Solving WAF Challenges¶

Amazon may present an AWS WAF JavaScript challenge during login. amazon-orders ships built-in support for solving these via third-party solver services as opt-in extras. Once one is configured, amazon-orders login clears the challenge automatically.

Note

For the legacy OCR-based image Captcha, see the [captcha] extra in Troubleshooting. WAF challenges and image Captchas are distinct mechanisms — this page covers the JavaScript-based WAF flow only.

The supported providers are:

Each provider follows the same setup: add its extra, set its API key as an environment variable, and register the form in your config.

CapSolver¶

Add the [capsolver] extra:

pip install amazon-orders[capsolver]

Set your API key as an environment variable (or via AmazonOrdersConfig):

export CAPSOLVER_API_KEY=your-capsolver-key

Register the form in your ~/.config/amazonorders/config.yml:

auth_forms_classes:
  - amazonorders.contrib.waf.capsolver.CapSolverWafForm

Now amazon-orders login will clear any AWS WAF challenge it encounters during authentication.

Anti-Captcha¶

Add the [anticaptcha] extra:

pip install amazon-orders[anticaptcha]

Set your API key as an environment variable (or via AmazonOrdersConfig):

export ANTICAPTCHA_API_KEY=your-anticaptcha-key

Register the form in your ~/.config/amazonorders/config.yml:

auth_forms_classes:
  - amazonorders.contrib.waf.anticaptcha.AntiCaptchaWafForm

2Captcha¶

Add the [2captcha] extra:

pip install amazon-orders[2captcha]

Set your API key as an environment variable (or via AmazonOrdersConfig):

export TWOCAPTCHA_API_KEY=your-2captcha-key

Register the form in your ~/.config/amazonorders/config.yml:

auth_forms_classes:
  - amazonorders.contrib.waf.twocaptcha.TwoCaptchaWafForm

Writing Your Own¶

The auth_forms_classes config option accepts any AuthForm subclass, so you can integrate any provider you like. Subclass AwsWafForm and implement _solve_token(url, goku, challenge_script) -> str to call the service of your choice and return the resulting aws-waf-token cookie value:

from amazonorders.contrib.waf.base import AwsWafForm


class MyCustomWafForm(AwsWafForm):
    API_KEY_ENV_VAR = "MY_PROVIDER_API_KEY"

    def _solve_token(self, url, goku, challenge_script):
        ...

Once registered in auth_forms_classes, your form participates in the same auth chain as the built-in providers.

If a supported extra isn’t working for you, please open an issue or a pull request.

Solving WAF Challenges¶

CapSolver¶

Anti-Captcha¶

2Captcha¶

Writing Your Own¶

Getting Around

Table of Contents

Useful Links