【开源】关于兜兜风f大佬某东扫码登录分析
本帖最后由 ly765893958 于 2021-2-7 18:43 编辑按照@Peanut_GGG 大佬分析的思路,弄出了成品,供大家学习和研究!!!
在此特别感谢原作者@兜兜风f,也特别感谢@Peanut_GGG 大佬贡献自己的分析思路。
源码+成品下载地址:下载地址
原帖:https://www.52pojie.cn/forum.php?mod=viewthread&tid=1362891&highlight=%B6%B5%B6%B5%B7%E7 zyxm2013 发表于 2021-2-8 20:28
我现在的情况是
没扫码前,提示
{"check_ip":0,"errcode":176,"message":"授权登录未确认"}
我今天也遇到这个情况了,最后的解决办法是更换心跳包的UA为Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.87 Safari/537.36就正常了{:301_971:} 本帖最后由 Pleasant 于 2021-2-10 11:21 编辑
分享一个我的实现方式。
1. 获取二维码链接
// 获取s_token
SessionClient.DefaultRequestHeaders.Add("Accept", "application/json, text/plain, */*");
SessionClient.DefaultRequestHeaders.Add("ContentType", "application/x-www-form-urlencoded");
SessionClient.DefaultRequestHeaders.Referrer = new Uri("https://plogin.m.jd.com/login/login?appid=300&returnurl=https%3A%2F%2Fwq.jd.com%2Fpassport%2FLoginRedirect%3Fstate%3D1101078047599%26returnurl%3Dhttps%253A%252F%252Fhome.m.jd.com%252FmyJd%252Fnewhome.action%253Fsceneval%253D2%2526ufc%253D%2526%252FmyJd%252Fhome.action&source=wq_passport");
var response = await SessionClient.GetAsync(@"https://plogin.m.jd.com/cgi-bin/mm/new_login_entrance?lang=chs&appid=300&returnurl=https:%2F%2Fwq.jd.com%2Fpassport%2FLoginRedirect%3Fstate%3D1101078047599%26returnurl%3Dhttps%253A%252F%252Fhome.m.jd.com%252FmyJd%252Fnewhome.action%253Fsceneval%253D2%2526ufc%253D%2526%252FmyJd%252Fhome.action&source=wq_passport");
if (response.StatusCode != HttpStatusCode.OK)
{
Lbl_QRStatus.Text = "二维码加载失败,请重试或采用Cookie登录";
return;
}
var responseText = await response.Content.ReadAsStringAsync();
var responseJo = (JObject)JsonConvert.DeserializeObject(responseText);
SToken = responseJo["s_token"].ToString();
// 获取token和okl_token
string tokenAPI = string.Format("https://plogin.m.jd.com/cgi-bin/m/tmauthreflogurl?s_token={0}&v={1}&remember=true", SToken, Utils.GetTimeStampLong());
var nvc = new List<KeyValuePair<string, string>>
{
new KeyValuePair<string, string>("lang", "chs"),
new KeyValuePair<string, string>("appid", "300"),
new KeyValuePair<string, string>("returnurl", "https%3A%2F%2Fwqlogin2.jd.com%2Fpassport%2FLoginRedirect%3Fstate%3D1100399130787%26returnurl%3D%252F%252Fhome.m.jd.com%252FmyJd%252Fnewhome.action%253Fsceneval%253D2%2526ufc%253D%2526%252FmyJd%252Fhome.action"),
new KeyValuePair<string, string>("source", "wq_passport")
};
var message = new HttpRequestMessage(HttpMethod.Post, tokenAPI) { Content = new FormUrlEncodedContent(nvc) };
response = await SessionClient.SendAsync(message);
responseText = await response.Content.ReadAsStringAsync();
responseJo = (JObject)JsonConvert.DeserializeObject(responseText);
if (response.StatusCode != HttpStatusCode.OK || responseJo["errcode"].ToString() != "0")
{
Lbl_QRStatus.Text = "二维码加载失败...";
return;
}
Token = responseJo["token"].ToString();
var collection = CookieContainer.GetCookies(new Uri("https://plogin.m.jd.com"));
foreach (Cookie cookie in collection)
{
if (cookie.Name == "okl_token")
OKLToken = cookie.Value;
}
if (string.IsNullOrWhiteSpace(OKLToken))
{
Lbl_QRStatus.Text = "二维码加载失败...";
return;
}
// 构建二维码URL
string qrUrl = string.Format("https://plogin.m.jd.com/cgi-bin/m/tmauth?client_type=m&appid=300&token={0}", Token);
2. 轮训结果
if (string.IsNullOrWhiteSpace(Token)) return;
if (string.IsNullOrWhiteSpace(OKLToken)) return;
// 对查询API进行轮询
string checkAPI = string.Format("https://plogin.m.jd.com/cgi-bin/m/tmauthchecktoken?&token={0}&ou_state=0&okl_token={1}", Token, OKLToken);
var nvc = new List<KeyValuePair<string, string>>
{
new KeyValuePair<string, string>("lang", "chs"),
new KeyValuePair<string, string>("appid", "300"),
new KeyValuePair<string, string>("returnurl", "https%3A%2F%2Fwqlogin2.jd.com%2Fpassport%2FLoginRedirect%3Fstate%3D1100399130787%26returnurl%3D%252F%252Fhome.m.jd.com%252FmyJd%252Fnewhome.action%253Fsceneval%253D2%2526ufc%253D%2526%252FmyJd%252Fhome.action"),
new KeyValuePair<string, string>("source", "wq_passport")
};
var message = new HttpRequestMessage(HttpMethod.Post, checkAPI) { Content = new FormUrlEncodedContent(nvc) };
var response = SessionClient.SendAsync(message).Result;
var responseText = response.Content.ReadAsStringAsync().Result;
var responseJo = (JObject)JsonConvert.DeserializeObject(responseText);
// 如果扫码成功,那么得到的CookieContainer就是所要的,否则更新信息到界面上
if (responseJo["errcode"].ToString() == "0")
{
// 设置一下关键Cookie为永不过期
var cookies = CookieContainer.GetCookies(new Uri("https://api.m.jd.com"));
foreach (Cookie cookie in cookies)
{
cookie.Expires = DateTime.Now.AddMonths(1);
}
TM_FetchStatus.Enabled = false;
this.DialogResult = DialogResult.OK;
return;
}
else
{
Lbl_QRStatus.Text = responseJo["message"].ToString();
} 感谢分享~吾爱有你更精彩! 好像不行啊?错误提示失效了哦 fuli2018 发表于 2021-2-7 19:07
好像不行啊?错误提示失效了哦
我已经投入使用了{:301_1001:} ly765893958 发表于 2021-2-7 19:16
我已经投入使用了
你这个心跳写的逻辑错误!电脑卡的一逼!内存占用率很大!
一直提示重试 错误提示 fuli2018 发表于 2021-2-7 19:22
你这个心跳写的逻辑错误!电脑卡的一逼!内存占用率很大!
一直提示重试 错误提示
放线程里就对了 有淘宝的吗 相当不错过来学习了 ly765893958 发表于 2021-2-7 19:28
放线程里就对了
能否弄个百度短信验证登录的 这个不能直接更新{:301_971:}