curl 'music.163/weapi/login/qrcode/unikey?csrf_token=' \
-H 'authority: music.163' \
-H 'sec-ch-ua: " Not;A Brand";v="99", "Google Chrome";v="97", "Chromium";v="97"' \
-H 'dnt: 1' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36' \
-H 'sec-ch-ua-platform: "Windows"' \
-H 'content-type: application/x-www-form-urlencoded' \
-H 'accept: */*' \
-H 'origin: music.163' \
-H 'sec-fetch-site: same-origin' \
-H 'sec-fetch-mode: cors' \
-H 'sec-fetch-dest: empty' \
-H 'referer: music.163/' \
-H 'accept-language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7,en-GB;q=0.6' \
--data-raw 'params=T23YDKo3vZeDF08%2B9qzHkHSiTJBoh4EMEXEXsgKznUc%3D&encSecKey=a86543e1747eee2ed23eda4c72109d69d71d10ea2e34298fb5da654697fdd411673e6783eba86bc2f3e9c11b24d9d50b0cc6 --compressed
请求参数params、encSecKey需要经过加密计算得到,⽣成过程可参考下⾯的⽂章:
根据上⾯的⽂章可以了解到⽹易云以json形式提供接⼝的正常参数,对该json作加密得到的params参数。这⾥,获得unikey的接⼝请求参数只需要提供下⾯的json体作为参数进⾏加密计算。
{
"type": "1"
}
加密计算得到params、encSecKey后,该接⼝在发送请求前还需要对参数params进⾏urlEncode编码,否则提交请求后⽆法得到响应内容。即:
String params = "T23YDKo3vZeDF08+9qzHkHSiTJBoh4EMEXEXsgKznUc=";
String encodedParams = de(params, "utf-8");
// 得到:`T23YDKo3vZeDF08%2B9qzHkHSiTJBoh4EMEXEXsgKznUc%3D`
发送请求后响应结果如下:
RESP:
HTTP/2 200 OK
server: nginx
date: Tue, 14 Dec 2021 12:33:43 GMT
content-type: application/json;charset=UTF-8
content-length: 86
mconfig-bucket: 999999
x-traceid: 0000017db8ef3348120f0aaba5091b19
set-cookie: NMTID=00OvVGYx2nayOb900GKiprHmv6QWogAAAF9uO8zTQ; Max-Age=315360000; Expires=Fri, 12 Dec 2031 12:33:43 GMT; Path=/; Domain=music.163
cache-control: no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT
gw-thread: 861939
gw-time: 1639485223753
content-encoding: gzip
x-via: MusicServer
x-from-src: 114.249.199.224
X-Firefox-Spdy: h2
{"code":200,"unikey":"aca65293-5459-40ed-899d-7c597a613d52"}
⼆、使⽤unikey参数拼接⽂本并⽣成⼆维码
qrcode.js:
⽰例:
成品:
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<script src="cdn.jsdelivr/gh/davidshimjs/qrcodejs@master/qrcode.min.js" type="text/javascript"></script>
网易云怎么一起听音乐<div id="qrcode"></div>
<script type="text/javascript">
var qrcode = new ElementById("qrcode"), {
text: "music.163/login?codekey=ac3aebd0-65c1-4cae-8a6f-869dc91c4ca8",
width: 128,
height: 128,
colorDark : "#000000",
colorLight : "#ffffff",
correctLevel : QRCode.CorrectLevel.H
});
</script>
</body>
</html>
三、扫描⼆维码,在程序中定时发送请求监听接⼝响应。
curl 'music.163/weapi/login/qrcode/client/login?csrf_token=' -X POST -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:95.0) Gecko/20100101 Firefox/95.0' -H 'Accept: */*' -H 'Accept-Language: zh-C params加密参数,由参数内容加密计算得到:
{
"csrf_token": "",
"key": "1825b24c-bcc1-486f-8e81-bb27011c7a8a",
"type": "1"
}
key为前⾯请求得到的unikey。
接⼝响应的⼏种情况:
⼀、过期
{
"code":800,
"message":"⼆维码不存在或已过期"
}
⼆、等待扫码。
{"code":801,"message":"等待扫码"}
三、进⾏中,返回扫码⽤户信息。
{"nickname":"xxx","avatarUrl":"p2.music.126/xxxxx==/xxxxxxxx.jpg","code":802,"message":"授权中"}
四、完成登录。
{"code":803,"message":"授权登陆成功"}
响应头:
HTTP/2 200 OK
server: nginx
date: Sat, 29 Jan 2022 05:02:49 GMT
content-type: application/json;charset=UTF-8
content-length: 69
x-traceid: 0000017ea436eb0d08b20aa4683d1289
mconfig-bucket: 999999
set-cookie: MUSIC_A_T=1453993203804; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/wapi/feedback; Domain=.music.163; HTTPOnly
MUSIC_R_T=1509816911102; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/weapi/feedback; Domain=.music.163; HTTPOnly
MUSIC_A_T=1453993203804; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/weapi/feedback; Domain=.music.163; HTTPOnly
MUSIC_SNS=; Max-Age=0; Expires=Sat, 29 Jan 2022 05:02:49 GMT; Path=/
MUSIC_A_T=1453993203804; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/neapi/clientlog; Domain=.music.163; HTTPOnly
MUSIC_R_T=1509816911102; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/wapi/feedback; Domain=.music.163; HTTPOnly
MUSIC_R_T=1509816911102; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/wapi/clientlog; Domain=.music.163; HTTPOnly
MUSIC_R_T=1509816911102; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/api/feedback; Domain=.music.163; HTTPOnly
MUSIC_R_T=1509816911102; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/neapi/feedback; Domain=.music.163; HTTPOnly
MUSIC_R_T=1509816911102; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/openapi/clientlog; Domain=.music.163; HTTPOnly
MUSIC_A_T=1453993203804; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/api/clientlog; Domain=.music.163; HTTPOnly
MUSIC_A_T=1453993203804; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/weapi/clientlog; Domain=.music.163; HTTPOnly
MUSIC_R_T=1509816911102; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/eapi/clientlog; Domain=.music.163; HTTPOnly
MUSIC_R_T=1509816911102; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/neapi/clientlog; Domain=.music.163; HTTPOnly
MUSIC_R_T=1509816911102; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/eapi/feedback; Domain=.music.163; HTTPOnly
MUSIC_R_T=1509816911102; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/api/clientlog; Domain=.music.163; HTTPOnly
MUSIC_A_T=1453993203804; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/api/feedback; Domain=.music.163; HTTPOnly
__csrf=0df88dc1e8c79da3cf22bc2f7dfc6858; Max-Age=1296010; Expires=Sun, 13 Feb 2022 05:02:59 GMT; Path=/; Domain=.music.163
MUSIC_U=06d5ac0e4fab058e396543df5a323517c32d9eecd799a0f1e32fc59568244c038a08bd5bf851808fd78b6050a17a35e705925a4e6992f61dfe3f0151024f9e31; Max-Age=15552000; Expires=Thu, 28 Jul 2022 05:02:49 MUSIC_R_T=1509816911102; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/weapi/clientlog; Domain=.music.163; HTTPOnly
MUSIC_A_T=1453993203804; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/eapi/feedback; Domain=.music.163; HTTPOnly
MUSIC_A_T=1453993203804; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/neapi/feedback; Domain=.music.163; HTTPOnly
MUSIC_A_T=1453993203804; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/eapi/clientlog; Domain=.music.163; HTTPOnly
MUSIC_A_T=1453993203804; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/openapi/clientlog; Domain=.music.163; HTTPOnly
MUSIC_A_T=1453993203804; Max-Age=2147483647; Expires=Thu, 16 Feb 2090 08:16:56 GMT; Path=/wapi/clientlog; Domain=.music.163; HTTPOnly
cache-control: no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT
gw-thread: 756664
gw-time: 1643432569622
content-encoding: gzip
x-via: MusicServer
x-from-src: 1.202.220.130
X-Firefox-Spdy: h2
发布评论