fix(pikpak_share): add captcha_token generation function (#7045)

2024-08-22 00:35:14 +08:00
parent 18176c659c
commit 489b28bdf7
4 changed files with 316 additions and 46 deletions
--- a/drivers/pikpak_share/util.go
+++ b/drivers/pikpak_share/util.go
@ -1,21 +1,78 @@
 package pikpak_share

 import (
+	"crypto/md5"
+	"crypto/sha1"
+	"encoding/hex"
 	"errors"
+	"fmt"
+	"github.com/alist-org/alist/v3/pkg/utils"
 	"net/http"
+	"regexp"
+	"strings"
+	"time"

 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/go-resty/resty/v2"
 )

+var AndroidAlgorithms = []string{
+	"Gez0T9ijiI9WCeTsKSg3SMlx",
+	"zQdbalsolyb1R/",
+	"ftOjr52zt51JD68C3s",
+	"yeOBMH0JkbQdEFNNwQ0RI9T3wU/v",
+	"BRJrQZiTQ65WtMvwO",
+	"je8fqxKPdQVJiy1DM6Bc9Nb1",
+	"niV",
+	"9hFCW2R1",
+	"sHKHpe2i96",
+	"p7c5E6AcXQ/IJUuAEC9W6",
+	"",
+	"aRv9hjc9P+Pbn+u3krN6",
+	"BzStcgE8qVdqjEH16l4",
+	"SqgeZvL5j9zoHP95xWHt",
+	"zVof5yaJkPe3VFpadPof",
+}
+
+var WebAlgorithms = []string{
+	"C9qPpZLN8ucRTaTiUMWYS9cQvWOE",
+	"+r6CQVxjzJV6LCV",
+	"F",
+	"pFJRC",
+	"9WXYIDGrwTCz2OiVlgZa90qpECPD6olt",
+	"/750aCr4lm/Sly/c",
+	"RB+DT/gZCrbV",
+	"",
+	"CyLsf7hdkIRxRm215hl",
+	"7xHvLi2tOYP0Y92b",
+	"ZGTXXxu8E/MIWaEDB+Sm/",
+	"1UI3",
+	"E7fP5Pfijd+7K+t6Tg/NhuLq0eEUVChpJSkrKxpO",
+	"ihtqpG6FMt65+Xk+tWUH2",
+	"NhXXU9rg4XXdzo7u5o",
+}
+
+const (
+	AndroidClientID      = "YNxT9w7GMdWvEOKa"
+	AndroidClientSecret  = "dbw2OtmVEeuUvIptb1Coyg"
+	AndroidClientVersion = "1.47.1"
+	AndroidPackageName   = "com.pikcloud.pikpak"
+	AndroidSdkVersion    = "2.0.4.204000"
+	WebClientID          = "YUMx5nI8ZU8Ap8pm"
+	WebClientSecret      = "dbw2OtmVEeuUvIptb1Coyg"
+	WebClientVersion     = "2.0.0"
+	WebPackageName       = "mypikpak.com"
+	WebSdkVersion        = "8.0.3"
+)
+
 func (d *PikPakShare) request(url string, method string, callback base.ReqCallback, resp interface{}) ([]byte, error) {
 	req := base.RestyClient.R()
-
-	token, err := d.oauth2Token.Token()
-	if err != nil {
-		return nil, err
-	}
-	req.SetAuthScheme(token.TokenType).SetAuthToken(token.AccessToken)
+	req.SetHeaders(map[string]string{
+		"User-Agent":      d.GetUserAgent(),
+		"X-Client-ID":     d.GetClientID(),
+		"X-Device-ID":     d.GetDeviceID(),
+		"X-Captcha-Token": d.GetCaptchaToken(),
+	})

 	if callback != nil {
 		callback(req)
@ -23,16 +80,25 @@ func (d *PikPakShare) request(url string, method string, callback base.ReqCallba
 	if resp != nil {
 		req.SetResult(resp)
 	}
-	var e RespErr
+	var e ErrResp
 	req.SetError(&e)
 	res, err := req.Execute(method, url)
 	if err != nil {
 		return nil, err
 	}
-	if e.ErrorCode != 0 {
-		return nil, errors.New(e.Error)
+	switch e.ErrorCode {
+	case 0:
+		return res.Body(), nil
+	case 9: // 验证码token过期
+		if err = d.RefreshCaptchaToken(GetAction(method, url), ""); err != nil {
+			return nil, err
+		}
+		return d.request(url, method, callback, resp)
+	case 10: // 操作频繁
+		return nil, errors.New(e.ErrorDescription)
+	default:
+		return nil, errors.New(e.Error())
 	}
-	return res.Body(), nil
 }

 func (d *PikPakShare) getSharePassToken() error {
@ -92,3 +158,161 @@ func (d *PikPakShare) getFiles(id string) ([]File, error) {
 	}
 	return res, nil
 }
+
+func GetAction(method string, url string) string {
+	urlpath := regexp.MustCompile(`://[^/]+((/[^/\s?#]+)*)`).FindStringSubmatch(url)[1]
+	return method + ":" + urlpath
+}
+
+type Common struct {
+	client       *resty.Client
+	CaptchaToken string
+	// 必要值,签名相关
+	ClientID      string
+	ClientSecret  string
+	ClientVersion string
+	PackageName   string
+	Algorithms    []string
+	DeviceID      string
+	UserAgent     string
+	// 验证码token刷新成功回调
+	RefreshCTokenCk func(token string)
+}
+
+func (c *Common) SetUserAgent(userAgent string) {
+	c.UserAgent = userAgent
+}
+
+func (c *Common) SetCaptchaToken(captchaToken string) {
+	c.CaptchaToken = captchaToken
+}
+
+func (c *Common) SetDeviceID(deviceID string) {
+	c.DeviceID = deviceID
+}
+
+func (c *Common) GetCaptchaToken() string {
+	return c.CaptchaToken
+}
+
+func (c *Common) GetClientID() string {
+	return c.ClientID
+}
+
+func (c *Common) GetUserAgent() string {
+	return c.UserAgent
+}
+
+func (c *Common) GetDeviceID() string {
+	return c.DeviceID
+}
+
+func generateDeviceSign(deviceID, packageName string) string {
+
+	signatureBase := fmt.Sprintf("%s%s%s%s", deviceID, packageName, "1", "appkey")
+
+	sha1Hash := sha1.New()
+	sha1Hash.Write([]byte(signatureBase))
+	sha1Result := sha1Hash.Sum(nil)
+
+	sha1String := hex.EncodeToString(sha1Result)
+
+	md5Hash := md5.New()
+	md5Hash.Write([]byte(sha1String))
+	md5Result := md5Hash.Sum(nil)
+
+	md5String := hex.EncodeToString(md5Result)
+
+	deviceSign := fmt.Sprintf("div101.%s%s", deviceID, md5String)
+
+	return deviceSign
+}
+
+func BuildCustomUserAgent(deviceID, clientID, appName, sdkVersion, clientVersion, packageName, userID string) string {
+	deviceSign := generateDeviceSign(deviceID, packageName)
+	var sb strings.Builder
+
+	sb.WriteString(fmt.Sprintf("ANDROID-%s/%s ", appName, clientVersion))
+	sb.WriteString("protocolVersion/200 ")
+	sb.WriteString("accesstype/ ")
+	sb.WriteString(fmt.Sprintf("clientid/%s ", clientID))
+	sb.WriteString(fmt.Sprintf("clientversion/%s ", clientVersion))
+	sb.WriteString("action_type/ ")
+	sb.WriteString("networktype/WIFI ")
+	sb.WriteString("sessionid/ ")
+	sb.WriteString(fmt.Sprintf("deviceid/%s ", deviceID))
+	sb.WriteString("providername/NONE ")
+	sb.WriteString(fmt.Sprintf("devicesign/%s ", deviceSign))
+	sb.WriteString("refresh_token/ ")
+	sb.WriteString(fmt.Sprintf("sdkversion/%s ", sdkVersion))
+	sb.WriteString(fmt.Sprintf("datetime/%d ", time.Now().UnixMilli()))
+	sb.WriteString(fmt.Sprintf("usrno/%s ", userID))
+	sb.WriteString(fmt.Sprintf("appname/android-%s ", appName))
+	sb.WriteString(fmt.Sprintf("session_origin/ "))
+	sb.WriteString(fmt.Sprintf("grant_type/ "))
+	sb.WriteString(fmt.Sprintf("appid/ "))
+	sb.WriteString(fmt.Sprintf("clientip/ "))
+	sb.WriteString(fmt.Sprintf("devicename/Xiaomi_M2004j7ac "))
+	sb.WriteString(fmt.Sprintf("osversion/13 "))
+	sb.WriteString(fmt.Sprintf("platformversion/10 "))
+	sb.WriteString(fmt.Sprintf("accessmode/ "))
+	sb.WriteString(fmt.Sprintf("devicemodel/M2004J7AC "))
+
+	return sb.String()
+}
+
+// RefreshCaptchaToken 刷新验证码token
+func (d *PikPakShare) RefreshCaptchaToken(action, userID string) error {
+	metas := map[string]string{
+		"client_version": d.ClientVersion,
+		"package_name":   d.PackageName,
+		"user_id":        userID,
+	}
+	metas["timestamp"], metas["captcha_sign"] = d.Common.GetCaptchaSign()
+	return d.refreshCaptchaToken(action, metas)
+}
+
+// GetCaptchaSign 获取验证码签名
+func (c *Common) GetCaptchaSign() (timestamp, sign string) {
+	timestamp = fmt.Sprint(time.Now().UnixMilli())
+	str := fmt.Sprint(c.ClientID, c.ClientVersion, c.PackageName, c.DeviceID, timestamp)
+	for _, algorithm := range c.Algorithms {
+		str = utils.GetMD5EncodeStr(str + algorithm)
+	}
+	sign = "1." + str
+	return
+}
+
+// refreshCaptchaToken 刷新CaptchaToken
+func (d *PikPakShare) refreshCaptchaToken(action string, metas map[string]string) error {
+	param := CaptchaTokenRequest{
+		Action:       action,
+		CaptchaToken: d.GetCaptchaToken(),
+		ClientID:     d.ClientID,
+		DeviceID:     d.GetDeviceID(),
+		Meta:         metas,
+	}
+	var e ErrResp
+	var resp CaptchaTokenResponse
+	_, err := d.request("https://user.mypikpak.com/v1/shield/captcha/init", http.MethodPost, func(req *resty.Request) {
+		req.SetError(&e).SetBody(param)
+	}, &resp)
+
+	if err != nil {
+		return err
+	}
+
+	if e.IsError() {
+		return errors.New(e.Error())
+	}
+
+	//if resp.Url != "" {
+	//	return fmt.Errorf(`need verify: <a target="_blank" href="%s">Click Here</a>`, resp.Url)
+	//}
+
+	if d.Common.RefreshCTokenCk != nil {
+		d.Common.RefreshCTokenCk(resp.CaptchaToken)
+	}
+	d.Common.SetCaptchaToken(resp.CaptchaToken)
+	return nil
+}