前言
很早之前用別的語言寫過一次微博登陸泥技,現(xiàn)在改成java版浆兰,主要是為了驗(yàn)證jsoup的強(qiáng)大,一款完全可勝任http請(qǐng)求和html解析的工具珊豹。抓包簸呈,抽取js的方法這里就不在贅述。
工具
- jsoup-1.11.2(使用最新)
- 打碼賬號(hào)及官方提供的java類(市面上很多店茶,這里用若快)
開始
- 首先是分析登錄過程蜕便,常登陸的沒有驗(yàn)證碼,新的會(huì)有驗(yàn)證碼贩幻,保險(xiǎn)起見這里都采用有驗(yàn)證碼的方式登錄轿腺。
- Base64編碼用戶名后,get請(qǐng)求獲取servertime丛楚,nonce族壳,pubkey,pcid趣些,及返回的cookie
//Base64編碼用戶名 su = new BASE64Encoder().encode(usename.getBytes()); String url = "http://login.sina.com.cn/sso/prelogin.php?entry=weibo&callback=sinaSSOController.preloginCallBack&su=" + su + "&rsakt=mod&checkpin=1&client=ssologin.js(v1.4.18)&_=" + getTimestamp(); Connection.Response execute = Jsoup.connect(url).ignoreContentType(true).execute(); //獲取返回?cái)?shù)據(jù) String body = execute.body(); //獲取返回cookie Map<String, String> photocookie = execute.cookies(); JSONObject jsonObject = JSONObject.parseObject(StringUtils.substringBetween(body, "(", ")")); servertime = jsonObject.getString("servertime"); nonce = jsonObject.getString("nonce"); pubkey = jsonObject.getString("pubkey"); pcid = jsonObject.getString("pcid");
- 帶著返回的cookie及pcid仿荆,get請(qǐng)求獲取驗(yàn)證碼
url = "http://login.sina.com.cn/cgi/pin.php?r=54474015&s=0&p=" + pcid; byte[] bytes = Jsoup.connect(url).ignoreContentType(true).cookies(photocookie).execute().bodyAsBytes();
- 調(diào)用打碼平臺(tái)的類實(shí)現(xiàn)打碼,返回結(jié)果
public static String createByPost(String username, String password, String typeid, String timeout, String softid, String softkey,byte[] byteArr) { String result = ""; String param = String .format( "username=%s&password=%s&typeid=%s&timeout=%s&softid=%s&softkey=%s", username, password, typeid, timeout, softid, softkey); try { result = RuoKuai.httpPostImage("http://api.ruokuai.com/create.xml", param, byteArr); // jsoup去解析xml (略坑坏平,加了好多參數(shù)進(jìn)去) result = Jsoup.parse(result).select("body > root > result").text(); } catch(Exception e) { result = "未知問題"; } return result; }
- 調(diào)用js拢操,對(duì)密碼動(dòng)態(tài)加密,返回參數(shù)sp
private boolean encodePwd() { ScriptEngineManager sem = new ScriptEngineManager(); ScriptEngine se = sem.getEngineByName("javascript"); try { // FileReader fr = new FileReader(""); se.eval(LOGIN_JS); Invocable invocableEngine = (Invocable) se; sp = (String) invocableEngine.invokeFunction("getPW", password, servertime, nonce, pubkey); return true; } catch (ScriptException e) { } catch (NoSuchMethodException e) { } return false; }
- 帶著參數(shù)pcid舶替,code令境,sp,su顾瞪,servertime展父,nonce,sp及cookie玲昧,post請(qǐng)求返回cookies及下一個(gè)url栖茉,此時(shí)可從返回的body中判斷登錄成功與否
//retcode=101 賬號(hào)密碼錯(cuò)誤 //retcode=80 請(qǐng)輸入正確的密碼 //retcode=4049 輸入驗(yàn)證碼 //retcode=2070 驗(yàn)證碼錯(cuò)誤 url = "http://login.sina.com.cn/sso/login.php?client=ssologin.js(v1.4.18)"; String post = "entry=weibo&gateway=1&from=&savestate=7&useticket=1&pagerefer=http%3A%2F%2Fpassport.weibo" + ".com%2Fvisitor%2Fvisitor%3Fentry%3Dminiblog%26a%3Denter%26url%3Dhttp%253A%252F%252Fweibo.com%252F%26domain%3D.weibo" + ".com%26ua%3Dphp-sso_sdk_client-0.6.14%26_rand%3D1441434306.495&pcid=" + pcid + "&door=" + code + "&vsnf=1&su=" + su + "&service=miniblog&servertime=" + servertime + "&nonce=" + nonce + "&pwencode=rsa2&rsakv=1330428213&sp=" + sp + "&sr=1366*768&encoding=UTF-8&url=http%3A%2F%2Fweibo.com%2Fajaxlogin.php%3Fframelogin%3D1%26callback%3Dparent.sinaSSOController.feedBackUrlCallBack&returntype=META"; Connection.Response execute1 = Jsoup.connect(url).method(Connection.Method.POST).requestBody(post).cookies(photocookie).ignoreContentType(true).execute().charset("GBK"); String body1 = execute1.body(); Map<String, String> cookies = execute1.cookies(); System.out.println(body1); System.out.println(body1.indexOf("正在登錄") != -1 ? "登錄成功" : "登錄失敗"); url = StringUtils.substringBetween(body1, "location.replace('", "'");
- 帶著上次返回的cookie,get請(qǐng)求(禁止重定向)獲取最終的cookie
Connection.Response execute2 = Jsoup.connect(url).cookies(cookies).followRedirects(false).ignoreContentType(true).execute(); Map<String, String> cookies1 = execute2.cookies(); //從返回協(xié)議頭中獲取location孵延,重定向地址吕漂,一般是固定 Map<String, String> headers = execute2.headers();
結(jié)束
獲取到cookie,基本之后的操作都可以尘应,那就簡單的發(fā)條微博惶凝,發(fā)微博其實(shí)只帶post數(shù)據(jù)和cookie就能提交吼虎,協(xié)議頭完全可以不帶,偏偏jsoup默認(rèn)帶個(gè)UA苍鲜,結(jié)果要多帶個(gè)refrere頭才可以思灰。
- 通過步驟7,獲取的重定向地址混滔,get請(qǐng)求獲取refrere參數(shù)uniqueid
url = "http://weibo.com/ajaxlogin.php?framelogin=1&callback=parent.sinaSSOController.feedBackUrlCallBack&sudaref=login.sina.com.cn"; String body2 = Jsoup.connect(url).cookies(cookies1).ignoreContentType(true).execute().body(); String uid = StringUtils.substringBetween(body2, "uniqueid\":\"", "\",\"userid"); String referer = "https://weibo.com/u/" + uid + "/home";
- 帶著cookie洒疚,及協(xié)議頭referer,post請(qǐng)求坯屿,發(fā)一條微博吧
url = "https://weibo.com/aj/mblog/add?ajwvr=6&__rnd=" + getTimestamp(); post = "location=v6_content_home&appkey=&style_type=1&pic_id=&text=" + text + "&pdetail=&rank=0&rankid=&module=stissue&pub_source=main_&pub_type=dialog&_t=0"; Connection.Response execute3 = Jsoup.connect(url).method(Connection.Method.POST).requestBody(post).cookies(cookies1).referrer(referer).ignoreContentType(true).execute().charset("GBK"); System.out.println(execute3.body());