Last active
May 14, 2025 07:41
-
-
Save dvygolov/072ea035f63dda0247329461a3e79eab to your computer and use it in GitHub Desktop.
Revisions
-
dvygolov revised this gist
May 14, 2025 . No changes.There are no files selected for viewing
-
Dec 9, 2024 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,131 @@ async function privateApiRequest(variables, docId) { let subDomain = getSubDomain(); let graphUrl = `https://${subDomain}.facebook.com/api/graphql/`; let lsd = require("LSD").token; let dtsg = require("DTSGInitialData").token; let uid = require("CurrentUserInitialData").USER_ID; let body = { av: uid, __user: uid, __a: 1, fb_dtsg: dtsg, lsd: lsd, variables: JSON.stringify(variables), server_timestamps: true, doc_id: docId }; let headers = { "accept": "*/*", "accept-language": "en-US,en;q=0.9", "content-type": "application/x-www-form-urlencoded", "sec-fetch-dest": "empty", "sec-fetch-mode": "cors", "sec-fetch-site": "same-origin", "x-fb-lsd": lsd }; let f = await fetch(graphUrl, { headers: headers, body: new URLSearchParams(body).toString(), method: "POST", mode: "cors", credentials: "include" }); let t = await f.text(); if (t.startsWith("for (;;);")) t = t.substring(9); return JSON.parse(t); } function getSubDomain() { let curUrl = window.location.href; let subDomain = curUrl.includes("/business.") ? "business" : (curUrl.includes("/adsmanager.") ? "adsmanager" : "www"); return subDomain; } // Main verification flow async function verifyEmail() { console.log("Starting BM email verification process..."); // Get email from user let email = prompt("Please enter the email address to verify:"); if (!email) { alert("Email is required!"); return; } let bmId = require("BizSiteIdentifier.brands").getBusinessID(); console.log("Current BM Id: "+bmId); console.log("Getting org_id..."); let variables = {businessID:bmId}; let response = await privateApiRequest(variables, 8485318004815564); let orgId = response.data.user_session_data.review_id; console.log("Org Id: "+orgId); variables = { input:{ authenticatable_entity_id:orgId, xfac_config:"XFAC_BUSINESS_VERIFICATION_STANDALONE_EMAIL", xfac_appeal_type:"BUSINESS_VERIFICATION_STANDALONE_EMAIL", business_verification_design_system:"GEODESIC", business_verification_ui_type:"BUSINESS_MANAGER_COMET", trigger_event_type:"XFAC_BV_ENTRY", nt_context:null, trigger_session_id:"e03ca500-08c7-4d73-bc37-cd2be24c7f5b" }, scale:1 }; response = await privateApiRequest(variables, 8512995255478472); let state = response.data.ixt_xfac_bv_trigger.screen.view_model.content_renderer.serialized_state; console.log("Serialized state:", state); let uid = require("CurrentUserInitialData").USER_ID; variables = { input:{ advertiser_authenticity_email_challenge:{ email_address:email, org_id:orgId, serialized_state:state, website:"" }, actor_id:uid, client_mutation_id:"1" }, scale:1} console.log("Sending code to email..."); response = await privateApiRequest(variables, 28796170436648428); console.log("Send code to email response:", response); state = response.data.ixt_screen_next.view_model.serialized_state; console.log("Serialized state:", state); let code = prompt("Please enter the code from your email:"); if (!code) { alert("Code is required!"); return; } console.log(`Verifying code ${code}...`); variables = { input:{ advertiser_authenticity_enter_email_code:{ check_id:null, code:code, serialized_state:state }, actor_id:uid, client_mutation_id:"2" }, scale:1 }; response = await privateApiRequest(variables, 28796170436648428); console.log("Verification response:", response); alert('All DONE!'); window.location.reload(); } await verifyEmail();