JAVA:网易微博模拟登陆
网易微博登陆验证,第一次请求使用BASE64加密、第二次请求使用MD5+RSA加密,比较变态,于是使用JAVA+JS相结合的方式,调用其JS方法得到加密字符串。
/core1.7.0.js 是经过处理的,删掉几行在JAVA引用中会报错的浏览器对象。
import org.apache.http.HttpResponse; import org.apache.http.client.CookieStore; import org.apache.http.client.methods.HttpGet; import org.apache.http.impl.client.DefaultHttpClient; import org.apache.velocity.util.StringUtils; import org.nutz.lang.Files; import org.nutz.lang.util.ClassTools; import org.nutz.repo.Base64; import javax.script.Invocable; import javax.script.ScriptEngine; import javax.script.ScriptEngineManager; import java.io.BufferedReader; import java.io.InputStream; import java.io.InputStreamReader; /** * Created by Wizzer on 14-7-7. */ public class Netease { static String index_url = "http://t.163.com/session"; static String login1_url = "http://reg.163.com/services/httpLoginExchgKeyNew"; static String login2_url = "http://reg.163.com/httpLoginVerifyNew.jsp"; static String status_url = "http://t.163.com/share/check/status"; UrlUtil urlUtil = new UrlUtil(); public static void main(String[] args) { CookieStore cookieStore = new Netease().login("email", "password"); } public CookieStore login(String userid, String password) { try { DefaultHttpClient client = new DefaultHttpClient(); HttpGet get = new HttpGet(login1_url + "?rnd=" + Base64.encodeToString(userid.getBytes(), true) + "&jsonp=setLoginStatus"); get.setHeader("Accept", "*/*"); get.setHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36"); HttpResponse response = client.execute(get); int code = response.getStatusLine().getStatusCode(); if (code == 200) { InputStream in = response.getEntity().getContent(); BufferedReader reader = new BufferedReader(new InputStreamReader(in)); String line = "", res = ""; while (null != (line = reader.readLine())) { res += line; } System.out.println("res:::" + res); if (res.contains("200")) { String[] str = StringUtils.split(urlUtil.getStr(res, "setLoginStatus(\"", "\")"), "\\n"); String o = str[1], h = str[2]; ScriptEngineManager sem = new ScriptEngineManager(); ScriptEngine se = sem.getEngineByName("javascript"); se.eval(getJs()); String jiami = ""; if (se instanceof Invocable) { Invocable invoke = (Invocable) se; jiami = invoke.invokeFunction("getCode", password, o, h).toString(); System.out.println("jiami = " + jiami); } DefaultHttpClient client2 = new DefaultHttpClient(); client2.setCookieStore(client.getCookieStore()); HttpGet get2 = new HttpGet(login2_url + "?rcode=" + jiami + "&product=t&jsonp=setLoginStatus&savelogin=0&username=" + userid); get2.setHeader("Accept", "*/*"); get2.setHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36"); HttpResponse response2 = client2.execute(get2); int code2 = response2.getStatusLine().getStatusCode(); if (code2 == 200) { InputStream in2 = response2.getEntity().getContent(); BufferedReader reader2 = new BufferedReader(new InputStreamReader(in2)); String line2 = "", res2 = ""; while (null != (line2 = reader2.readLine())) { res2 += line2; } System.out.println("res2:::" + res2); if (res.contains("200")) { return client2.getCookieStore(); } } } } return null; } catch (Exception e) { e.printStackTrace(); return null; } } private String getJs() { String jscontent = Files.read(ClassTools.getClassLoader().getResource("").getPath() + "netease" + "/core1.7.0.js"); jscontent += "function getCode(p,o,h){\n" + "\t\t\t\tvar l=new RSAKey();\n" + "\t\t\t\tl.setPublic(h,o);\n" + "\t\t\t\treturn l.encrypt(getMd5(p));\t\t\t\t\n" + " }"; return jscontent; } }