抓包能力有限,分析了一下网易云音乐的一些api接口,但是关于它很多post请求都是加了密,没有弄太明白。之前在知乎看到过一个豆瓣工程师写的教程,但是被投诉删掉了,请问有网友fork了的吗?因为我觉得他写的代码都比较pythonic,符合pep8规范。知乎另外几名大V比如@路人甲虽然经常分享数据,但是很少分享源代码,github也没有公布,公开过的代码我觉得他很多基础的pep8细节都忽略了,而且他的爬虫的效率非常低,比如爬网易10k+评论,在专栏说爬了6个小时之类的很辛苦之类的话,但是看他的代码别提异步了,甚至连多线程/多进程都没有使用,觉得有点水。前面那位大神还是真的有很多干货。
不一定要是python,任意语言都行,各位网友能否分享一些分析网易云音乐api接口的设计博客教程/大型项目?
//里面的php demo
function curl_get($url)
{
$refer = "/";
$header[] = "Cookie: " . "appver=1.5.0.75771;";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_REFERER, $refer);
$output = curl_exec($ch);
curl_close($ch);
return $output;
}
function music_search($word, $type)
{
$url = "/api/search/pc";
$post_data = array(
's' => $word,
'offset' => '0',
'limit' => '20',
'type' => $type,
);
$referrer = "/";
$URL_Info = parse_url($url);
$values = [];
$result = '';
$request = '';
foreach ($post_data as $key => $value) {
$values[] = "$key=" . urlencode($value);
}
$data_string = implode("&", $values);
if (!isset($URL_Info["port"])) {
$URL_Info["port"] = 80;
}
$request .= "POST " . $URL_Info["path"] . " HTTP/1.1\n";
$request .= "Host: " . $URL_Info["host"] . "\n";
$request .= "Referer: $referrer\n";
$request .= "Content-type: application/x-www-form-urlencoded\n";
$request .= "Content-length: " . strlen($data_string) . "\n";
$request .= "Connection: close\n";
$request .= "Cookie: " . "appver=1.5.0.75771;\n";
$request .= "\n";
$request .= $data_string . "\n";
$fp = fsockopen($URL_Info["host"], $URL_Info["port"]);
fputs($fp, $request);
$i = 1;
while (!feof($fp)) {
if ($i >= 15) {
$result .= fgets($fp);
} else {
fgets($fp);
$i++;
}
}
fclose($fp);
return $result;
}
function get_music_info($music_id)
{
$url = "/api/song/detail/?id=" . $music_id . "&ids=%5B" . $music_id . "%5D";
return curl_get($url);
}
function get_artist_album($artist_id, $limit)
{
$url = "/api/artist/albums/" . $artist_id . "?limit=" . $limit;
return curl_get($url);
}
function get_album_info($album_id)
{
$url = "/api/album/" . $album_id;
return curl_get($url);
}
function get_playlist_info($playlist_id)
{
$url = "/api/playlist/detail?id=" . $playlist_id;
return curl_get($url);
}
function get_music_lyric($music_id)
{
$url = "/api/song/lyric?os=pc&id=" . $music_id . "&lv=-1&kv=-1&tv=-1";
return curl_get($url);
}
function get_mv_info()
{
$url = "/api/mv/detail?id=319104&type=mp4";
return curl_get($url);
}
java 版本的网易 api 加密方式:
加密工具类
/junbaor/netease/blob/master/src/main/java/com/junbaor/netease/common/EncryptUtils.java
调用测试类
/junbaor/netease/blob/master/src/test/java/com/junbaor/netease/common/TestApi.java
希望对你有所帮助。package mon;
import mons.lang3.RandomStringUtils;
import sun.misc.BASE64Encoder;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.math.BigInteger;
import java.util.HashMap;
import java.util.Map;
public class EncryptUtils {
private final static String modulus = "00e0b509f6259df8642dbc35662901477df22677ec152b5ff68ace615bb7" +
"b725152b3ab17a876aea8a5aa76d2e417629ec4ee341f56135fccf695280" +
"104e0312ecbda92557c93870114af6c9d05c4f7f0c3685b7a46bee255932" +
"575cce10b424d813cfe4875d3e82047b97ddef52741d546b8e289dc6935b" +
"3ece0462db0a22b8e7";
private final static String nonce = "0CoJUm6Qyw8W8jud";
private final static String pubKey = "010001";
private static final String PARAMS = "params";
private static final String ENCSECKEY = "encSecKey";
public static Map encrypt(String text) {
String secKey = RandomStringUtils.random(16, "0123456789abcde");
String encText = aesEncrypt(aesEncrypt(text, nonce), secKey);
String encSecKey = rsaEncrypt(secKey, pubKey, modulus);
Map map = new HashMap();
map.put(PARAMS, encText);
map.put(ENCSECKEY, encSecKey);
return map;
}
private static String aesEncrypt(String text, String key) {
try {
IvParameterSpec iv = new IvParameterSpec("0102030405060708".getBytes("UTF-8"));
SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
byte[] encrypted = cipher.doFinal(text.getBytes());
return new BASE64Encoder().encode(encrypted);
} catch (Exception e) {
return "";
}
}
private static String rsaEncrypt(String text, String pubKey, String modulus) {
text = new StringBuilder(text).reverse().toString();
BigInteger rs = new BigInteger(String.format("%x", new BigInteger(1, text.getBytes())), 16)
.modPow(new BigInteger(pubKey, 16), new BigInteger(modulus, 16));
String r = rs.toString(16);
if (r.length() >= 256) {
return r.substring(r.length() - 256, r.length());
} else {
while (r.length() < 256) {
r = 0 + r;
}
return r;
}
}
}
这里,可以看官网的js源码,也可以抓客户端包看接口。现在客户端都采用最新的接口,加密算法不知道。但是官网的weapi接口上面有加密的算法。主要还是要猜字段。很多最老的api也可以用没有加密,但是一些接口被废弃,而且和新接口返回字段也不一样。我上面写的应该够你用的。不够就自己去抓包分析猜字段。基本所有接口都能找到
玩蛇网文章,转载请注明出处和文章网址:/wenda/wd14004.html
相关文章 Recommend
