-
Notifications
You must be signed in to change notification settings - Fork 52
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add good enough ID system #91
Comments
@bain3 Do you think it's a good idea to create an id with the concatenation of some attributes. The inconvenant is that if for example the title changes, the id will change. |
Making it from attributes is probably a bad idea... ids are not supposed to change. I thought I could reverse engineer it, but haven't done much progress. There isn't a clear structure to the changing ids. If I take the hex string as a number the first three or four bits don't change (but you can see that from the hex itself), that's what I got so far... Also I think they have something to do with the session number but that's just a guess. |
I try many things to find how the ID system work, but I didn't find anything convincing. I will try to contact the owners of the other Pronote wrapper repos to find out if they have found anything. |
Providing some feedback on this topic from what I experienced the past months.
So not a solution at all, just my findings and apparently the behavior of the school's pronote-admin person plays a big role here too |
I've made some limited progress on reverse engineering the IDs. It's not much, but I hope I'm getting somewhere. All the information I've found is in this gist: https://gist.github.com/bain3/953f377c0b96b83721c84f34d551d5d2 EDIT: So at this point we could try and implement some equality checks. They probably won't be perfect, but could be ok. We would need to store a reference object that is the same for all objects throughout all sessions. With some XOR magic we should be able to tell if they have the same id... |
Ok, after some tests it looks very promising! A month of lessons does not have any collisions, neither do all grades from a period, or the periods themselves. Now its just a matter of finding a reference object to get something with the same key. |
I am not sure about your test data and possibly it is good but... just to give you an idea (after my entry above)... |
Of course I am happy to commence testing but the school year has come to an end |
A little update: I don't remember exactly what the problem was :D but it didn't work in practice. I tried to implement a comparable object class, so all the other data classes could inherit from it. I think the equations that I came up with in the gist don't work accross object types. All in all, the solution wasn't good enough. |
My (!) problem is predominantly with lessons. I collect data in a table and require to identify unique records, i.e. which lesson was imported yesterday and how does it compare to the same lesson imported just now. |
Version 2023 completely changed the ID system. They now look something like this: |
Replace one not-good solution with another .... looks different, but isn't. My problem remains with not being able to detect which record has the 'real' value irrespectively of the ID. As in my son's school they could (!) first add the new situation, then remove the old lesson, resulting in 3 sometimes 4 records for the same slot.... or they first remobe it and then add the new one, then correct it. ...no clue what is the 'truth'. I continue to suspect this is a way to hide absentism |
Seems like the number before the Like on Those are some examples I extracted from my DevTools in the demo instance, would be interesting to know if it's the same for everyone I guess. Even though I have no idea what the characters after the |
Yes. In fact the types were there even before V2023. We just didn't notice them (well I did notice that part didn't change, but I didn't think it was a type).
I've spent most of today trying to reverse engineer the new IDs. I've looked into the server DB and it seems that they just use sequential IDs internally. I'm starting to think the new ID is somehow encrypted. Suspiciously, it is 32 bytes long, which is 2*AES block size. That would mean the paintext is longer that 16 bytes though... which is improbable (or these are two separate encrypted messages, or one part is an IV, we can never know...). I've also tried scanning the server process' memory for an ID string and the byte sequence it represents with no results. |
PRONOTE only returns its temporary object id. Since its id is temporary we cannot compare objects from different sessions. It would be great to add comparisons with this too.
The text was updated successfully, but these errors were encountered: