用Java编写vk.com dirty auth

时间:2016-01-30 18:14:39

标签: java cookies https okhttp

我的目标是检索" p "响应中的cookie。

vk.com拥有自己的API,但我想通过POST请求进行授权,就像浏览器一样。

我尝试了3个客户: httpsUrlConnecton Jsoup okHttp

所有人的结果都相同。 "的 P "饼干丢失了。

我通过将请求发送到我自己的请求记录器来调试请求。我的请求就像浏览器一样发送。我做错了什么?

p.s:抱歉我的英文不好

示例:

    package com.bane.vkapi;

    import com.squareup.okhttp.*;
    import org.jsoup.Connection;
    import org.jsoup.Jsoup;
    import org.jsoup.nodes.Document;
    import org.jsoup.nodes.Element;
    import sun.reflect.generics.reflectiveObjects.NotImplementedException;

    import javax.net.ssl.HttpsURLConnection;
    import java.io.DataOutputStream;
    import java.io.IOException;
    import java.net.*;
    import java.util.Collections;
    import java.util.List;
    import java.util.Map;
    import java.util.Optional;
    import java.util.stream.Collectors;

    public class TryAuthorize {

        private final String MODE = "jsoup"; // todo: httpsurlconn / jsoup / okhttp

        private final String defaultURL = "https://m.vk.com";

private final String EMAIL_AUTH_KEY = "email";
private final String PASS_AUTH_KEY = "pass";
private final String SUCCESS_COOKIE_KEY = "p";
private final Integer DEFAULT_TIMEOUT = 3000;
private final String DEFAULT_USERAGENT =
        "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0";

private Optional<String> userAgent;
private Optional<Integer> timeout;

public TryAuthorize() {
    this.userAgent = Optional.empty();
    this.timeout = Optional.empty();
}

public TryAuthorize(String userAgent, int timeout) {
    this.userAgent = Optional.ofNullable(userAgent);
    this.timeout = Optional.ofNullable(timeout);
}

public static void main(String[] args) throws IOException {
    TryAuthorize app = new TryAuthorize();
    Map<String, String> resultCookies = app.authenticate("example@gmail.com", "passExample123");
}

public Map<String, String> authenticate(String email, String pass) throws IOException {
    // get authorization url
    Document doc = Jsoup.connect(defaultURL)
            .userAgent(userAgent.orElse(DEFAULT_USERAGENT))
            .timeout(timeout.orElse(DEFAULT_TIMEOUT))
            .execute()
            .parse();
    Element formElement = doc.getElementsByTag("form").first();
    String authUrl = formElement.attr("action");

    // todo dbg - send on localhost for log request
    //        authUrl = authUrl.replace("https://login.vk.com", "http://localhost:9999");
    // todo dbg

    switch (MODE) {
        case "httpsurlconn":
            return tryHttpsUrlConnection(authUrl, email, pass);
        case "jsoup" :
            return tryJsoupConnection(authUrl, email, pass);
        case "okhttp" :
            return tryOkHttpClient(authUrl, email, pass);
        default:
            throw new RuntimeException("unknown mode");
    }
}

private Map<String, String> tryHttpsUrlConnection(String authUrl, String email, String pass) throws IOException {
    URL url = new URL(null, authUrl, new sun.net.www.protocol.https.Handler());
    HttpsURLConnection httpsConnection = (HttpsURLConnection) url.openConnection();
    CookieManager cookieManager = new CookieManager();
    cookieManager.setCookiePolicy(CookiePolicy.ACCEPT_ALL);
    CookieHandler.setDefault(cookieManager);
    httpsConnection.setUseCaches(false);
    httpsConnection.setRequestMethod("POST");
    httpsConnection.setRequestProperty("accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
    httpsConnection.setRequestProperty("accept-language", "ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3");
    httpsConnection.setRequestProperty("accept-encoding", "gzip, deflate");
    httpsConnection.setRequestProperty("connection", "keep-alive");
    httpsConnection.setRequestProperty("content-type", "application/x-www-form-urlencoded");
    httpsConnection.setDoOutput(true);
    httpsConnection.setDoInput(true);
    DataOutputStream wr = new DataOutputStream(httpsConnection.getOutputStream());
    String postBody = EMAIL_AUTH_KEY + "=" + email + "&" + PASS_AUTH_KEY + "=" + pass;
    postBody = postBody.replaceAll("@", "%40");
    wr.writeBytes(postBody);
    wr.flush();
    wr.close();

    List<String> cookies = httpsConnection.getHeaderFields().get("Set-Cookie");
    System.out.println(cookies);
    throw new NotImplementedException(); // todo: undone, too lazy =(
}

private Map<String, String> tryJsoupConnection(String authUrl, String email, String pass) throws IOException {
    Map<String, String> cookies = Jsoup.connect(authUrl)
            .userAgent(userAgent.orElse(DEFAULT_USERAGENT))
            .timeout(timeout.orElse(DEFAULT_TIMEOUT))
            .header("accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8")
            .header("accept-language", "ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3")
            .header("accept-encoding", "gzip, deflate")
            .header("connection", "keep-alive")
            .header("content-type", "application/x-www-form-urlencoded")
            .data(EMAIL_AUTH_KEY, email)
            .data(PASS_AUTH_KEY, pass)
            .method(Connection.Method.POST)
            .execute()
            .cookies();
    return checkSuccessAuthorize(cookies);
}

private Map<String, String> tryOkHttpClient(String authUrl, String email, String pass) throws IOException {
    String postBody = (EMAIL_AUTH_KEY + "=" + email + "&" + PASS_AUTH_KEY + "=" + pass)
            .replaceAll("@", "%40");
    Request request = new Request.Builder()
            .url(authUrl)
            .header("user-agent", "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0")
            .header("accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8")
            .header("accept-language", "ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3")
            .header("accept-encoding", "gzip, deflate")
            .header("referer", "http://m.vk.com/")
            .header("connection", "keep-alive")
            .header("content-type", "application/x-www-form-urlencoded")
            .post(RequestBody.create(null, postBody))
            .build();
    CookieManager cookieManager = new CookieManager();
    cookieManager.setCookiePolicy(CookiePolicy.ACCEPT_ALL);
    ConnectionSpec connSpec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
            .tlsVersions(TlsVersion.TLS_1_2)
            .cipherSuites(CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
            .build();
    OkHttpClient okHttpClient = new OkHttpClient();
    okHttpClient.setConnectionSpecs(Collections.singletonList(connSpec));
    okHttpClient.setCookieHandler(cookieManager);
    okHttpClient.setFollowRedirects(true);
    okHttpClient.newCall(request)
            .execute();
    Map<String, String> cookies = retrieveCookies(cookieManager);
    return checkSuccessAuthorize(cookies);
}

private Map<String, String> checkSuccessAuthorize(Map<String, String> cookies) {
    return Optional.ofNullable(cookies)
            .filter(c -> c.containsKey(SUCCESS_COOKIE_KEY))
            .orElseThrow(() -> new IllegalArgumentException("Bad login or password"));
}

private Map<String, String> retrieveCookies(CookieManager cookieManager) {
    return cookieManager.getCookieStore()
            .getCookies()
            .stream()
            .collect(Collectors.toMap(HttpCookie::getName, HttpCookie::getValue));
}

}

1 个答案:

答案 0 :(得分:0)

最后,我解决了! 我忘了从第一个查询中获取cookie,并将其发布到授权查询=)

调试器API无法看到cookie,因为站点cookie和调试器域不同

相关问题
最新问题