal(rawBody, &bridgeData)
|
||||
|
||||
if bridgeData.SessionURL == "" {
|
||||
fmt.Printf(" [!] No session_url returned (skipping %s)\n", title)
|
||||
return
|
||||
}
|
||||
fmt.Printf(" [dbg] session_url: %s\n", bridgeData.SessionURL)
|
||||
|
||||
// Step 2: GET session URL → Canvas shows OAuth2 confirm page for Panopto.
|
||||
// We follow redirects manually so cross-domain hops (canvas→panopto) work correctly.
|
||||
currentURL := bridgeData.SessionURL
|
||||
var formHTML string
|
||||
var formFinalURL string
|
||||
for hop := 0; hop < 10; hop++ {
|
||||
hopReq, _ := http.NewRequest("GET", currentURL, nil)
|
||||
hopReq.Header.Set("User-Agent", config.UserAgent)
|
||||
hopResp, err := noRedirectClient.Do(hopReq)
|
||||
if err != nil {
|
||||
fmt.Printf(" [!] Failed hop %d to %s: %v\n", hop, currentURL, err)
|
||||
return
|
||||
}
|
||||
body, _ := io.ReadAll(hopResp.Body)
|
||||
hopResp.Body.Close()
|
||||
fmt.Printf(" [dbg] hop %d: status=%d url=%s body=%d\n", hop, hopResp.StatusCode, currentURL, len(body))
|
||||
if hopResp.StatusCode == 301 || hopResp.StatusCode == 302 || hopResp.StatusCode == 303 {
|
||||
loc, _ := hopResp.Location()
|
||||
if loc == nil {
|
||||
fmt.Printf(" [!] Redirect with no Location header\n")
|
||||
return
|
||||
}
|
||||
currentURL = loc.String()
|
||||
continue
|
||||
}
|
||||
formHTML = string(body)
|
||||
formFinalURL = currentURL
|
||||
break
|
||||
}
|
||||
fmt.Printf(" [dbg] OAuth page final URL: %s, length: %d\n", formFinalURL, len(formHTML))
|
||||
|
||||
if strings.Contains(formHTML, "U hebt geen toegang") || strings.Contains(formHTML, "You do not have access") {
|
||||
fmt.Printf(" [!] Access denied. Skipping %s\n", title)
|
||||
return
|
||||
}
|
||||
|
||||
// Step 3: POST /login/oauth2/accept → Canvas redirects to Panopto Login.aspx?code=...
|
||||
// webClient follows all hops automatically, ending with Panopto setting cookies.
|
||||
action := utils.ResolveAction(formFinalURL, formHTML)
|
||||
formData := utils.ExtractFormFields(formHTML)
|
||||
fmt.Printf(" [dbg] POST action: %s\n", action)
|
||||
|
||||
postReq, _ := http.NewRequest("POST", action, strings.NewReader(formData.Encode()))
|
||||
postReq.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
||||
postReq.Header.Set("User-Agent", config.UserAgent)
|
||||
postReq.Header.Set("Origin", config.BaseURL)
|
||||
postReq.Header.Set("Referer", formFinalURL)
|
||||
postResp, err := noRedirectClient.Do(postReq)
|
||||
if err != nil {
|
||||
fmt.Printf(" [!] OAuth accept POST failed: %v\n", err)
|
||||
return
|
||||
}
|
||||
postBody, _ := io.ReadAll(postResp.Body)
|
||||
postResp.Body.Close()
|
||||
fmt.Printf(" [dbg] POST response status: %d, body len: %d\n", postResp.StatusCode, len(postBody))
|
||||
|
||||
// Now follow the redirect chain from the POST (canvas → panopto Login.aspx → CookieCheck).
|
||||
if postResp.StatusCode == 302 || postResp.StatusCode == 303 {
|
||||
currentURL2 := ""
|
||||
if loc, _ := postResp.Location(); loc != nil {
|
||||
currentURL2 = loc.String()
|
||||
}
|
||||
for hop := 0; hop < 10 && currentURL2 != ""; hop++ {
|
||||
hopReq, _ := http.NewRequest("GET", currentURL2, nil)
|
||||
hopReq.Header.Set("User-Agent", config.UserAgent)
|
||||
hopResp, err := noRedirectClient.Do(hopReq)
|
||||
if err != nil {
|
||||
fmt.Printf(" [dbg] post-redirect hop %d error: %v\n", hop, err)
|
||||
break
|
||||
}
|
||||
body2, _ := io.ReadAll(hopResp.Body)
|
||||
hopResp.Body.Close()
|
||||
fmt.Printf(" [dbg] post-redirect hop %d: status=%d url=%s body=%d\n", hop, hopResp.StatusCode, currentURL2, len(body2))
|
||||
if hopResp.StatusCode == 301 || hopResp.StatusCode == 302 || hopResp.StatusCode == 303 {
|
||||
if loc, _ := hopResp.Location(); loc != nil {
|
||||
currentURL2 = loc.String()
|
||||
continue
|
||||
}
|
||||
}
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
// noRedirectClient.Jar now holds Panopto session cookies from the CookieCheck chain.
|
||||
panoptoDomain, _ := url.Parse("https://vub.cloud.panopto.eu")
|
||||
cookies := noRedirectClient.Jar.Cookies(panoptoDomain)
|
||||
fmt.Printf(" [dbg] Panopto cookies: %d\n", len(cookies))
|
||||
for _, c := range cookies {
|
||||
fmt.Printf(" [dbg] cookie: %s=%s\n", c.Name, c.Value[:min(20, len(c.Value))])
|
||||
}
|
||||
if len(cookies) == 0 {
|
||||
fmt.Printf(" [!] No Panopto cookies after auth – falling back for: %s\n", title)
|
||||
DownloadVideo(httpClient, accessToken, "", modDir, panoptoURL, title)
|
||||
return
|
||||
}
|
||||
|
||||
cookieFile := filepath.Join(modDir, ".cookies_ext.txt")
|
||||
cData := "# Netscape HTTP Cookie File\n"
|
||||
for _, c := range cookies {
|
||||
cData += fmt.Sprintf(".vub.cloud.panopto.eu\tTRUE\t/\tTRUE\t0\t%s\t%s\n", c.Name, c.Value)
|
||||
}
|
||||
os.WriteFile(cookieFile, []byte(cData), 0o644)
|
||||
|
||||
fmt.Printf(" [*] Downloading: %s\n", title)
|
||||
|
||||
normalizedURL := normalizePanoptoURL(panoptoURL)
|
||||
isList := strings.Contains(normalizedURL, "List.aspx")
|
||||
|
||||
ytCmd := getYoutubeDLCommand()
|
||||
var args []string
|
||||
if isList {
|
||||
args = []string{
|
||||
"--cookies", cookieFile,
|
||||
"--referer", config.BaseURL + "/",
|
||||
"-P", modDir,
|
||||
"-o", utils.Sanitize(title) + "/%(title)s.%(ext)s",
|
||||
normalizedURL,
|
||||
}
|
||||
} else {
|
||||
args = []string{
|
||||
"--no-playlist",
|
||||
"--cookies", cookieFile,
|
||||
"--referer", config.BaseURL + "/",
|
||||
"-P", modDir,
|
||||
"-o", utils.Sanitize(title) + ".%(ext)s",
|
||||
normalizedURL,
|
||||
}
|
||||
}
|
||||
|
||||
cmd := exec.Command(ytCmd, args...)
|
||||
cmd.Stdout = os.Stdout
|
||||
cmd.Stderr = os.Stderr
|
||||
if err := cmd.Run(); err != nil {
|
||||
fmt.Printf(" [!] yt-dlp failed: %v\n", err)
|
||||
}
|
||||
os.Remove(cookieFile)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user