Restore original iframe-based challenge solver logic

src/duckai.ts

@@ -1,193 +1,66 @@
 import { JSDOM } from "jsdom";
 import { createHash } from "node:crypto";
+import { Buffer } from "node:buffer";
 import UserAgent from "user-agents";
 
 export class DuckAI {
-  private async solveChallenge(vqdHash: string, ua: string): Promise<string> {
-    try {
-      const jsScript = Buffer.from(vqdHash, 'base64').toString('utf-8');
-      
-      const dom = new JSDOM(`<!DOCTYPE html><html><body></body></html>`, {
-        url: "https://duckduckgo.com/",
-        referrer: "https://duckduckgo.com/",
-        runScripts: "dangerously",
-        resources: "usable"
-      });
-
-      const mockWindow = dom.window as any;
-
-      // Self-reference fixes
-      mockWindow.self = mockWindow;
-      mockWindow.parent = mockWindow;
-      mockWindow.top = mockWindow;
-
-      // IMMORTAL DOM Strategy
-      const originalGetElementById = mockWindow.document.getElementById;
-      mockWindow.document.getElementById = function(id: string) {
-          const el = originalGetElementById.call(this, id);
-          if (el) return el;
-          return mockWindow.document.createElement('div');
-      };
-
-      const originalQuerySelector = mockWindow.document.querySelector;
-      mockWindow.document.querySelector = function(selector: string) {
-          try {
-              const el = originalQuerySelector.call(this, selector);
-              if (el) return el;
-          } catch(e) {}
-          return mockWindow.document.createElement('div');
-      };
-
-      // ГЛУБОКАЯ ЭМУЛЯЦИЯ
-      Object.defineProperties(mockWindow.navigator, {
-        userAgent: { value: ua },
-        platform: { value: 'Win32' },
-        webdriver: { value: false },
-        languages: { value: ['en-US', 'en'] }
-      });
-
-      mockWindow.screen = { width: 1920, height: 1080, availWidth: 1920, availHeight: 1080 };
-      mockWindow.chrome = { runtime: {} };
-      
-      // Aggressive Patch for iframe contentDocument
-      Object.defineProperty(mockWindow.HTMLIFrameElement.prototype, 'contentDocument', {
-        get: function() { return mockWindow.document; },
-        configurable: true
-      });
-      
-      Object.defineProperty(mockWindow.HTMLIFrameElement.prototype, 'contentWindow', {
-        get: function() { return mockWindow; },
-        configurable: true
-      });
-
-      // Also keep the createElement hook just in case
-      const originalCreateElement = mockWindow.document.createElement;
-      mockWindow.document.createElement = function(tagName: string) {
-          const element = originalCreateElement.call(this, tagName);
-          if (tagName.toLowerCase() === 'iframe') {
-              try {
-                  Object.defineProperty(element, 'contentDocument', {
-                      get: () => mockWindow.document,
-                      configurable: true
-                  });
-                  Object.defineProperty(element, 'contentWindow', {
-                      get: () => mockWindow,
-                      configurable: true
-                  });
-              } catch (e) {}
-          }
-          return element;
-      };
-      
-      // Robust Canvas Mock
-      const originalGetContext = mockWindow.HTMLCanvasElement.prototype.getContext;
-      mockWindow.HTMLCanvasElement.prototype.getContext = function (type: string, options?: any) {
-        try {
-           const ctx = originalGetContext.call(this, type, options);
-           if (ctx) return ctx;
-        } catch (e) {}
-
-        return {
-          canvas: this,
-          fillRect: () => {},
-          clearRect: () => {},
-          getImageData: (x: number, y: number, w: number, h: number) => ({ 
-             data: new Uint8ClampedArray(w * h * 4), 
-             width: w, 
-             height: h 
-          }),
-          putImageData: () => {},
-          createImageData: () => ({ data: new Uint8ClampedArray(4) }),
-          setTransform: () => {},
-          drawImage: () => {},
-          save: () => {},
-          restore: () => {},
-          beginPath: () => {},
-          moveTo: () => {},
-          lineTo: () => {},
-          closePath: () => {},
-          stroke: () => {},
-          translate: () => {},
-          scale: () => {},
-          rotate: () => {},
-          arc: () => {},
-          fill: () => {},
-          measureText: () => ({ width: 0, actualBoundingBoxAscent: 0, actualBoundingBoxDescent: 0 }),
-          transform: () => {},
-          rect: () => {},
-          clip: () => {},
-          createLinearGradient: () => ({ addColorStop: () => {} }),
-          createRadialGradient: () => ({ addColorStop: () => {} }),
-          createPattern: () => ({}),
-          bezierCurveTo: () => {},
-          quadraticCurveTo: () => {},
-          fillText: () => {},
-          strokeText: () => {},
-          globalAlpha: 1,
-          globalCompositeOperation: 'source-over',
-          fillStyle: '#000000',
-          strokeStyle: '#000000',
-          lineWidth: 1,
-          lineCap: 'butt',
-          lineJoin: 'miter',
-          miterLimit: 10,
-          shadowOffsetX: 0,
-          shadowOffsetY: 0,
-          shadowBlur: 0,
-          shadowColor: 'rgba(0, 0, 0, 0)',
-          font: '10px sans-serif',
-          textAlign: 'start',
-          textBaseline: 'alphabetic'
-        };
-      } as any;
-
-      const originalToDataURL = mockWindow.HTMLCanvasElement.prototype.toDataURL;
-      mockWindow.HTMLCanvasElement.prototype.toDataURL = function(type?: string, quality?: any) {
-           try {
-               const result = originalToDataURL.call(this, type, quality);
-               if (result && result !== "data:,") return result;
-           } catch(e) {}
-           return "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg==";
-      };
-
-      // --- CONTEXT PREPARATION ---
-      // Inject everything directly into the window context to avoid scope issues
-      mockWindow.document = mockWindow.document;
-      mockWindow.window = mockWindow;
-      mockWindow.self = mockWindow;
-      mockWindow.parent = mockWindow;
-      mockWindow.top = mockWindow;
-      
-      // Immortal DOM patches (already applied above) are good.
-      
-      // Execute script directly in the window context
-      // Explicitly define globals for the script scope to prevent 'undefined' errors
-      const result = await mockWindow.eval(`
-          var window = this;
-          var document = this.document;
-          var navigator = this.navigator;
-          var screen = this.screen;
-          
-          ${jsScript}
-      `) as any;
-      
-      if (!result || !result.client_hashes) {
-        throw new Error("Script executed but returned invalid result (no client_hashes)");
+  
+  // Логика из старого рабочего кода
+  private async solveChallenge(vqdHash: string): Promise<string> {
+    const jsScript = Buffer.from(vqdHash, 'base64').toString('utf-8');
+
+    // 1. Создаем JSDOM с правильной структурой (iframe #jsa)
+    const dom = new JSDOM(
+      `<iframe id="jsa" sandbox="allow-scripts allow-same-origin" srcdoc="<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="default-src 'none'; script-src 'unsafe-inline'">
+</head>
+<body></body>
+</html>" style="position: absolute; left: -9999px; top: -9999px;"></iframe>`,
+      { 
+          runScripts: 'dangerously',
+          resources: "usable",
+          url: "https://duckduckgo.com/"
       }
-
-      result.client_hashes[0] = ua;
-      result.client_hashes = result.client_hashes.map((t: string) => {
-        const hash = createHash('sha256');
-        hash.update(t);
-        return hash.digest('base64');
-      });
-      
-      return btoa(JSON.stringify(result));
-    } catch (e: any) {
-      console.error(`[DuckAI] Challenge Solver Failed: ${e.message}`);
-      console.log("[DuckAI] Attempting fallback with original VQD...");
-      return vqdHash;
-    }
+    );
+
+    const window = dom.window as any;
+    
+    // Моки, которые нужны JSDOM, чтобы чувствовать себя браузером
+    window.screen = { width: 1920, height: 1080, availWidth: 1920, availHeight: 1080 };
+    window.chrome = { runtime: {} };
+    
+    // Глобальные переменные для eval
+    window.top.__DDG_BE_VERSION__ = 1;
+    window.top.__DDG_FE_CHAT_HASH__ = 1;
+
+    // 2. Получаем доступ к iframe и вставляем CSP (как в старом коде)
+    const jsa = window.document.querySelector('#jsa');
+    if (!jsa) throw new Error("Iframe #jsa not found in JSDOM");
+    
+    const contentDoc = jsa.contentDocument || jsa.contentWindow.document;
+    const meta = contentDoc.createElement('meta');
+    meta.setAttribute('http-equiv', 'Content-Security-Policy');
+    meta.setAttribute('content', "default-src 'none'; script-src 'unsafe-inline';");
+    contentDoc.head.appendChild(meta);
+
+    // 3. Выполняем скрипт
+    const result = await window.eval(jsScript) as any;
+
+    if (!result) throw new Error("Challenge script returned nothing");
+
+    // 4. Жестко задаем User-Agent, который проходит проверку (из старого кода)
+    // Chrome/138.0.0.0 - это фейковый будущий UA, который использует скрипт DDG
+    result.client_hashes[0] = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36';
+    
+    result.client_hashes = result.client_hashes.map((t: string) => {
+      const hash = createHash('sha256');
+      hash.update(t);
+      return hash.digest('base64');
+    });
+
+    return btoa(JSON.stringify(result));
   }
 
   getAvailableModels(): string[] {
@@ -198,16 +71,22 @@ export class DuckAI {
     ];
   }
 
-  getRateLimitStatus() {
-     return { status: "unknown" };
-  }
-
-  async chat(request: any, retries = 1): Promise<string> {
-    const ua = new UserAgent({ deviceCategory: 'desktop' }).toString();
+  async chat(request: any): Promise<string> {
+    // Используем тот же UA для запросов, что и в хеше, для консистентности
+    const userAgent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36';
+    
     const headers: any = {
-      "User-Agent": ua,
-      "Accept": "text/event-stream",
-      "x-vqd-accept": "1"
+        "User-Agent": userAgent,
+        "Accept": "text/event-stream",
+        "x-vqd-accept": "1",
+        "accept-language": "en-US,en;q=0.9",
+        "cache-control": "no-cache",
+        "pragma": "no-cache",
+        "sec-fetch-dest": "empty",
+        "sec-fetch-mode": "cors",
+        "sec-fetch-site": "same-origin",
+        // Важный хедер из старого кода!
+        "x-fe-version": "serp_20250401_100419_ET-19d438eb199b2bf7c300" 
     };
 
     try {
@@ -216,63 +95,82 @@ export class DuckAI {
         console.log(`[DuckAI] Status response: ${statusRes.status}`);
         
         const hashHeader = statusRes.headers.get("x-vqd-hash-1");
-        console.log(`[DuckAI] x-vqd-hash-1: ${hashHeader ? "FOUND" : "MISSING"}`);
         
-        if (!hashHeader) throw new Error("Missing x-vqd-hash-1 - DuckDuckGo might be blocking this IP or Challenge failed.");
+        if (!hashHeader) {
+             // Иногда DDG не выдает challenge, а сразу дает x-vqd-4 (редко, но бывает)
+             const vqd4 = statusRes.headers.get("x-vqd-4");
+             if (vqd4) {
+                 console.log("[DuckAI] No challenge, got x-vqd-4 directly.");
+                 return await this.sendChatRequest(request, vqd4, headers);
+             }
+             throw new Error("Missing x-vqd-hash-1 and x-vqd-4");
+        }
 
-        console.log("[DuckAI] Solving challenge...");
-        const solvedVqd = await this.solveChallenge(hashHeader, ua);
-        console.log("[DuckAI] Challenge solved (or fallback used).");
+        console.log("[DuckAI] Solving challenge (Old Method)...");
+        const solvedVqd = await this.solveChallenge(hashHeader);
+        console.log("[DuckAI] Challenge solved.");
 
+        // Отправляем запрос с решенной капчей
         const response = await fetch("https://duckduckgo.com/duckchat/v1/chat", {
-          method: "POST",
-          headers: { ...headers, "x-vqd-hash-1": solvedVqd, "Content-Type": "application/json" },
-          body: JSON.stringify(request)
+            method: "POST",
+            headers: { 
+                ...headers, 
+                "Content-Type": "application/json",
+                "x-vqd-hash-1": solvedVqd
+            },
+            body: JSON.stringify(request)
         });
 
-        console.log(`[DuckAI] Chat response status: ${response.status}`);
+        return await this.processResponse(response);
 
-        if (!response.ok) {
-            const errorText = await response.text();
-            
-            // Если ошибка 418 (Challenge Failed) и есть попытки - пробуем снова
-            if (response.status === 418 && retries > 0) {
-                console.log(`[DuckAI] Got 418 Error. Retrying... (${retries} attempts left)`);
-                return this.chat(request, retries - 1);
-            }
+    } catch (error: any) {
+        console.error(`[DuckAI] Error: ${error.message}`);
+        throw error; // Пробрасываем ошибку, чтобы сервер вернул 500 JSON, а не упал
+    }
+  }
 
-            console.log(`[DuckAI] Error body: ${errorText}`);
-            throw new Error(`DuckDuckGo API Error (${response.status}): ${errorText.substring(0, 100)}`);
-        }
+  // Вспомогательный метод для обработки ответа (чтобы не дублировать код)
+  private async processResponse(response: Response): Promise<string> {
+      console.log(`[DuckAI] Chat response status: ${response.status}`);
 
-        const text = await response.text();
-        
-        let llmResponse = "";
-        const lines = text.split("\n");
-        for (const line of lines) {
-          if (line.startsWith("data: ")) {
-            try {
-              const chunk = line.slice(6);
-              if (chunk === "[DONE]") break;
-              const json = JSON.parse(chunk);
-              if (json.message) llmResponse += json.message;
-            } catch (e) {}
+      if (!response.ok) {
+          const errorText = await response.text();
+          console.log(`[DuckAI] Error body: ${errorText}`);
+          if (response.status === 429) {
+               throw new Error("Rate limit exceeded (429)");
           }
+          throw new Error(`DuckDuckGo API Error (${response.status}): ${errorText.substring(0, 100)}`);
+      }
+
+      const text = await response.text();
+      let llmResponse = "";
+      const lines = text.split("\n");
+      for (const line of lines) {
+        if (line.startsWith("data: ")) {
+          try {
+            const chunk = line.slice(6);
+            if (chunk === "[DONE]") break;
+            const json = JSON.parse(chunk);
+            if (json.message) llmResponse += json.message;
+          } catch (e) {}
         }
-        
-        if (!llmResponse) {
-            console.log("[DuckAI] Warning: Empty LLM response extracted.");
-            throw new Error("Empty response from DuckDuckGo");
-        }
-        
-        return llmResponse.trim();
-    } catch (error: any) {
-        // Если была ошибка сети или другая, и есть попытки - тоже ретраим
-        if (retries > 0) {
-             console.log(`[DuckAI] Error: ${error.message}. Retrying... (${retries} attempts left)`);
-             return this.chat(request, retries - 1);
-        }
-        throw error;
-    }
+      }
+      
+      if (!llmResponse) throw new Error("Empty response from DuckDuckGo");
+      return llmResponse.trim();
+  }
+
+  // Метод для отправки запроса, если вдруг капча не нужна (на будущее)
+  private async sendChatRequest(request: any, vqd4: string, headers: any): Promise<string> {
+      const response = await fetch("https://duckduckgo.com/duckchat/v1/chat", {
+            method: "POST",
+            headers: { 
+                ...headers, 
+                "Content-Type": "application/json",
+                "x-vqd-4": vqd4
+            },
+            body: JSON.stringify(request)
+        });
+      return await this.processResponse(response);
   }
-}
+}