From 4784cb59c55669bcb1f23b33ec3a8071364e1216 Mon Sep 17 00:00:00 2001
From: Romain Bignon <romain@budget-insight.com>
Date: Fri, 22 Nov 2013 13:22:31 +0100
Subject: [PATCH] support new authentication system

---
 modules/societegenerale/browser.py     |  1 +
 modules/societegenerale/pages/login.py | 42 +++++++++++++++++++++++---
 2 files changed, 39 insertions(+), 4 deletions(-)

diff --git a/modules/societegenerale/browser.py b/modules/societegenerale/browser.py
index ae9ad0d9..833f6177 100644
--- a/modules/societegenerale/browser.py
+++ b/modules/societegenerale/browser.py
@@ -41,6 +41,7 @@ class SocieteGenerale(BaseBrowser):
              '.*restitution/cns_listeprestation.html':      AccountsList,
              '.*restitution/cns_listeCartes.*.html.*':      CardsList,
              '.*restitution/cns_detail.*\.html.*':          AccountHistory,
+             'https://.*.societegenerale.fr/lgn/url.html.*':AccountHistory,
             }
 
     def __init__(self, *args, **kwargs):
diff --git a/modules/societegenerale/pages/login.py b/modules/societegenerale/pages/login.py
index 8b0502ec..f27de43c 100644
--- a/modules/societegenerale/pages/login.py
+++ b/modules/societegenerale/pages/login.py
@@ -18,6 +18,7 @@
 # along with weboob. If not, see <http://www.gnu.org/licenses/>.
 
 
+from base64 import b64decode
 from logging import error
 import re
 from weboob.tools.json import json
@@ -33,6 +34,9 @@ __all__ = ['LoginPage', 'BadLoginPage']
 
 
 class LoginPage(BasePage):
+    STRANGE_KEY = ["180","149","244","125","115","058","017","071","075","119","167","040","066","083","254","151","212","245","193","224","006","068","139","054","089","083","111","208","105","235","109","030","130","226","155","245","157","044","061","233","036","101","145","103","185","017","126","142","007","192","239","140","133","250","194","222","079","178","048","184","158","158","086","160","001","114","022","158","030","210","008","067","056","026","042","113","043","169","128","051","107","112","063","240","108","003","079","059","053","127","116","084","157","203","244","031","062","012","062","093"]
+    strange_map = None
+
     def on_loaded(self):
         for td in self.document.getroot().cssselect('td.LibelleErreur'):
             if td.text is None:
@@ -41,6 +45,30 @@ class LoginPage(BasePage):
             if 'indisponible' in msg:
                 raise BrowserUnavailable(msg)
 
+    def decode_grid(self, infos):
+        grid = b64decode(infos['grid'])
+        grid = map(int, re.findall('[0-9]{3}', grid))
+        n = int(infos['nbrows']) * int(infos['nbcols'])
+
+        self.strange_map = list(grid[:n])
+        grid = list(grid[n:])
+        new_grid = list(grid)
+
+        s = n
+        u = list(infos['crypto'])
+
+        for j in xrange(s):
+            u[j] = '%02d' % ord(u[j])
+        for i in xrange(5, 0, -1):
+            for j in xrange(s):
+                new_grid[i*s+j] = '%03d' % (new_grid[i*s+j]^new_grid[(i-1)*s+j])
+        for j in xrange(s):
+            new_grid[j] = '%03d' % (new_grid[j]^int(self.STRANGE_KEY[j])^self.strange_map[j])
+        for j in xrange(s):
+            self.strange_map[j] = int(u[j])^self.strange_map[j]
+
+        return new_grid
+
     def login(self, login, password):
         DOMAIN_LOGIN = self.browser.DOMAIN_LOGIN
         DOMAIN = self.browser.DOMAIN
@@ -48,7 +76,7 @@ class LoginPage(BasePage):
         url_login = 'https://' + DOMAIN_LOGIN + '/index.html'
 
         base_url = 'https://' + DOMAIN
-        url = base_url + '//sec/vk/gen_crypto?estSession=0'
+        url = base_url + '//sec/vkm/gen_crypto?estSession=0'
         headers = {
                  'Referer': url_login
                   }
@@ -59,7 +87,9 @@ class LoginPage(BasePage):
 
         infos = json.loads(infos_data.replace("'", '"'))
 
-        url = base_url + '//sec/vk/gen_ui?modeClavier=0&cryptogramme=' + infos["crypto"]
+        infos['grid'] = self.decode_grid(infos)
+
+        url = base_url + '//sec/vkm/gen_ui?modeClavier=0&cryptogramme=' + infos["crypto"]
         img = Captcha(self.browser.openurl(url), infos)
 
         try:
@@ -72,12 +102,16 @@ class LoginPage(BasePage):
         self.browser.select_form('n2g_authentification')
         self.browser.controls.append(ClientForm.TextControl('text', 'codsec', {'value': ''}))
         self.browser.controls.append(ClientForm.TextControl('text', 'cryptocvcs', {'value': ''}))
-        self.browser.controls.append(ClientForm.TextControl('text', 'vk_op', {'value': 'auth'}))
+        self.browser.controls.append(ClientForm.TextControl('text', 'vkm_op', {'value': 'auth'}))
         self.browser.set_all_readonly(False)
 
+        pwd = img.get_codes(password[:6])
+        t = pwd.split(',')
+        newpwd = ','.join([t[self.strange_map[j]] for j in xrange(6)])
+
         self.browser['codcli'] = login.encode('iso-8859-1')
         self.browser['user_id'] = login.encode('iso-8859-1')
-        self.browser['codsec'] = img.get_codes(password[:6])
+        self.browser['codsec'] = newpwd
         self.browser['cryptocvcs'] = infos["crypto"].encode('iso-8859-1')
         self.browser.form.action = 'https://particuliers.secure.societegenerale.fr//acces/authlgn.html'
         self.browser.submit(nologin=True)