<!-- -->
<!-- -->
管理提醒: <!-- -->
本帖被 gaolei2016 执行取消精华操作(2009-12-18) <!-- -->
做TOP开发的人肯定会碰到需要SessionKey才能访问数据的情况,手工去取太麻烦了,回调又需要部署到服务器上,杯具啊!为了解决这些麻烦,我特意写了一个通过程序获取SessionKey的方法,代码如下:
说明:本程序只是方便ISV调试使用,集成二次登录是无法通过审核的,用户不会在你的网站里面输入淘宝的用户名和密码的,就好比你不会在一个山寨网站输入你的银行卡号和密码一样。
经测试,上面的程序可以获取任何类型的应用(Web,客户端)的SessionKey,ISV们有福了。
上面的程序依赖于HtmlUnit这个工具的所有Jar包,需要的请到 HtmlUnit的官方网站下载。
说明:本程序只是方便ISV调试使用,集成二次登录是无法通过审核的,用户不会在你的网站里面输入淘宝的用户名和密码的,就好比你不会在一个山寨网站输入你的银行卡号和密码一样。
Copy code
package com.carver.tool;
import java.net.URLEncoder;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import com.gargoylesoftware.htmlunit.BrowserVersion;
import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException;
import com.gargoylesoftware.htmlunit.Page;
import com.gargoylesoftware.htmlunit.TextPage;
import com.gargoylesoftware.htmlunit.WebClient;
import com.gargoylesoftware.htmlunit.html.HtmlButton;
import com.gargoylesoftware.htmlunit.html.HtmlCheckBoxInput;
import com.gargoylesoftware.htmlunit.html.HtmlElement;
import com.gargoylesoftware.htmlunit.html.HtmlForm;
import com.gargoylesoftware.htmlunit.html.HtmlImageInput;
import com.gargoylesoftware.htmlunit.html.HtmlPage;
import com.gargoylesoftware.htmlunit.html.HtmlPasswordInput;
import com.gargoylesoftware.htmlunit.html.HtmlTextInput;
/**
* 登录淘宝网获取授权。
*
* @author carver.gu
* @since 1.0, Nov 11, 2009
*/
public class LoginUtil {
private static final String ONLINE_CONTAINER = "http://container.open.taobao.com/container?appkey=";
private static final Pattern P_SESSION = Pattern.compile("top\\_session=(\\w+?)&");
static {
Logger.getLogger("com.gargoylesoftware.htmlunit").setLevel(Level.SEVERE);
Logger.getLogger("org.apache.commons.httpclient.HttpMethodBase").setLevel(Level.SEVERE);
}
public static void main(String[] args) throws Exception {
String session = getOnlineSession("app_key", "username", "password");
System.out.println("session_key: " + session);
}
public static String getOnlineSession(String appkey, String uid, String pwd) throws Exception {
String url = "http://member1.taobao.com/member/mini_login.htm?login_type=3&redirect_url=";
return getSession(url, ONLINE_CONTAINER, appkey, uid, pwd);
}
private static String getSession(String loginUrl, String topUrl, String appkey, String uid,
String pwd) throws Exception {
WebClient webClient = new WebClient(BrowserVersion.FIREFOX_3);
String fullUrl = loginUrl + URLEncoder.encode(topUrl + appkey, "utf-8");
HtmlPage loginPage = webClient.getPage(fullUrl);
HtmlForm loginForm = loginPage.getForms().get(0);
HtmlTextInput uidInput = loginForm.getInputByName("TPL_username");
uidInput.setValueAttribute(uid);
HtmlPasswordInput pwdInput = loginForm.getInputByName("TPL_password");
pwdInput.setValueAttribute(pwd);
HtmlButton loginButton = loginForm.getButtonByName("");
HtmlPage loginRsp = null;
try {
Page rsp = loginButton.click();
if (rsp instanceof HtmlPage) {
loginRsp = (HtmlPage) rsp;
} else if (rsp instanceof TextPage) {
TextPage textRsp = (TextPage) rsp;
return extractSession(textRsp.getContent());
} else {
return null;
}
} catch (FailingHttpStatusCodeException e) {
if (e.getStatusCode() == 404) {
return extractSession(e.getMessage());
}
} catch (Exception e) {
}
HtmlCheckBoxInput agreeCheck = (HtmlCheckBoxInput) loginRsp.getElementById("agreement");
if (agreeCheck == null) {
return extractSession(loginRsp.getWebResponse().getRequestSettings().getUrl().toString());
} else {
agreeCheck.click();
}
HtmlForm agreeForm = loginRsp.getForms().get(1);
List<HtmlElement> inputElements = agreeForm.getHtmlElementsByTagName("input");
HtmlImageInput agreeButton = null;
for (HtmlElement inputElement : inputElements) {
if (inputElement instanceof HtmlImageInput) {
agreeButton = (HtmlImageInput) inputElement;
break;
}
}
Page agreeRsp = null;
try {
agreeRsp = agreeButton.click();
} catch (FailingHttpStatusCodeException e) {
if (e.getStatusCode() == 404) {
return extractSession(e.getMessage());
}
} catch (Exception e) {
}
return extractSession(agreeRsp.getWebResponse().getRequestSettings().getUrl().toString());
}
private static String extractSession(String response) {
Matcher matcher = P_SESSION.matcher(response);
if (matcher.find()) {
return matcher.group(1);
} else {
return null;
}
}
}
经测试,上面的程序可以获取任何类型的应用(Web,客户端)的SessionKey,ISV们有福了。
上面的程序依赖于HtmlUnit这个工具的所有Jar包,需要的请到 HtmlUnit的官方网站下载。
这样做是方便了用户,但好想违反了TOP的审核规则,这样做估计审核会通不过:
审核规则第二条:“2、应用不允许出现二次登陆、注册入口 ”
http://wiki.open.taobao.com/index.php/%E5%AE%A1%E6%A0%B8%E8%A7%84%E5%88%99
审核规则第二条:“2、应用不允许出现二次登陆、注册入口 ”
http://wiki.open.taobao.com/index.php/%E5%AE%A1%E6%A0%B8%E8%A7%84%E5%88%99