fix: handle profile fallback after step 9 phone verification

- 合并 PR #201 的核心改动:Step 9 后置手机号验证完成后如进入资料页,复用 Step 5 姓名生日填写并继续 OAuth 同意页。
- 本地补充修复:吸收最新 dev 冲突,保留注册/登录验证码 purpose 路由,并同步根目录结构与链路文档。
- 影响范围:background phone verification flow、content signup page、Step 9 手机号验证与对应回归测试。
This commit is contained in:
QLHazyCoder
2026-05-06 01:52:12 +08:00
committed by GitHub
7 changed files with 427 additions and 22 deletions
+2
View File
@@ -10260,6 +10260,8 @@ const phoneVerificationHelpers = self.MultiPageBackgroundPhoneVerification?.crea
DEFAULT_PHONE_CODE_POLL_INTERVAL_SECONDS,
DEFAULT_PHONE_CODE_POLL_ROUNDS,
ensureStep8SignupPageReady,
generateRandomBirthday,
generateRandomName,
getOAuthFlowRemainingMs,
getOAuthFlowStepTimeoutMs,
getState,
+40 -16
View File
@@ -6,6 +6,8 @@
addLog: rawAddLog = async () => {},
ensureStep8SignupPageReady,
fetchImpl = (...args) => fetch(...args),
generateRandomBirthday,
generateRandomName,
getOAuthFlowStepTimeoutMs,
getState,
sendToContentScript,
@@ -333,13 +335,13 @@
return Math.max(500, Math.min(30000, parsed));
}
function assertFiveSimMaxPriceCompatibleWithOperator(operator, maxPriceLimit) {
const normalizedOperator = normalizeFiveSimCountryCode(operator, DEFAULT_FIVE_SIM_OPERATOR);
if (maxPriceLimit !== null && maxPriceLimit !== undefined && normalizedOperator !== DEFAULT_FIVE_SIM_OPERATOR) {
throw new Error('5sim maxPrice only works when operator is "any"; clear the price limit or switch operator to any before buying a number.');
}
}
function assertFiveSimMaxPriceCompatibleWithOperator(operator, maxPriceLimit) {
const normalizedOperator = normalizeFiveSimCountryCode(operator, DEFAULT_FIVE_SIM_OPERATOR);
if (maxPriceLimit !== null && maxPriceLimit !== undefined && normalizedOperator !== DEFAULT_FIVE_SIM_OPERATOR) {
throw new Error('5sim maxPrice only works when operator is "any"; clear the price limit or switch operator to any before buying a number.');
}
}
function normalizeHeroSmsPriceLimit(value) {
if (value === undefined || value === null || String(value).trim() === '') {
return null;
@@ -1460,19 +1462,19 @@
if (!apiKey) {
throw new Error('5sim API key is missing. Save it in the side panel before running the phone flow.');
}
const configuredMaxPrice = normalizeHeroSmsPriceLimit(state.fiveSimMaxPrice);
const operator = normalizeFiveSimCountryCode(state.fiveSimOperator, DEFAULT_FIVE_SIM_OPERATOR);
const maxPriceLimit = configuredMaxPrice !== null
? configuredMaxPrice
: normalizeHeroSmsPriceLimit(state.heroSmsMaxPrice);
assertFiveSimMaxPriceCompatibleWithOperator(operator, maxPriceLimit);
const configuredMaxPrice = normalizeHeroSmsPriceLimit(state.fiveSimMaxPrice);
const operator = normalizeFiveSimCountryCode(state.fiveSimOperator, DEFAULT_FIVE_SIM_OPERATOR);
const maxPriceLimit = configuredMaxPrice !== null
? configuredMaxPrice
: normalizeHeroSmsPriceLimit(state.heroSmsMaxPrice);
assertFiveSimMaxPriceCompatibleWithOperator(operator, maxPriceLimit);
return {
provider,
apiKey,
baseUrl: normalizeUrl(state.fiveSimBaseUrl, DEFAULT_FIVE_SIM_BASE_URL).replace(/\/+$/, ''),
operator,
operator,
product: normalizeFiveSimCountryCode(state.fiveSimProduct, DEFAULT_FIVE_SIM_PRODUCT),
maxPriceLimit,
maxPriceLimit,
countryCandidates: resolveFiveSimCountryCandidates(state),
};
}
@@ -3623,13 +3625,35 @@
async function submitPhoneVerificationCode(tabId, code) {
const visibleStep = normalizeLogStep(activePhoneVerificationLogStep) || 9;
const signupProfile = (
typeof generateRandomName === 'function'
&& typeof generateRandomBirthday === 'function'
)
? (() => {
const name = generateRandomName();
const birthday = generateRandomBirthday();
if (!name?.firstName || !name?.lastName || !birthday) {
return null;
}
return {
firstName: name.firstName,
lastName: name.lastName,
year: birthday.year,
month: birthday.month,
day: birthday.day,
};
})()
: null;
const timeoutMs = typeof getOAuthFlowStepTimeoutMs === 'function'
? await getOAuthFlowStepTimeoutMs(45000, { step: visibleStep, actionLabel: '提交手机验证码' })
: 45000;
const result = await sendToContentScriptResilient('signup-page', {
type: 'SUBMIT_PHONE_VERIFICATION_CODE',
source: 'background',
payload: { code },
payload: {
code,
...(signupProfile ? { signupProfile } : {}),
},
}, {
timeoutMs,
responseTimeoutMs: timeoutMs,
+64 -1
View File
@@ -94,7 +94,7 @@ async function handleCommand(message) {
if (message.payload?.purpose === 'login') {
return await fillVerificationCode(message.step || 8, message.payload);
}
return await phoneAuthHelpers.submitPhoneVerificationCode(message.payload);
return await submitPhoneVerificationCodeWithProfileFallback(message.payload);
case 'RESEND_PHONE_VERIFICATION_CODE':
return await phoneAuthHelpers.resendPhoneVerificationCode();
case 'RETURN_TO_ADD_PHONE':
@@ -2920,6 +2920,69 @@ const phoneAuthHelpers = self.MultiPagePhoneAuth?.createPhoneAuthHelpers?.({
},
};
async function waitForPhoneVerificationProfileCompletion(timeout = 30000) {
const start = Date.now();
while (Date.now() - start < timeout) {
throwIfStopped();
if (isStep8Ready()) {
return {
success: true,
consentReady: true,
url: location.href,
};
}
if (isAddPhonePageReady()) {
return {
returnedToAddPhone: true,
url: location.href,
};
}
await sleep(150);
}
if (isStep8Ready()) {
return {
success: true,
consentReady: true,
url: location.href,
};
}
return {
success: true,
assumed: true,
url: location.href,
};
}
async function submitPhoneVerificationCodeWithProfileFallback(payload = {}) {
const result = await phoneAuthHelpers.submitPhoneVerificationCode(payload);
if (!(isStep5Ready() || isSignupProfilePageUrl(result?.url || location.href))) {
return result;
}
const signupProfile = payload?.signupProfile || {};
if (!signupProfile.firstName || !signupProfile.lastName) {
throw new Error('手机号验证后进入资料页,但未提供步骤 5 所需的姓名数据。');
}
await step5_fillNameBirthday(signupProfile);
const nextState = await waitForPhoneVerificationProfileCompletion();
const mergedResult = {
...result,
...nextState,
profileCompleted: true,
};
if (nextState.consentReady || nextState.returnedToAddPhone) {
delete mergedResult.assumed;
}
return mergedResult;
}
function normalizeInlineText(text) {
return (text || '').replace(/\s+/g, ' ').trim();
}
+92
View File
@@ -2099,6 +2099,98 @@ test('phone verification helper completes add-phone flow, clears current activat
assert.deepStrictEqual(actions, ['getPrices', 'getNumber', 'getStatus', 'setStatus']);
});
test('phone verification helper forwards signup profile payload when submitting the phone verification code', async () => {
let currentState = {
heroSmsApiKey: 'demo-key',
verificationResendCount: 0,
currentPhoneActivation: null,
reusablePhoneActivation: null,
};
const submittedPayloads = [];
const helpers = api.createPhoneVerificationHelpers({
addLog: async () => {},
ensureStep8SignupPageReady: async () => {},
fetchImpl: async (url) => {
const parsedUrl = new URL(url);
const action = parsedUrl.searchParams.get('action');
if (action === 'getPrices') {
return {
ok: true,
text: async () => buildHeroSmsPricesPayload(),
};
}
if (action === 'getNumber') {
return {
ok: true,
text: async () => 'ACCESS_NUMBER:123456:66959916439',
};
}
if (action === 'getStatus') {
return {
ok: true,
text: async () => 'STATUS_OK:654321',
};
}
if (action === 'setStatus') {
return {
ok: true,
text: async () => 'ACCESS_ACTIVATION',
};
}
throw new Error(`Unexpected HeroSMS action: ${action}`);
},
generateRandomBirthday: () => ({ year: 2003, month: 6, day: 19 }),
generateRandomName: () => ({ firstName: 'Ada', lastName: 'Lovelace' }),
getOAuthFlowStepTimeoutMs: async (defaultTimeoutMs) => defaultTimeoutMs,
getState: async () => ({ ...currentState }),
sendToContentScriptResilient: async (_source, message) => {
if (message.type === 'SUBMIT_PHONE_NUMBER') {
return {
phoneVerificationPage: true,
url: 'https://auth.openai.com/phone-verification',
};
}
if (message.type === 'SUBMIT_PHONE_VERIFICATION_CODE') {
submittedPayloads.push(message.payload);
return {
success: true,
consentReady: true,
url: 'https://auth.openai.com/authorize',
};
}
throw new Error(`Unexpected content-script message: ${message.type}`);
},
setState: async (updates) => {
currentState = { ...currentState, ...updates };
},
sleepWithStop: async () => {},
throwIfStopped: () => {},
});
const result = await helpers.completePhoneVerificationFlow(1, {
addPhonePage: true,
phoneVerificationPage: false,
url: 'https://auth.openai.com/add-phone',
});
assert.deepStrictEqual(result, {
success: true,
consentReady: true,
url: 'https://auth.openai.com/authorize',
});
assert.deepStrictEqual(submittedPayloads, [{
code: '654321',
signupProfile: {
firstName: 'Ada',
lastName: 'Lovelace',
year: 2003,
month: 6,
day: 19,
},
}]);
});
test('phone verification helper uses the configured HeroSMS country for both number acquisition and add-phone submission', async () => {
const requests = [];
const submittedPayloads = [];
@@ -0,0 +1,222 @@
const test = require('node:test');
const assert = require('node:assert/strict');
const fs = require('node:fs');
const source = fs.readFileSync('content/signup-page.js', 'utf8');
function extractFunction(name) {
const markers = [`async function ${name}(`, `function ${name}(`];
const start = markers
.map((marker) => source.indexOf(marker))
.find((index) => index >= 0);
if (start < 0) {
throw new Error(`missing function ${name}`);
}
let parenDepth = 0;
let signatureEnded = false;
let braceStart = -1;
for (let i = start; i < source.length; i += 1) {
const ch = source[i];
if (ch === '(') {
parenDepth += 1;
} else if (ch === ')') {
parenDepth -= 1;
if (parenDepth === 0) {
signatureEnded = true;
}
} else if (ch === '{' && signatureEnded) {
braceStart = i;
break;
}
}
if (braceStart < 0) {
throw new Error(`missing body for function ${name}`);
}
let depth = 0;
let end = braceStart;
for (; end < source.length; end += 1) {
const ch = source[end];
if (ch === '{') depth += 1;
if (ch === '}') {
depth -= 1;
if (depth === 0) {
end += 1;
break;
}
}
}
return source.slice(start, end);
}
test('step 9 auto-fills profile when phone verification lands on signup profile page', async () => {
const api = new Function(`
const profilePayloads = [];
const logs = [];
let consentReady = false;
const location = {
href: 'https://auth.openai.com/create-account/profile',
};
function log(message, level = 'info') {
logs.push({ message, level });
}
function isStep5Ready() {
return !consentReady;
}
function isSignupProfilePageUrl(url = location.href) {
return /\\/create-account\\/profile(?:[/?#]|$)/i.test(String(url || ''));
}
function isStep8Ready() {
return consentReady;
}
function isAddPhonePageReady() {
return false;
}
async function sleep() {}
function throwIfStopped() {}
const phoneAuthHelpers = {
async submitPhoneVerificationCode() {
return {
success: true,
assumed: true,
url: location.href,
};
},
};
async function step5_fillNameBirthday(payload) {
profilePayloads.push(payload);
consentReady = true;
location.href = 'https://auth.openai.com/authorize';
return {
skippedPostSubmitCheck: true,
directProceedToStep6: true,
};
}
${extractFunction('waitForPhoneVerificationProfileCompletion')}
${extractFunction('submitPhoneVerificationCodeWithProfileFallback')}
return {
run(payload) {
return submitPhoneVerificationCodeWithProfileFallback(payload);
},
snapshot() {
return {
profilePayloads,
logs,
};
},
};
`)();
const result = await api.run({
code: '123456',
signupProfile: {
firstName: 'Ada',
lastName: 'Lovelace',
year: 2003,
month: 6,
day: 19,
},
});
assert.deepStrictEqual(result, {
success: true,
consentReady: true,
profileCompleted: true,
url: 'https://auth.openai.com/authorize',
});
assert.deepStrictEqual(api.snapshot().profilePayloads, [{
firstName: 'Ada',
lastName: 'Lovelace',
year: 2003,
month: 6,
day: 19,
}]);
});
test('step 9 leaves the existing consent flow untouched when no profile page appears', async () => {
const api = new Function(`
const profilePayloads = [];
const location = {
href: 'https://auth.openai.com/authorize',
};
function isStep5Ready() {
return false;
}
function isSignupProfilePageUrl(url = location.href) {
return /\\/create-account\\/profile(?:[/?#]|$)/i.test(String(url || ''));
}
function isStep8Ready() {
return true;
}
function isAddPhonePageReady() {
return false;
}
function throwIfStopped() {}
async function sleep() {}
const phoneAuthHelpers = {
async submitPhoneVerificationCode() {
return {
success: true,
consentReady: true,
url: location.href,
};
},
};
async function step5_fillNameBirthday(payload) {
profilePayloads.push(payload);
}
${extractFunction('waitForPhoneVerificationProfileCompletion')}
${extractFunction('submitPhoneVerificationCodeWithProfileFallback')}
return {
run(payload) {
return submitPhoneVerificationCodeWithProfileFallback(payload);
},
snapshot() {
return {
profilePayloads,
};
},
};
`)();
const result = await api.run({
code: '123456',
signupProfile: {
firstName: 'Ada',
lastName: 'Lovelace',
year: 2003,
month: 6,
day: 19,
},
});
assert.deepStrictEqual(result, {
success: true,
consentReady: true,
url: 'https://auth.openai.com/authorize',
});
assert.deepStrictEqual(api.snapshot().profilePayloads, []);
});
+4 -3
View File
@@ -497,9 +497,10 @@ IP 代理模块在同步、切换、Change、出口探测和自动运行成功
3. 手机号验证共享流程会按当前 sidepanel 中保存的接码平台 `phoneSmsProvider` 选择 HeroSMS 或 5sim,并使用对应平台的 API Key、国家/地区、价格上限申请或复用号码
4. 后台提交号码后,会按 `currentPhoneActivation.provider` 分发后续查码、完成、取消、ban、reuse:HeroSMS 走原 `getStatus / setStatus` 逻辑,5sim 走 `/v1/user/check|finish|cancel|ban|reuse`
5. 验证码被拒绝或长时间收不到短信时,会按平台决定重发、换号、ban/取消当前激活,必要时把自动流拉回 Step 7
6. 手机号验证完成后,继续等待 OAuth 同意页出现
7. 尝试多轮点击“继续”
8. 一旦捕获 localhost callback,写入状态并完成步骤
6. 手机号验证完成后,如果认证页偶发进入资料页,内容脚本会复用 Step 5 的姓名生日填写逻辑补齐资料,再继续等待 OAuth 同意页
7. 手机号验证和可选资料页处理完成后,继续等待 OAuth 同意页出现
8. 尝试多轮点击“继续”
9. 一旦捕获 localhost callback,写入状态并完成步骤
补充:
+3 -2
View File
@@ -54,7 +54,7 @@
- `background/message-router.js`:后台消息路由层,负责处理 `chrome.runtime.onMessage` 进入的所有业务消息;`LOG / STEP_COMPLETE / STEP_ERROR` 会把消息里的真实 `step` 继续传给结构化日志,跳过登录验证码这类派生日志也按当前步骤 key 写入;当前额外接入 PayPal 账号池的新增与切换、2925 账号池的新增、导入、切换、登录、禁用与删除消息,以及 IP 代理的同步、切换、Change 与出口检测消息;当侧栏关闭 `oauthFlowTimeoutEnabled` 时,会立即清空已存在的 OAuth 总预算 deadline。
- `background/navigation-utils.js`:导航与 URL 判断工具层,负责 callback、入口页、CPA / SUB2API / Codex2API 地址归一化、来源标签页家族判断与步骤跳转相关判断。
- `background/paypal-account-store.js`:PayPal 账号池持久化模块,负责保存账号列表、切换当前账号,并把当前选中账号同步回兼容字段 `paypalEmail / paypalPassword`
- `background/phone-verification-flow.js`:手机号验证码共享流程模块,负责复用 HeroSMS / 5sim / NexSMS 的取号、复用、轮询、重发、换号与收尾能力;既承接 OAuth 后置 `add-phone / phone-verification` 页面,也承接手机号注册 Step 4 和 Step 8 中真实出现的 `phone-verification` 页面,并保持 `signupPhone*` 运行态与 `currentPhoneActivation` 隔离;后置 add-phone 成功后会把已绑定手机号写入运行态 `phoneNumber`,供账号记录并入同一轮;该流程由调用方传入当前可见步骤号,手机号日志不会再固定显示普通模式 Step 9。
- `background/phone-verification-flow.js`:手机号验证码共享流程模块,负责复用 HeroSMS / 5sim / NexSMS 的取号、复用、轮询、重发、换号与收尾能力;既承接 OAuth 后置 `add-phone / phone-verification` 页面,也承接手机号注册 Step 4 和 Step 8 中真实出现的 `phone-verification` 页面,并保持 `signupPhone*` 运行态与 `currentPhoneActivation` 隔离;后置 add-phone 成功后会把已绑定手机号写入运行态 `phoneNumber`,供账号记录并入同一轮;提交后置手机号验证码时会一并透传可复用的资料页 payload,便于认证页偶发跳回资料页时继续补齐;该流程由调用方传入当前可见步骤号,手机号日志不会再固定显示普通模式 Step 9。
- `background/panel-bridge.js`:来源桥接层;CPA / SUB2API 继续封装页面打开、脚本注入和通信,Codex2API 则直接通过后台协议生成 OAuth 地址。
- `background/signup-flow-helpers.js`:注册页辅助层,负责打开注册入口、等待密码页以及解析当前流程所用邮箱;在 Gmail 与 `2925 + provide` 模式下会优先复用已经存在且仍兼容的完整注册邮箱,只有不兼容或为空时才重新生成;当 provider 为 2925 且启用了 provide 模式下的号池时,会先确保账号池中已选中可用账号。
- `background/tab-runtime.js`:标签页与内容脚本运行时基础设施,封装标签注册、冲突清理、消息超时、注入重试与队列;内容脚本恢复等待日志支持 `logStep / logStepKey`,用于保持 Plus 复用步骤的日志标签正确;当前等待标签完成、等待标签完成并短暂稳定、注入后的短暂延迟和内容脚本重试等待都已做 Stop 感知,避免用户停止后后台还继续等待并恢复执行。
@@ -93,7 +93,7 @@
- `content/phone-auth.js`:认证页手机号验证脚本,负责识别 `add-phone / phone-verification` 页面、选择国家、填写手机号、提交短信验证码、触发重发短信,以及把“回到 add-phone / 进入 OAuth 同意页”的结果反馈给后台。
- `content/plus-checkout.js`ChatGPT Plus checkout 页面脚本,负责读取 `/api/auth/session` 创建 Plus checkout、选择 PayPal、填写账单姓名、触发 Google 地址推荐、校验结构化地址字段并点击订阅。
- `content/qq-mail.js`:QQ 邮箱轮询脚本,负责网页邮箱验证码读取。
- `content/signup-page.js`:注册、登录、授权主内容脚本,负责 OpenAI / ChatGPT 页面上的步骤执行;其中 Step 2 / 3 的延迟点击与延迟提交在真正触发前会先检查 Stop 状态,避免停止后页面继续自动点击;当前 Step 2 同时支持邮箱注册与手机号注册入口切换、手机号国家下拉框同步校验、手机号填写与提交;Step 7 / 8 登录链路会额外识别手机号输入页、手机号登录入口、`phone-verification` 与真实 `add-email` 页面,避免把手机验证码页或添加邮箱页误判成普通邮箱登录入口。
- `content/signup-page.js`:注册、登录、授权主内容脚本,负责 OpenAI / ChatGPT 页面上的步骤执行;其中 Step 2 / 3 的延迟点击与延迟提交在真正触发前会先检查 Stop 状态,避免停止后页面继续自动点击;当前 Step 2 同时支持邮箱注册与手机号注册入口切换、手机号国家下拉框同步校验、手机号填写与提交;Step 7 / 8 登录链路会额外识别手机号输入页、手机号登录入口、`phone-verification` 与真实 `add-email` 页面,避免把手机验证码页或添加邮箱页误判成普通邮箱登录入口;Step 9 后置手机号验证完成后若偶发进入资料页,会复用 Step 5 的姓名生日填写逻辑再继续等待 OAuth 同意页
- `content/sub2api-panel.js`:SUB2API 后台内容脚本,负责获取 OAuth 地址和提交 localhost 回调;平台验证请求会读取 `visibleStep`,普通模式承接步骤 10,Plus 模式承接步骤 13。
- `content/utils.js`:内容脚本公共工具层,负责结构化日志、READY / COMPLETE / ERROR 上报、元素等待、输入与点击;内容脚本日志通过 `{ step, stepKey }` 上报,正文不再承担步骤号解析职责。
- `content/vps-panel.js`:CPA 面板内容脚本,负责获取 OAuth 地址、提交回调 URL,并基于精确成功徽标与错误态做平台验证判定;当前支持普通步骤 10 与 Plus 可见步骤 13。
@@ -256,6 +256,7 @@
- `tests/step8-retry-page-recovery.test.js`:测试 OAuth 同意页点击后的重试页恢复分支,以及手机号验证完成后会继续回到 OAuth 同意页等待,当前对应步骤 9。
- `tests/step8-state-timeout-retry.test.js`:测试认证页通信错误是否可判定为可重试,当前对应步骤 9。
- `tests/step8-stop-cleanup.test.js`:测试 OAuth 确认流程在 Stop 后能正确清理监听器与挂起状态,当前对应步骤 9。
- `tests/step9-profile-after-phone-verification.test.js`:测试 Step 9 后置手机号验证提交后若落到注册资料页,会复用 Step 5 资料填写逻辑,并覆盖未出现资料页时继续保持原 OAuth 同意页路径。
- `tests/step9-cpa-mode.test.js`:测试本地 CPA 平台回调跳过策略判断,当前作用于步骤 10。
- `tests/step9-localhost-cleanup-scope.test.js`:测试 localhost callback 与路径前缀残留页的精确清理范围,当前对应步骤 10 收尾。
- `tests/step9-status-diagnostics.test.js`:测试平台回调成功判定、红色错误态过滤,以及成功徽标与失败提示并存时的优先级,当前对应步骤 10。