java使用httpclient简单模拟登陆微信公众开放平台
·
注意:本文使用的不是微信公众平台的api,只是采用的模拟登陆的方式.
微信公众账号平台地址:https://mp.weixin.qq.com/
1 分析登陆信息,获取url
使用谷歌浏览器打开https://mp.weixin.qq.com/, 然后打开源码,或者点击右键审查元素(F12也可以).
我们能看到一个wxm2-loginform1c0c.js 估计一下应该是登陆的js,点击打开该js。
能够看到里面有这么一段:
t.post("/cgi-bin/login?lang=zh_CN", {
username: e.account,
pwd: t.md5(e.password.substr(0, 16)),
imgcode: c.data("isHide") ? "" : e.verify,
f: "json"
}, 我们知道了真实的登陆地址其实是:
https://mp.weixin.qq.com/cgi-bin/login?lang=zh_CN 然后采用的是post请求。
上面还可以使用抓包工具(如fiddle)进行抓取分析真实地址。
2, 下面开始模拟登陆
我们使用的地址是https 貌似http也可以,为了使用https 我们采用取消绕过https检查的方式
代码如下:主要是重写了checkClientTrusted 方法 不进行验证。
package com.zhanghenglei.weixin; import java.io.IOException; import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.Socket; import java.net.SocketAddress; import java.net.UnknownHostException; import java.security.SecureRandom; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.SocketFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import org.apache.commons.httpclient.ConnectTimeoutException; import org.apache.commons.httpclient.params.HttpConnectionParams; import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory; /** * 忽略数字证书 * @author */ public class MySecureProtocolSocketFactory implements SecureProtocolSocketFactory { SSLContext sslContext = null; private SSLContext createSSLContext(){ try{ SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, new TrustManager[]{new TrustAnyTrustManager()}, new SecureRandom()); return sslContext; }catch (Exception e) { throw new RuntimeException(e); } } private SSLContext getSSLContext(){ if(this.sslContext == null) { this.sslContext = createSSLContext(); } return this.sslContext; } @Override public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { return getSSLContext().getSocketFactory().createSocket(socket, host, port, autoClose); } @Override public Socket createSocket(String host, int port) throws IOException, UnknownHostException { return getSSLContext().getSocketFactory().createSocket(host, port); } @Override public Socket createSocket(String host, int port, InetAddress localAddress, int localPort) throws IOException, UnknownHostException { return getSSLContext().getSocketFactory().createSocket(host, port, localAddress, localPort); } @Override public Socket createSocket(String host, int port, InetAddress localAddress, int localPort, HttpConnectionParams params) throws IOException, UnknownHostException, ConnectTimeoutException { if(params == null) { throw new IllegalArgumentException("Parameters may not be null"); } int timeout = params.getConnectionTimeout(); SocketFactory socketfactory = getSSLContext().getSocketFactory(); if(timeout == 0) { return socketfactory.createSocket(host, port, localAddress,localPort); }else{ Socket socket = socketfactory.createSocket(); SocketAddress localaddr = new InetSocketAddress(localAddress, localPort); SocketAddress remoteaddr = new InetSocketAddress(host, port); socket.bind(localaddr); socket.connect(remoteaddr, timeout); return socket; } } private static class TrustAnyTrustManager implements X509TrustManager{ /** * 重写验证方法,取消检测SSL */ @Override public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[]{}; } } }
3、采用httpclient登陆,具体代码如下
package com.zhanghenglei.weixin; import org.apache.commons.codec.digest.DigestUtils; import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.NameValuePair; import org.apache.commons.httpclient.URI; import org.apache.commons.httpclient.cookie.CookiePolicy; import org.apache.commons.httpclient.methods.GetMethod; import org.apache.commons.httpclient.methods.PostMethod; import org.apache.commons.httpclient.protocol.Protocol; /** * 模拟微信登录 * * @author 小叶 *@date 2013-5-13 */ public class Weixin { static { Protocol myhttps = new Protocol("https", new MySecureProtocolSocketFactory(), 443); Protocol.registerProtocol("https", myhttps); } public static void main(String[] args) throws Exception{ System.setProperty ("jsse.enableSNIExtension", "false"); // 创造httpclient实例 HttpClient client = new HttpClient(); client.getParams().setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY); // 设置cookie管理策略 client.getParams().setParameter("http.protocol.single-cookie-header", true); PostMethod post = new PostMethod(); //模拟浏览器 post.setRequestHeader("User-Agent","Mozilla/5.0 (Windows NT 6.2; WOW64)" + " AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.172 " + "Safari/537.22"); //这个必须设置 否则无法登录 还是尽量完全模拟浏览器的行为 post.setRequestHeader("Referer", "https://mp.weixin.qq.com"); //登录请求提交地址 post.setURI(new URI("https://mp.weixin.qq.com/cgi-bin/login?lang=zh_CN")); //构造请求参数 NameValuePair[] params = new NameValuePair[] { new NameValuePair("username", "henglei1228@126.com"), new NameValuePair("pwd", DigestUtils.md5Hex("****" .getBytes())), new NameValuePair("f", "json"), new NameValuePair("imagecode", "") }; post.setQueryString(params); int aa = client.executeMethod(post); System.out.println(aa); System.out.println(post.getResponseBodyAsString()); /* //接着发一个get请求来确认是否登录成功。 因为我的微信还没有验证,所有进入的是acct/realnamepage?action=showsubmit&step=3&lang=zh_CN页面 GetMethod get = new GetMethod(); get.setURI(new URI("https://mp.weixin.qq.com/acct/realnamepage?action=showsubmit&step=3&lang=zh_CN")); client.executeMethod(get); System.out.println(get.getResponseBodyAsString());*/ } }
旨在为数千万中国开发者提供一个无缝且高效的云端环境,以支持学习、使用和贡献开源项目。
更多推荐
2
0- 0
已为社区贡献2条内容
所有评论(0)