Update #2: This application now has an official software product page with all the links for download, usage and source code.
If you just want to download the program and run it, scroll down the Download section below. Thanks!
A few weeks ago we wrote about Mayank Lahiri’s working FourSquare checkin hack that allowed you to check in from anywhere provided you had the Venue ID and GPS coordinates for the place you were trying to check into. Mayank’s hack was his own brain child (and he deserves all the credit for the idea and working implementation) that came to him while toying with the FourSquare API and realizing how flaky the security on the API was.
Mayank’s original implementation was done with 9 lines of Perl, but since then a few other people have submitted Ruby and revised Perl implementations to him.
For what it’s worth, I implemented this solely out of curiosity and just wanted to hack together something quick and somewhat polished. I don’t hate FourSquare or think gaming checkins for free perks at your favorite resturaunt is alright. Just wanted to clear that up.
What About a Nice GUI?
When I first read that story, I immediately did what any good hacker would do… sat down and tried to re-implement it in my programming language of choice (Java) and wrap a GUI around the whole thing. Unfortunately I couldn’t seem to get my requests to auth against the FourSquare API and kept getting back HTTP 401 error codes. I put the project down for a few weeks and only today after Mayank shared some clarifying implementation details with us did I decide to dig back in and figure out what was going on.
First thing I did was install Wireshark so I could watch the actual packet contents of my outgoing POST to the FourSquare API:
You can’t see it here (the censored part) but once I expanded the Authorization block to view the Credentials values, the password that is Base 64 encoded in that string was totally wrong; this gets chalked up to me doing something dumb with JPasswordField.getPassword().toString() and not remembering exactly what I was actually to-stringing.
After fixing that snaffu and tightening up some other code, everything started working and I checked into the Cracker Barrel down the street a few times for good measure:
After I had that working I decided to do up a quick UI in NetBeans to make everything a bit nicer to use. I actually mocked the UI up twice… once in IntelliJ which was a painfully abysmal process and then a second time in NetBeans. This is what I came up with:
It would be trivial to take this and make a webapp out of it, I may do that and add it to our AJAX Tools Suite at some point. If *you* want to do it, the source code is available at the bottom of this post, but it is GPL’ed so please repsect that.
In the mean time, here is an OK-looking desktop app for your use in becoming mayors of everything
You can read more details about how to find the Venue ID, Latitude and Longitude of the places you want to check in to from our previous post where we analyzed Mayank’s implementation. I also put tooltips on the “?” icons so if you hover over those it will tell you.
For Quick Reference:
- Venue ID: You can find this by opening the page on FourSquare.com for the venue you want to check into, then looking at the URL in your browser (e.g. http://foursquare.com/venue/120178). That last integer after the “venue/” part is the Venue ID. Just copy and paste it.
- Latitude & Longitude: Get the exact address off of FourSquare.com for your venue and paste it into Google Maps. When the venue is centered, copy the link address for the Link link (linkity link link!) on the far right top of the Google Map (see screenshot above) and paste it anywhere you can look at it; for example into Notepad. Now, look for the sll argument (highlighted above in red) that value is the latitude and longitude separated by a comma; copy and paste those values into the program.
Download the Program
Download the program here.
After you have downloaded it, unzip it and double-click run.bat to run it or if you are on Mac or Unix, you can do chmod +x run.sh and then run run.sh to start the program. The actual command both of these scripts is running is just a simple:
java -jar foursquare-checkin-hack.jar
NOTE: You do need Java installed on your computer for this to work. You can install Java fairly painlessly by going to Java.com and walking through the install process.
The app was written using Java 6 (1.6.0_21) on Windows, so you will need some runtime of Java 6 on your computer to run it.
Get the Source Code
The FourSquare Checkin Hack is written in Java (6) and should work on Windows, Mac and Linux. You can grab a zip of the entire project (including the Source Code) here. The license for this code is GPL.
Update #1: Source code now available from GitHub!
The only dependency is the Apache Commons Codec Library for the call to the Base64 class to do the encoding. If you grab the runtime download or the project, it’s included already.
If you are just curious about the meaty parts of the code that do the POST, here is a code snippet for you. All the rest of the code is just UI, form validation and other ancillary business. This is the meat and potatoes:
public static final String HOSTNAME = "api.foursquare.com"; public static final String API_URL = "http://" + HOSTNAME + ":80/v1/checkin"; public static final String USER_AGENT = "Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420+ (KHTML, like Gecko) Version/3.0 Mobile/1C10 Safari/419.3"; public static final String CONTENT_TYPE = "application/x-www-form-urlencoded"; ... SNIP ... String encodedAuth = Base64.encodeBase64URLSafeString((email + ':' + password).getBytes()); // Muddle up the GPS coords to make them seem more natural double lat = lat + (Math.random() * 0.0003); double lng = lng + (Math.random() * 0.0003); // Create the query string to be posted to the API String args = "vid=" + venueIDTextField.getText() + "&private=0&geolat=" + lat + "&geolong=" + lng; // Create the connection to the API URLConnection connection = new URL(Main.API_URL).openConnection(); // Make sure we POST connection.setDoInput(true); connection.setDoOutput(true); connection.setUseCaches(false); // Setup the POST arguments connection.setRequestProperty("Host", Main.HOSTNAME); connection.setRequestProperty("User-Agent", Main.USER_AGENT); connection.setRequestProperty("Content-Type", Main.CONTENT_TYPE); connection.setRequestProperty("Authorization", "Basic " + encodedAuth); connection.setRequestProperty("Content-Length", Integer.toString(args.length() + 2)); // Write out our query string arguments with our POST DataOutputStream output = new DataOutputStream(connection.getOutputStream()); output.writeBytes(args); output.flush(); output.close();
If you do download the project, all this stuff is pretty heavily commented for you so you can get through it.