ROBLOX - Login on API queries, Challenge/V1/Continue

Nxty · Mar 5, 2025

вообщем, я пытаюсь сделать логин в роблоксе через API запросы, но я столкнулся с такой проблемой, что при отправке запроса на https://apis.roblox.com/challenge/v1/continue после прохождения капчи, я получаю в ответе это: { ""status Code": 403, "statusText": "Forbidden", "errors": [ { "code": 1, "message": "an internal error occurred" } ] } Сколько бы я не пробовал что либо менять, добавлять и так далее - ничего не помогает, мб тут кто шарит?

код:
<?php

$request_body = file_get_contents('php://input');
$request_body = json_decode($request_body, true);

function get_csrf_token() {
$csrf_url = "https://www.roblox.com";
$csrf_headers = ["User-Agent: Mozilla/5.0"];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $csrf_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");

curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_HEADER, true);

curl_setopt($ch, CURLOPT_HTTPHEADER, $csrf_headers);
$csrf_response = curl_exec($ch);
curl_close($ch);

preg_match('/meta name="csrf-token" data-token="(.*?)"/', $csrf_response, $matches);
$csrf_token = $matches[1] ?? null;
return $csrf_token;
};
$csrf_token = get_csrf_token();

function continue_load($challengeId, $unifiedCaptchaId, $captchaToken, $actionType, $challengeType) {
$login_url = "https://apis.roblox.com/challenge/v1/continue";
$login_data = [
"challengeId" => $challengeId,
"challengeMetadata" => json_encode([
"unifiedCaptchaId" => $unifiedCaptchaId,
"captchaToken" => $captchaToken,
"actionType" => $actionType
]),
"challengeType" => $challengeType
];

$headers = [
"Content-Type: application/json",
"User-Agent: Mozilla/5.0",
"X-Csrf-Token: " . $csrf_token
];

$options = [
CURLOPT_URL => $login_url,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode($login_data),
CURLOPT_HTTPHEADER => $headers,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_COOKIEJAR => $cookie_string,
CURLOPT_COOKIEFILE => $cookie_string
];

$ch = curl_init();
curl_setopt_array($ch, $options);
$response = curl_exec($ch);
curl_close($ch);
return $response;
}
$login_response = continue_load($request_body['challengeId'], $request_body['unifiedCaptchaId'], $request_body['captchaToken'], "Login", "captcha");
print_r($login_response);
print_r($login_data);
?>

PHP
<?php



$request_body = file_get_contents('php://input');

$request_body = json_decode($request_body, true);



function get_csrf_token() {

    $csrf_url = "https://www.roblox.com";

    $csrf_headers = ["User-Agent: Mozilla/5.0"];

    $ch = curl_init();

    curl_setopt($ch, CURLOPT_URL, $csrf_url);

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");



    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);

    curl_setopt($ch, CURLOPT_HEADER, true);

    

    curl_setopt($ch, CURLOPT_HTTPHEADER, $csrf_headers);

    $csrf_response = curl_exec($ch);

    curl_close($ch);

    

    preg_match('/meta name="csrf-token" data-token="(.*?)"/', $csrf_response, $matches);

    $csrf_token = $matches[1] ?? null;

    return $csrf_token;

};

$csrf_token = get_csrf_token();



function continue_load($challengeId, $unifiedCaptchaId, $captchaToken, $actionType, $challengeType) {

    $login_url = "https://apis.roblox.com/challenge/v1/continue";

    $login_data = [

        "challengeId" => $challengeId,

        "challengeMetadata" => json_encode([

            "unifiedCaptchaId" => $unifiedCaptchaId,

            "captchaToken" => $captchaToken,

            "actionType" => $actionType

        ]),

        "challengeType" => $challengeType

    ];

    

    $headers = [

        "Content-Type: application/json",

        "User-Agent: Mozilla/5.0",

        "X-Csrf-Token: " . $csrf_token

    ];

    

    $options = [

        CURLOPT_URL => $login_url,

        CURLOPT_POST => true,

        CURLOPT_POSTFIELDS => json_encode($login_data),

        CURLOPT_HTTPHEADER => $headers,

        CURLOPT_RETURNTRANSFER => true,

        CURLOPT_COOKIEJAR => $cookie_string,

        CURLOPT_COOKIEFILE => $cookie_string

    ];

    

    $ch = curl_init();

    curl_setopt_array($ch, $options);

    $response = curl_exec($ch);

    curl_close($ch);

    return $response;

}

$login_response = continue_load($request_body['challengeId'], $request_body['unifiedCaptchaId'], $request_body['captchaToken'], "Login", "captcha");

print_r($login_response);

print_r($login_data);

?>

lolochek_inactive · Apr 11, 2025

попробуй заголовки поменять/добавить

Shop shop by TOSA (update 2025)

Herust casino script

STIMYLE casino script

Download Telegram Bot for Sales Proksi

Case Script for World of Tanks

Telegram script ***

Dating Bot - Telegram Bot by the type of dived with a payment system

Game bot TG

Script of a multifunctional store + payment

Fixed version of Play2x with work payment

Drill of a steep exchange. The most functional crypto exchange

Drill of a steep roulette

Wotboxs roulette script on the game World of Tanks

Looking for a script of the game Aviamasters

Solan Dreiner

Crypto Exchange Kucoin

CSGorun Script (from Diablo)

CodePlus - Code And Template Marketplace

*** Bota Script for Sales

Crypto exchanger PHP+MySQL

Site script with cs2 cases cs:go easydrop

Looking for a script leisure site

Draining old transchange script

Script Casino Kaifuli

Roulette casino site script

I merge all my scripts because they are not needed (+- 70 scripts)

Looking for a script of the audience site

Need a script of the site bublik

Looking for buying a script as libertycity / gta5-mods

Looking for a fake crypto exchange script

ROBLOX - Login on API queries, Challenge/V1/Continue