網易雲音樂二維碼掃碼登入過程解析
阿新 • • 發佈:2021-12-15
說明:本文不講解網易雲介面加密引數params
及encSecKey
的生成過程,下面的連結有講解分析:
網易雲的處理上,大概有下面幾個過程。
一、請求二維碼的uni key
curl 'https://music.163.com/weapi/login/qrcode/unikey?csrf_token=' -X POST -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:95.0) Gecko/20100101 Firefox/95.0' -H 'Accept: */*' -H 'Accept-Language: zh-CN,en-US;q=0.7,en;q=0.3' -H 'Accept-Encoding: gzip, deflate, br' -H 'Content-Type: application/x-www-form-urlencoded' -H 'Origin: https://music.163.com' -H 'DNT: 1' -H 'Connection: keep-alive' -H 'Referer: https://music.163.com/' -H 'Sec-Fetch-Dest: empty' -H 'Sec-Fetch-Mode: cors' -H 'Sec-Fetch-Site: same-origin' -H 'Pragma: no-cache' -H 'Cache-Control: no-cache' -H 'TE: trailers' --data-raw 'params=T23YDKo3vZeDF08+9qzHkHSiTJBoh4EMEXEXsgKznUc=&encSecKey=a86543e1747eee2ed23eda4c72109d69d71d10ea2e34298fb5da654697fdd411673e6783eba86bc2f3e9c11b24d9d50b0cc6347056049f79b230302b440fe10c76e082a475a83530f56fe90514dbdd169f572d75d65a73b0fb8a6233f6e484c066b359640529112299876a666576fd2d12b0d938cbc39c74f70d8578de3c608c'
引數params
需要經過urlEncode,否則提交請求後無法得到相應。即:
String params = java.net.URLEncoder.encode(originParams,"utf-8")
--data-raw 'params=T23YDKo3vZeDF08+9qzHkHSiTJBoh4EMEXEXsgKznUc=&encSecKey=a86543e1747eee2ed23eda4c72109d69d71d10ea2e34298fb5da654697fdd411673e6783eba86bc2f3e9c11b24d9d50b0cc6347056049f79b230302b440fe10c76e082a475a83530f56fe90514dbdd169f572d75d65a73b0fb8a6233f6e484c066b359640529112299876a666576fd2d12b0d938cbc39c74f70d8578de3c608c'
正常響應結果:
RESP: HTTP/2 200 OK server: nginx date: Tue, 14 Dec 2021 12:33:43 GMT content-type: application/json;charset=UTF-8 content-length: 86 mconfig-bucket: 999999 x-traceid: 0000017db8ef3348120f0aaba5091b19 set-cookie: NMTID=00OvVGYx2nayOb900GKiprHmv6QWogAAAF9uO8zTQ; Max-Age=315360000; Expires=Fri, 12 Dec 2031 12:33:43 GMT; Path=/; Domain=music.163.com cache-control: no-cache, no-store expires: Thu, 01 Jan 1970 00:00:00 GMT gw-thread: 861939 gw-time: 1639485223753 content-encoding: gzip x-via: MusicServer x-from-src: 114.249.199.224 X-Firefox-Spdy: h2 {"code":200,"unikey":"aca65293-5459-40ed-899d-7c597a613d52"}
二、拼接文字,然後生成二維碼
將上面得到的unikey
做字串拼接,得到http://music.163.com/login?codekey=aca65293-5459-40ed-899d-7c597a613d52
可以用線上工具直接生成二維碼,戳:https://cli.im/text
或者,做開發用可以引入qrcodejs
庫檔案生成二維碼。
使用qrcodejs
庫將該url作為文字生成二維碼。
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<script src="https://cdn.jsdelivr.net/gh/davidshimjs/qrcodejs@master/qrcode.min.js" type="text/javascript"></script>
<div id="qrcode"></div>
<script type="text/javascript">
var qrcode = new QRCode(document.getElementById("qrcode"), {
text: "http://music.163.com/login?codekey=ac3aebd0-65c1-4cae-8a6f-869dc91c4ca8",
width: 128,
height: 128,
colorDark : "#000000",
colorLight : "#ffffff",
correctLevel : QRCode.CorrectLevel.H
});
</script>
</body>
</html>
三、掃描二維碼,在程式中定時傳送請求監聽介面響應。
curl 'https://music.163.com/weapi/login/qrcode/client/login?csrf_token=' -X POST -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:95.0) Gecko/20100101 Firefox/95.0' -H 'Accept: */*' -H 'Accept-Language: zh-CN,en-US;q=0.7,en;q=0.3' -H 'Accept-Encoding: gzip, deflate, br' -H 'Content-Type: application/x-www-form-urlencoded' -H 'Origin: https://music.163.com' -H 'DNT: 1' -H 'Connection: keep-alive' -H 'Referer: https://music.163.com/' -H 'Cookie: JSESSIONID-WYYY=nTMmRIoCA2Jc2di7BekaMqJURs5QDBjR%2BqB3oylo5RVfhFZj%2ByCIgCDCYcXCUK5P%2BqdA0sCC2P6Jlu1nd2sVsiTI6yUoiUzOln4tccCsvEO%2Fyu64wpEg8lMpFG36Df0t3F4QidNji61Hf%5Cb4ytKU4rVP7abY7aNjVGijbhY0FZ1pV%5Cn%2F%3A1639486553309; _iuqxldmzr_=32; _ntes_nnid=45012cca304d2b0405504aa0e3d59608,1637477815806; _ntes_nuid=45012cca304d2b0405504aa0e3d59608; NMTID=00OaZEG2hgdKpIzSEKUjsOrj_uxGbsAAAF9QUicBQ; WEVNSM=1.0.0; WNMCID=jckbry.1637477818458.01.0; WM_NI=1sNokZHm%2BXycMu%2BBQGyrfN22O%2FcEas%2FSx026e6Yyqoj%2BWShZgukne1u6%2Bd5FhlQhbBNvz%2B%2Bhuo9Swigq%2FEc%2FjzTj3mtBqoGF4ZrhMM9RD8%2FsR7JpO9O4xS7lvRO6bRzuZlE%3D; WM_NIKE=9ca17ae2e6ffcda170e2e6eed7bb5e8cbb9a82c133f1e78fb6c84f928a8eaef565b1af8a93cc4b859100daf12af0fea7c3b92af3ad8290ea528cb3e5b9fc698fabe5a3d44dbbaeaaafb13a8df1ada6e479ed8db8d1b13ea7ea979af465aaf599b4eb52a5aba58fe83bb7eae585b84eacb49f89e14a8eaab6ccaa64b7b1f7b4f663a5afe1a6e225aaa69c8bb267b89ebf90c64ef886be89d047fb8e8cd9ae7992e98691ce338decb8b4b668b68e81d7e15abaab968dc837e2a3; WM_TID=%2BOLLkHyHl35FRVQRUQJu5nEGMdTeTGDa; hb_MA-BE1B-B326EA1BA2C0_source=ym.163.com; ntes_kaola_ad=1' -H 'Sec-Fetch-Dest: empty' -H 'Sec-Fetch-Mode: cors' -H 'Sec-Fetch-Site: same-origin' -H 'Pragma: no-cache' -H 'Cache-Control: no-cache' -H 'TE: trailers' --data-raw 'params=T23YDKo3vZeDF08+9qzHkHSiTJBoh4EMEXEXsgKznUc=&encSecKey=a86543e1747eee2ed23eda4c72109d69d71d10ea2e34298fb5da654697fdd411673e6783eba86bc2f3e9c11b24d9d50b0cc6347056049f79b230302b440fe10c76e082a475a83530f56fe90514dbdd169f572d75d65a73b0fb8a6233f6e484c066b359640529112299876a666576fd2d12b0d938cbc39c74f70d8578de3c608c'```
介面響應有三種情況:
- 等待掃碼。
{"code":801,"message":"等待掃碼"}
- 進行中,返回掃碼使用者資訊。
{"nickname":"xxx","avatarUrl":"https://p2.music.126.net/xxxxx==/xxxxxxxx.jpg","code":802,"message":"授權中"}
- 完成登入。
{"code":803,"message":"授權登陸成功"}
BTW: 自己寫的一個小程式(Just for fun):https://github.com/imbennie/netease-music-tools