使用requests登录新浪微博:
网上的代码都大多失效,也有使用新浪账户登录微博,但是如果新浪账号没有关联微博就会出现失败.本文使用微博主页登录.微博的验证码使用打码平台解决,js加密使用pyv8本地运行
难点:
1.获取到sp加密代码
2.登录跳转
登录参数获取:
首先请求链接获取大部分参数:https://login.sina.com.cn/sso/prelogin.php?entry=weibo&callback=sinaSSOController.preloginCallBack&su=机密后的su&rsakt=mod&client=ssologin.js(v1.4.19)&_=时间
可以得到的参数有:
servertime=int(param['servertime'])
pubkey=param['pubkey']
nonce=param['nonce']
pcid=param['pcid']
door=param['door']# 验证码
prelt=t-int(preloginTimeStart)-int(exectime) # 也可以随机一个数字
余下一个sp使用pyv8获取,或者使用Python重写一下,由于我比较懒,就没有重写.:
with PyV8.JSContext() as ctxt:
with open('./get_sp.js', 'r')as f:
js = f.read()
ctxt.eval(js)
get_sp = ctxt.locals.get_sp # camshu 传递
sp=get_sp(pubkey,servertime,nonce,password)
登录跳转:
登录跳转有一些绕,记录下:
POST https://login.sina.com.cn/sso/login.php?client=ssologin.js(v1.4.19) HTTP/1.1
Host: login.sina.com.cn
Connection: keep-alive
Content-Length: 680
Cache-Control: max-age=0
Origin: https://weibo.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3590.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://weibo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: SINAGLOBAL=172.16.138.138_1537105155.49900; SCF=AvhoDwG9H7yu7jEXVHdl6-5de0VlTAHM-DxWm_l0x4XpDGKskTrp37CzNMnsYpcH4s2pO0glnFW3SznVAWVTu8w.; Apache=172.16.118.82_1540427208.360746; SUB=_2AkMsjdc7dcPxrAZZnv8Sy2Llao1H-jyfWL7NAn7tJhMyAhgv7lg0qSVutBF-XJtoC2UuV4QFMS-224CfOqUeItU7; SUBP=0033WrSXqPxfM72wWs9jqgMF55529P9D9WhzedkNc8OigoN.dASp_B4J5JpV8sU4e0n01hMcehqRBGSDdJ2Vqcv_; ULOGIN_IMG=gz-50713e7e3077a79e850fa8875149b157e13b
entry=weibo&gateway=1&from=&savestate=7&qrcode_flag=false&useticket=1&pagerefer=&pcid=gz-50713e7e3077a79e850fa8875149b157e13b&door=ynuxh&vsnf=1&su=MTM5HYTGyOTI0NjU%3D&service=miniblog&servertime=1540447909&nonce=K5B8J1&pwencode=rsa2&rsakv=1330428213&sp=66464b8a605ajkgt3dggffed4db679fb24dd4754579fa7490bdb8199bce486bc695fb1fcd8ffe216b2fd3d28d08ecbf1333244c3325e35aca306cc55b582b1a72a6c531aa560b7403bd90bacb235f97ee1a835926fa4c4d596be0917eb9eacaca27363fe32ad7ae4f1e3e661201ff12d017df571a4cd7a08120334f4c5f2e1c3d&sr=1366*768&encoding=UTF-8&prelt=615&url=https%3A%2F%2Fweibo.com%2Fajaxlogin.php%3Fframelogin%3D1%26callback%3Dparent.sinaSSOController.feedBackUrlCallBack&returntype=META
第一次跳转:
GET https://login.sina.com.cn/crossdomain2.php?action=login&entry=weibo&r=https%3A%2F%2Fpassport.weibo.com%2Fwbsso%2Flogin%3Fssosavestate%3D1571983888%26url%3Dhttps%253A%252F%252Fweibo.com%252Fajaxlogin.php%253Fframelogin%253D1%2526callback%253Dparent.sinaSSOController.feedBackUrlCallBack%2526sudaref%253Dweibo.com%26display%3D0%26ticket%3DST-NjEwODA2ODMzNw%3D%3D-1540447888-gz-5543B2E4AA42B67ED4C47EF9F7C5675C-1%26retcode%3D0&login_time=1540447887&sign=05ac6884d598bdbb&sr=1366%2A768 HTTP/1.1
Host: login.sina.com.cn
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3590.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://login.sina.com.cn/sso/login.php?client=ssologin.js(v1.4.19)
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
第二次跳转:
GET https://passport.weibo.com/wbsso/login?ticket=ST-NjEwODA2ODMzNw%3D%3D-1540447888-gz-09C19EB32373370DE55ED4AE31CBA16F-1&ssosavestate=1571983888&callback=sinaSSOController.doCrossDomainCallBack&scriptId=ssoscript0&client=ssologin.js(v1.4.19)&_=1540447889783 HTTP/1.1
Host: passport.weibo.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3590.0 Safari/537.36
Accept: */*
Referer: https://login.sina.com.cn/crossdomain2.php?action=login&entry=weibo&r=https%3A%2F%2Fpassport.weibo.com%2Fwbsso%2Flogin%3Fssosavestate%3D1571983888%26url%3Dhttps%253A%252F%252Fweibo.com%252Fajaxlogin.php%253Fframelogin%253D1%2526callback%253Dparent.sinaSSOController.feedBackUrlCallBack%2526sudaref%253Dweibo.com%26display%3D0%26ticket%3DST-NjEwODA2ODMzNw%3D%3D-1540447888-gz-5543B2E4AA42B67ED4C47EF9F7C5675C-1%26retcode%3D0&login_time=1540447887&sign=05ac6884d598bdbb&sr=1366%2A768
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
2次跳转之后就登录成功了,这个很多人的教程没有写,在这里也啃了几个小时.
参数SP
分析js后可以得到.这个比较简单
e.servertime = me.servertime;
e.nonce = me.nonce;
e.pwencode = "rsa2";
e.rsakv = me.rsakv;
// b即是sp参数
var f = new sinaSSOEncoder.RSAKey;
f.setPublic(me.rsaPubkey, "10001");
b = f.encrypt([me.servertime, me.nonce].join("\t") + "\n" + b)
需要源码的联系我:1790017954@qq.com