php 新浪通行证登录 新浪微博登录 模拟登录 (浏览器版) 2016

由于需要项目需要管理微博平台内容，集成登录微博管理平台功能，所以在抓取网页基础上探索了一下浏览器模拟登录，已经实现登录功能，采用JQuery和php结合的方式实现的，其中需要注意跨域访问问题，还要注意下面是在phpcms中的，如果大家是单独php项目，把访问本地项目就是APP_PATH那个东西和index?m=x&c=xx&a=xx换成自己对应那个链接，a代表执行的方法，c代表执行的类，m代表模块。

新浪登录认证流程：

1.预登陆获取pubkey/nonce/rsak等用于加密用户信息(get)。返回json

2.login.php?client=ssologin对用户账号进行加密用户名采用base64加密，密码采用rsa2加密，rsa2加密是sina提供的js中加密方法(post)。返回json，cookie

3.第2步中返回的json包含若干个url，crossDomainUrl是用于SSO统一登录的，分别参照下面代码发送请求方式及参数将crossDomainUrl请求一次，获取cookie即可(get)。返回json，cookie

4.登录成功。

代码如下：

 'login.sina.com.cn',
				'User-Agent' => 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0',
				'Accept' => '*/*',
				'Accept-Language' => 'zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3',
				'Accept-Encoding' => 'gzip, deflate',
				'Referer' => 'https://login.sina.com.cn/',
				'Connection' => 'keep-alive' 
		);
	//base64加密后用户名
	private $su = '';
	//js加密后的密码
	private $sp = '';
	function __construct() {
	}
	
	//预登陆,浏览器直接访问该方法，登录方法入口，通过调用该方法来登录，该方法调用或间接调用了其他方法。
	function pre_login() {
		// 用户名称base64加密-用于预登陆
		$this->su = base64_encode ( urlencode ( $this->username ) );
		// 预登陆url
		$pre_login_url = 'https://login.sina.com.cn/sso/prelogin.php?entry=account&callback=sinaSSOController.preloginCallBack&su=';
		$pre_login_url = $pre_login_url . $this->su . '&rsakt=mod&client=ssologin.js(v1.4.15)&_=' . time ();
		
		$return_val = $this->request_url ( $pre_login_url, null, $this->request_cookie, $this->request_headers);
		list ( $header, $body ) = explode ( "\r\n\r\n", $return_val, 2 );
		preg_match_all ( "/Set\-Cookie:([^;]*);/", $header, $matches );
		$info ['cookie'] = $matches;
		$info ['header'] = $header;
		$info ['content'] = $body;
		$this->request_cookie .= $matches;
		$body = str_replace('sinaSSOController.preloginCallBack(', '', $body);
		$json = str_replace(')', '', $body);
		$this->json_obj = json_decode($json);
		//ajax后变量重置，所以存到cookie,下面是phpcms中的cookie方式，非phpcms想办法把值放到cookie或者session中即可
		param::set_cookie('sina_su', $this->su);
		param::set_cookie('sina_cookie', $this->request_cookie);
		param::set_cookie('sina_servertime', $this->json_obj->servertime);
		param::set_cookie('sina_nonce', $this->json_obj->nonce);
		param::set_cookie('sina_rsakv', $this->json_obj->rsakv);
		
		//加密明文密码
		$this->ajax_pwd_encode();
	}
	
	//根据预登陆返回信息，登录
	function account_login() {
		//登录url
		$login_url = 'https://login.sina.com.cn/sso/login.php?client=ssologin.js(v1.4.15)&_='.time();
		$this->request_headers['Content-Type'] = 'application/x-www-form-urlencoded';
		//登录所需数据
		$post_data['entry'] = 'account';
		$post_data['gateway'] = '1';
		$post_data['from'] = '';
		$post_data['savestate'] = '0';
		$post_data['useticket'] = '0';
		$post_data['pagerefer'] = '';
		$post_data['vsnf'] = '1';
		$post_data['su'] = param::get_cookie('sina_su');
		$post_data['service'] = 'sso';
		$post_data['servertime'] = param::get_cookie('sina_servertime');
		$post_data['nonce'] = param::get_cookie('sina_nonce');
		$post_data['pwencode'] = 'rsa2';
		$post_data['rsakv'] = param::get_cookie('sina_rsakv');
		$post_data['sp'] = $this->sp;
		$post_data['sr'] = '1366*768';
		$post_data['encoding'] = 'UTF-8';
		$post_data['cdult'] = '3';
		$post_data['domain'] = 'sina.com.cn';
		$post_data['prelt'] = '51';
		$post_data['returntype'] = 'TEXT';
		//登录
		$data = $this->request_url($login_url, $post_data, $this->request_cookie, $this->request_headers);
		//获取返回cookie 及 json数据
		list ( $header, $body ) = explode ( "\r\n\r\n", $data, 2 );
		//保存cookie
		$this->save_cookie($header);
		$json_login = json_decode($body);
		//访问返回json链接
		$domain_urls = $json_login->crossDomainUrlList;
		$i = 0;
		foreach ($domain_urls as $v) {
			$req_url = $v.'&callback=sinaSSOController.doCrossDomainCallBack&scriptId=ssoscript'.$i.'&client=ssologin.js(v1.4.15)&_='.time();
			$req_data = $this->request_url ( $req_url, null, $this->request_cookie, array());
			list ( $header, $body ) = explode ( "\r\n\r\n", $data, 2 );
			$this->save_cookie($header);
			$i ++;
		}
	}
	
	function save_cookie($header) {
		$headers = explode('\r\n', $header);
		foreach ($headers as $v) {
			$tmp = explode("\r\n", $v);
			foreach ($tmp as $it) {
				$pos = strpos($it, 'Set-Cookie');
				if ($pos !== false) {
					$cv = explode(":", $it);
					$this->request_cookie .= $cv[1].';';
					//$_COOKIE[$cv[0]] = $cv[1];
					//setcookie($cv[0], $cv[1],  time()+60*60*24*30);
					//param::set_cookie($cv[0], $cv[1]);
				}
			}
		}
	}
	
	//根据预登陆返回信息，登录
	function browser_login() {
		//登录url
		$login_url = 'https://login.sina.com.cn/sso/login.php?client=ssologin.js(v1.4.15)&_='.time();
		//登录所需数据
		$post_data['entry'] = 'account';
		$post_data['gateway'] = '1';
		$post_data['from'] = '';
		$post_data['savestate'] = '0';
		$post_data['useticket'] = '0';
		$post_data['pagerefer'] = '';
		$post_data['vsnf'] = '1';
		$post_data['su'] = param::get_cookie('sina_su');
		$post_data['service'] = 'sso';
		$post_data['servertime'] = param::get_cookie('sina_servertime');
		$post_data['nonce'] = param::get_cookie('sina_nonce');
		$post_data['pwencode'] = 'rsa2';
		$post_data['rsakv'] = param::get_cookie('sina_rsakv');
		$post_data['sp'] = $this->sp;
		$post_data['sr'] = '1366*768';
		$post_data['encoding'] = 'UTF-8';
		$post_data['cdult'] = '3';
		$post_data['domain'] = 'sina.com.cn';
		$post_data['prelt'] = '51';
		$post_data['returntype'] = 'TEXT';
		echo "

"; echo ""; echo "

"; echo " <script type='text/javascript' src='".APP_PATH.JS_PATH."lib/jquery.min.1.7.2.js'></script><script type='text/javascript'> function doSubmit(){ //document.getElementById('sina_form').submit(); // $('#sina_form').submit(); //跨域访问，登录新浪通行证 $.getJSON('".$login_url."'+$('#sina_form').serialize()+'&callback=?', function(result) { if (result.retcode == 0) { var domainUrl = result.crossDomainUrlList; var turl = ''; for (var i=0; i

"; echo ""; } function sina_login() { //获取加密后的密码 $this->sp = $_GET['sp']; //账号登录 $this->browser_login(); } //调用js 加密密码 function ajax_pwd_encode() { echo "<script type='text/javascript' src='".APP_PATH.JS_PATH."lib/jquery.min.1.7.2.js'></script>"; echo << EOT; echo " <script type='text/javascript'> // //下面的链接是phpcms中的使用方式，单独php项目调用sina_login方法就行 var url = '".APP_PATH."index.php?m=admin&c=login_weibo&a=sina_login'; var encrpt = getpass('".$this->password."', ".$this->json_obj->servertime.", '".$this->json_obj->nonce."', '".$this->json_obj->pubkey."'); //$.post(url, {sp:encrpt}); // //下面的链接是phpcms中的使用方式，单独php项目调用sina_login方法就行 window.location.href='".APP_PATH."index.php?m=admin&c=login_weibo2&a=sina_login&sp='+encrpt; </script>"; } /** * 模拟post、get请求 * * @param string $url * @param array $post_data * null时，get请求 * @param string $request_cookie */ function request_url($url = '', $post_data = array(), $request_cookies = '', $request_headers = '', $return_cookie=1) { if (empty ( $url )) { return false; } $is_post = false; if (! empty ( $post_data ) && is_array ( $post_data )) { $o = ""; foreach ( $post_data as $k => $v ) { $o .= "$k=" . urlencode ( $v ) . "&"; } $post_data = substr ( $o, 0, - 1 ); $is_post = true; } $ch = curl_init (); // 初始化curl curl_setopt ( $ch, CURLOPT_URL, $url ); // 抓取指定网页 curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, 1 ); // 要求结果为字符串且输出到屏幕上 if ($is_post) { curl_setopt ( $ch, CURLOPT_POST, 1 ); // post提交方式 curl_setopt ( $ch, CURLOPT_POSTFIELDS, $post_data ); // post数据 } curl_setopt ( $ch, CURLOPT_COOKIE, $request_cookies ); // 请求cookie curl_setopt ( $ch, CURLOPT_HEADER, $return_cookie); // 返回cookie到头 curl_setopt ( $ch, CURLOPT_CONNECTTIMEOUT, 120 ); curl_setopt ( $ch, CURLOPT_HTTPHEADER, $request_headers ); curl_setopt ( $ch, CURLOPT_FOLLOWLOCATION, 1); $data = curl_exec ( $ch ); // 运行curl curl_close ( $ch ); return $data; } } ?>