From 7d1cb5b5c106cbc248e4e4bbcf45b570e2311700 Mon Sep 17 00:00:00 2001 From: qaiu <736226400@qq.com> Date: Sat, 29 Jul 2023 18:08:30 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=20=E9=80=9A=E8=BF=87JS?= =?UTF-8?q?=E6=96=87=E4=BB=B6=E8=8E=B7=E5=8F=96123pan=E7=AD=BE=E5=90=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cn/qaiu/lz/common/parser/impl/YeTool.java | 42 ++++- .../cn/qaiu/lz/common/util/JsExecUtils.java | 44 +++++ .../src/main/resources/http-tools/pan-uc.http | 6 +- web-service/src/main/resources/js/ye123.js | 165 ++++++------------ .../test/java/cn/qaiu/web/test/TestJs.java | 47 +++++ web-service/src/test/resources/test.js | 3 + 6 files changed, 186 insertions(+), 121 deletions(-) create mode 100644 web-service/src/main/java/cn/qaiu/lz/common/util/JsExecUtils.java create mode 100644 web-service/src/test/java/cn/qaiu/web/test/TestJs.java create mode 100644 web-service/src/test/resources/test.js diff --git a/web-service/src/main/java/cn/qaiu/lz/common/parser/impl/YeTool.java b/web-service/src/main/java/cn/qaiu/lz/common/parser/impl/YeTool.java index 73e7c1a..c1abba1 100644 --- a/web-service/src/main/java/cn/qaiu/lz/common/parser/impl/YeTool.java +++ b/web-service/src/main/java/cn/qaiu/lz/common/parser/impl/YeTool.java @@ -1,8 +1,8 @@ package cn.qaiu.lz.common.parser.impl; import cn.qaiu.lz.common.parser.IPanTool; -import cn.qaiu.lz.common.util.AESUtils; import cn.qaiu.lz.common.util.CommonUtils; +import cn.qaiu.lz.common.util.JsExecUtils; import cn.qaiu.lz.common.util.PanExceptionUtils; import cn.qaiu.vx.core.util.VertxHolder; import io.vertx.core.Future; @@ -12,7 +12,10 @@ import io.vertx.ext.web.client.WebClient; import io.vertx.uritemplate.UriTemplate; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; +import org.openjdk.nashorn.api.scripting.ScriptObjectMirror; +import javax.script.ScriptException; +import java.io.IOException; import java.net.MalformedURLException; import java.util.Base64; import java.util.Map; @@ -26,13 +29,19 @@ import java.util.regex.Pattern; public class YeTool implements IPanTool { public static final String SHARE_URL_PREFIX = "https://www.123pan.com/s/"; public static final String FIRST_REQUEST_URL = SHARE_URL_PREFIX + "{key}.html"; -// private static final String GET_FILE_INFO_URL = "https://www.123pan.com/a/api/share/get?limit=100&next=1&orderBy" + -// "=file_name&orderDirection=asc&shareKey={shareKey}&SharePwd={pwd}&ParentFileId=0&Page=1&event" + -// "=homeListFile&operateType=1"; - private static final String GET_FILE_INFO_URL="https://www.123pan.com/b/api/share/get?limit=100&next=1&orderBy=file_name&orderDirection=asc" + - "&shareKey={shareKey}&SharePwd={pwd}&ParentFileId=0&Page=1&event=homeListFile&operateType=1&auth-key={authKey}"; +/* + private static final String GET_FILE_INFO_URL = "https://www.123pan.com/a/api/share/get?limit=100&next=1&orderBy" + + "=file_name&orderDirection=asc&shareKey={shareKey}&SharePwd={pwd}&ParentFileId=0&Page=1&event" + + "=homeListFile&operateType=1"; + private static final String GET_FILE_INFO_URL="https://www.123pan + .com/b/api/share/get?limit=100&next=1&orderBy=file_name&orderDirection=asc" + + "&shareKey={shareKey}&SharePwd={pwd}&ParentFileId=0&Page=1&event=homeListFile&operateType=1&auth-key + ={authKey}"; +*/ - private static final String DOWNLOAD_API_URL = "https://www.123pan.com/b/api/share/download/info?auth-key={authKey}"; + private static final String GET_FILE_INFO_URL="https://www.123pan.com/b/api/share/get?limit=100&next=1&orderBy=file_name&orderDirection=asc" + + "&shareKey={shareKey}&SharePwd={pwd}&ParentFileId=0&Page=1&event=homeListFile&operateType=1"; + private static final String DOWNLOAD_API_URL = "https://www.123pan.com/b/api/share/download/info?{authK}={authV}"; public Future parse(String data, String code) { @@ -66,7 +75,7 @@ public class YeTool implements IPanTool { client.getAbs(UriTemplate.of(GET_FILE_INFO_URL)) .setTemplateParam("shareKey", shareKey) .setTemplateParam("pwd", code) - .setTemplateParam("authKey", AESUtils.getAuthKey("/b/api/share/get")) + // .setTemplateParam("authKey", AESUtils.getAuthKey("/b/api/share/get")) .putHeader("Platform", "web") .putHeader("App-Version", "3") .send().onSuccess(res2 -> { @@ -103,8 +112,23 @@ public class YeTool implements IPanTool { jsonObject.put("S3keyFlag", reqBodyJson.getString("S3KeyFlag")); jsonObject.put("Size", reqBodyJson.getInteger("Size")); jsonObject.put("Etag", reqBodyJson.getString("Etag")); + + // 调用JS文件获取签名 + ScriptObjectMirror getSign; + try { + getSign = JsExecUtils.executeJs("getSign", "/b/api/share/download/info"); + } catch (ScriptException | IOException | NoSuchMethodException e) { + promise.fail(e); + return; + } + if (getSign == null) { + promise.fail("getSign failed"); + return; + } + client.postAbs(UriTemplate.of(DOWNLOAD_API_URL)) - .setTemplateParam("authKey", AESUtils.getAuthKey("/b/api/share/download/info")) + .setTemplateParam("authK", getSign.get("0").toString()) + .setTemplateParam("authV", getSign.get("1").toString()) .putHeader("Platform", "web") .putHeader("App-Version", "3") .sendJsonObject(jsonObject).onSuccess(res2 -> { diff --git a/web-service/src/main/java/cn/qaiu/lz/common/util/JsExecUtils.java b/web-service/src/main/java/cn/qaiu/lz/common/util/JsExecUtils.java new file mode 100644 index 0000000..0977ea5 --- /dev/null +++ b/web-service/src/main/java/cn/qaiu/lz/common/util/JsExecUtils.java @@ -0,0 +1,44 @@ +package cn.qaiu.lz.common.util; + +import org.openjdk.nashorn.api.scripting.ScriptObjectMirror; + +import javax.script.Invocable; +import javax.script.ScriptEngine; +import javax.script.ScriptEngineManager; +import javax.script.ScriptException; +import java.io.FileReader; +import java.io.IOException; +import java.net.URL; + +/** + * 执行Js脚本 + * @author QAIU + * @date 2023/7/29 17:35 + */ +public class JsExecUtils { + private static final String JS_PATH = "/js/ye123.js"; + + /** + * 调用js文件 + */ + public static ScriptObjectMirror executeJs(String functionName, Object... args) throws ScriptException, + IOException, NoSuchMethodException { + ScriptEngineManager engineManager = new ScriptEngineManager(); + ScriptEngine engine = engineManager.getEngineByName("JavaScript"); // 得到脚本引擎 + //获取文件所在的相对路径 + URL resource = JsExecUtils.class.getResource("/"); + if (resource == null) { + throw new ScriptException("js resource path is null"); + } + String path = resource.getPath(); + System.out.println(path); + String reader = path + JS_PATH; + FileReader fReader = new FileReader(reader); + engine.eval(fReader); + fReader.close(); + + Invocable inv = (Invocable) engine; + //调用js中的方法 + return (ScriptObjectMirror) inv.invokeFunction(functionName, args); + } +} diff --git a/web-service/src/main/resources/http-tools/pan-uc.http b/web-service/src/main/resources/http-tools/pan-uc.http index c6ecc90..10a6ac2 100644 --- a/web-service/src/main/resources/http-tools/pan-uc.http +++ b/web-service/src/main/resources/http-tools/pan-uc.http @@ -10,7 +10,7 @@ content-type: application/json {"pwd_id":"33197dd53ace4","passcode":"","share_for_transfer":true} ### UCpan 第二步 获取fid,share_fid_token GET传参pwd_id,passcode,stoken -https://pc-api.uc.cn/1/clouddrive/transfer_share/detail?pwd_id=33197dd53ace4&passcode=&stoken=oPz47hsgQXQdDYimsP4kBMi8aLv40X378IZOiBsnfLU%3D +https://pc-api.uc.cn/1/clouddrive/transfer_share/detail?pwd_id=33197dd53ace4&passcode=&stoken=W5b1n2jeFld5RmIusaVOr3vA0vVSCWYQ7Mz8bT2coZM%3D content-type: application/json ### UCpan 第二步获取下载链接 POST json传入fids(fid),pwd_id,stoken,fids_token(share_fid_token) @@ -22,9 +22,9 @@ content-type: application/json "54c3cd90ed3e45119bb96ed99a562d40" ], "pwd_id": "33197dd53ace4", - "stoken": "oPz47hsgQXQdDYimsP4kBMi8aLv40X378IZOiBsnfLU=", + "stoken": "W5b1n2jeFld5RmIusaVOr3vA0vVSCWYQ7Mz8bT2coZM=", "fids_token": [ - "ff9f5b5c94df9d08c8dd3b7948fc5e20" + "4cb5eabb0ce5a26d12ae5ab8acf68aec" ] } diff --git a/web-service/src/main/resources/js/ye123.js b/web-service/src/main/resources/js/ye123.js index 7daa85b..76f0399 100644 --- a/web-service/src/main/resources/js/ye123.js +++ b/web-service/src/main/resources/js/ye123.js @@ -1,106 +1,6 @@ -function(_0x260eea) { - var _0x32debd = _0x5d1dcd; - while (0x1) - switch (_0x260eea[_0x32debd('0x3081')] = _0x260eea['next']) { - case 0x0: - if (_0x48562f = Math['round'](0x989680 * Math['random']()), - _0x4a64a3 = Math.round((new Date().getTime() + 0x3c * new Date().getTimezoneOffset() * 0x3e8 + 28800000) / 0x3e8).toString(), - !_0x2acee0) { - _0x260eea[_0x32debd('0x2ea2')] = 0x6; - break; - } - _0x3f179c = _0x267b46, - _0x260eea['next'] = 0x9; - break; - case 0x6: - return _0x260eea[_0x32debd('0x2ea2')] = 0x8, - _0x120ff0(_0x40fd67, ()=>{ - var _0x229129 = _0x32debd; - console[_0x229129('0x1430')](_0x229129('0x261b')); - } - , 0x3); - case 0x8: - _0x3f179c = _0x260eea['sent']; - case 0x9: - if (!(_0x1c9c65(_0x4a64a3, _0x3f179c) >= 0x14)) { - if (_0x32debd('0x22d4') === _0x32debd('0x22d4')) { - _0x260eea[_0x32debd('0x2ea2')] = 0xf; - break; - } else { - function _0x162fbc() { - var _0x15df95 = _0x32debd - , _0x49beb6 = this[_0x15df95('0xa89')] - , _0x28484b = _0x49beb6[_0x15df95('0x1e71')] - , _0x243239 = _0x49beb6['actions'] - , _0x1b1b63 = _0x49beb6['dblclickable']; - this[_0x15df95('0x133b')](_0x28484b, _0x1f5a03) && _0x1b1b63 && this[_0x15df95('0x32ac')](_0x28484b, _0x243239); - } - } - } - _0x1e2592 = _0x3f179c, - _0x2acee0 = !0x0, - _0x5c82b2 = _0x3011b3(_0x40fd67, 0xea60), - _0x260eea[_0x32debd('0x2ea2')] = 0x15; - break; - case 0xf: - if (!_0x5c82b2) { - if (_0x32debd('0x27c2') !== 'izdYj') { - _0x260eea[_0x32debd('0x2ea2')] = 0x14; - break; - } else { - function _0x4715af() { - var _0x4c7599 = _0x32debd - , _0x3b216f = []; - return (_0x5e4d62 || [])[_0x4c7599('0x20b2')](function(_0x4f449b) { - var _0x10cbc5 = _0x4c7599 - , _0x1b62b4 = _0x4f449b[_0x10cbc5('0x715')] - , _0x2b00c8 = _0x4f449b[_0x10cbc5('0x2505')]; - _0x3b216f['push'](_0x1b62b4), - _0x2b00c8 && (_0x3b216f = [][_0x10cbc5('0x3199')](_0x3de93d(_0x8b77f4['a'])(_0x3b216f), _0x266710(_0x39d1d0['a'])(_0x3bfbbc(_0x2b00c8)))); - }), - _0x3b216f; - } - } - } - return _0x260eea[_0x32debd('0x2ea2')] = 0x12, - _0xecf6f4(_0x5c82b2); - case 0x12: - _0x2acee0 = !0x1, - _0x5c82b2 = 0x0; - case 0x14: - _0x1e2592 = _0x4a64a3; - case 0x15: - for (_0x1c540f in (_0x2f7dfc = atob(_0x362d99()).split(','), - _0x35a889 = _0x144d1a(_0x1e2592), - _0x36f983 = _0x35a889['y'], - _0x3b043d = _0x35a889['m'], - _0x5bc73b = _0x35a889['d'], - _0x4b30b2 = _0x35a889['h'], - _0x32399e = _0x35a889['f'], - _0x25d94e = [_0x36f983, _0x3b043d, _0x5bc73b, _0x4b30b2, _0x32399e].join(''), - _0x373490 = [], - _0x25d94e)) - _0x373490['push'](_0x2f7dfc[Number(_0x25d94e[_0x1c540f])]); - return _0x43bdc6 = _0x4f141a(_0x373490['join']('')), - _0x406c4e = _0x4f141a(''['concat'](_0x1e2592, '|')['concat'](_0x48562f, '|')['concat'](_0x1e37d5, '|')['concat'](_0x4e2d74, '|')['concat'](_0x56f040, '|')['concat'](_0x43bdc6)), - [_0x43bdc6, ''['concat'](_0x1e2592, '-')['concat'](_0x48562f, '-')['concat'](_0x406c4e)]; - - - - _0x260eea[_0x32debd('0x1610')](_0x32debd('0x2701'), [_0x43bdc6, ''['concat'](_0x1e2592, '-')['concat'](_0x48562f, '-')['concat'](_0x406c4e)]); - - - case 0x1d: - case 'end': - return _0x260eea.stop(); - } - - -} - - - +/* eaefamemdead +eaefameidldy _0x4f141a(1690439821|5790548|/b/api/share/download/info|web|3|1946841013) = 秘钥 _0x1e2592 1690439821 时间戳 @@ -113,6 +13,26 @@ _0x43bdc6 1946841013 加密时间HASH戳 >>>> _0x43bdc6=''['concat'](_0x1e2592, '-')['concat'](_0x48562f, '-')['concat'](_0x406c4e) 加密时间HASH戳 = 时间戳-随机码-秘钥 +*/ + +function _0x1b5d95(_0x278d1a) { + var _0x839b57, + _0x4ed4dc = arguments['length'] > 0x2 && void 0x0 !== arguments[0x2] ? arguments[0x2] : 0x8; + if (0x0 === arguments['length']) + return null; + 'object' === typeof _0x278d1a ? _0x839b57 = _0x278d1a : (0xa === ('' + _0x278d1a)['length'] && (_0x278d1a = 0x3e8 * parseInt(_0x278d1a)), + _0x839b57 = new Date(_0x278d1a)); + var _0xc5c54a = _0x278d1a + 0xea60 * new Date(_0x278d1a)['getTimezoneOffset']() + , _0x3732dc = _0xc5c54a + 0x36ee80 * _0x4ed4dc; + return _0x839b57 = new Date(_0x3732dc), + { + 'y': _0x839b57['getFullYear'](), + 'm': _0x839b57['getMonth']() + 0x1 < 0xa ? '0' + (_0x839b57['getMonth']() + 0x1) : _0x839b57['getMonth']() + 0x1, + 'd': _0x839b57['getDate']() < 0xa ? '0' + _0x839b57['getDate']() : _0x839b57['getDate'](), + 'h': _0x839b57['getHours']() < 0xa ? '0' + _0x839b57['getHours']() : _0x839b57['getHours'](), + 'f': _0x839b57['getMinutes']() < 0xa ? '0' + _0x839b57['getMinutes']() : _0x839b57['getMinutes']() + }; +} function _0x4f141a(_0x4075b1) { @@ -120,8 +40,7 @@ function _0x4f141a(_0x4075b1) { for (var _0x4eddcb = arguments['length'] > 0x1 && void 0x0 !== arguments[0x1] ? arguments[0x1] : 0xa, _0x4ee01e = function(_0x3bb99e) { - var - _0x3bb99e = _0x3bb99e['replace'](/\\r\\n/g, '\x5cn'); + var _0x3bb99e = _0x3bb99e['replace'](/\\r\\n/g, '\x5cn'); for (var _0x585459 = '', _0x15c988 = 0x0; _0x15c988 < _0x3bb99e['length']; _0x15c988++) { var _0x36bb3e = _0x3bb99e['charCodeAt'](_0x15c988); _0x36bb3e < 0x80 ? _0x585459 += String['fromCharCode'](_0x36bb3e) : _0x36bb3e > 0x7f && _0x36bb3e < 0x800 ? (_0x585459 += String['fromCharCode'](_0x36bb3e >> 0x6 | 0xc0), @@ -151,8 +70,36 @@ function _0x4f141a(_0x4075b1) { } -var _0x83f1 = function(_0x45f5c1, _0x3e4d22) { - _0x45f5c1 = _0x45f5c1 - 0x0; - var _0x83f104 = _0x3e4d[_0x45f5c1]; - return _0x83f104; -}; +function getSign(_0x1e37d5) { + var _0x4e2d74 = 'web'; + var _0x56f040 = 3; + var _0x1e2592 = Math.round((new Date().getTime() + 0x3c * new Date().getTimezoneOffset() * 0x3e8 + 28800000) / 0x3e8).toString(); + var key = 'a,d,e,f,g,h,l,m,y,i,j,n,o,p,k,q,r,s,t,u,b,c,v,w,s,z'; + var _0x48562f = Math['round'](0x989680 * Math['random']()); + + var _0x2f7dfc; + var _0x35a889; + var _0x36f983; + var _0x3b043d; + var _0x5bc73b; + var _0x4b30b2; + var _0x32399e; + var _0x25d94e; + var _0x373490; + for (var _0x1c540f in (_0x2f7dfc = key.split(','), + _0x35a889 = _0x1b5d95(_0x1e2592), + _0x36f983 = _0x35a889['y'], + _0x3b043d = _0x35a889['m'], + _0x5bc73b = _0x35a889['d'], + _0x4b30b2 = _0x35a889['h'], + _0x32399e = _0x35a889['f'], + _0x25d94e = [_0x36f983, _0x3b043d, _0x5bc73b, _0x4b30b2, _0x32399e].join(''), + _0x373490 = [], + _0x25d94e)) + _0x373490['push'](_0x2f7dfc[Number(_0x25d94e[_0x1c540f])]); + var _0x43bdc6; + var _0x406c4e; + return _0x43bdc6 = _0x4f141a(_0x373490['join']('')), + _0x406c4e = _0x4f141a(''['concat'](_0x1e2592, '|')['concat'](_0x48562f, '|')['concat'](_0x1e37d5, '|')['concat'](_0x4e2d74, '|')['concat'](_0x56f040, '|')['concat'](_0x43bdc6)), + [_0x43bdc6, ''['concat'](_0x1e2592, '-')['concat'](_0x48562f, '-')['concat'](_0x406c4e)]; +} diff --git a/web-service/src/test/java/cn/qaiu/web/test/TestJs.java b/web-service/src/test/java/cn/qaiu/web/test/TestJs.java new file mode 100644 index 0000000..4016f89 --- /dev/null +++ b/web-service/src/test/java/cn/qaiu/web/test/TestJs.java @@ -0,0 +1,47 @@ +package cn.qaiu.web.test; + +import javax.script.Invocable; +import javax.script.ScriptEngine; +import javax.script.ScriptEngineManager; +import javax.script.ScriptException; +import java.io.FileReader; +import java.io.IOException; + +/** + * @author QAIU + * @date 2023/7/29 17:15 + */ +public class TestJs { + + /** + * 调用js文件获取url + * + */ + private static String excuteJs() throws ScriptException, + IOException, NoSuchMethodException { + ScriptEngineManager engineManager = new ScriptEngineManager(); + ScriptEngine engine = engineManager.getEngineByName("JavaScript"); // 得到脚本引擎 + String reader = null; + //获取文件所在的相对路径 + //String text = System.getProperty("user.dir"); + //reader = text + "\\src\\main\\resources\\test.js"; + + String path = TestJs.class.getResource("/").getPath(); + System.out.println(path); + reader = path + "/test.js"; + FileReader fReader = new FileReader(reader); + engine.eval(fReader); + + Invocable inv = (Invocable) engine; + //调用js中的方法 + Object test2 = inv.invokeFunction("add", 1, 2); + String url = test2.toString(); + fReader.close(); + return url; + } + + public static void main(String[] args) throws ScriptException, IOException, NoSuchMethodException { + String s = excuteJs(); + System.out.println(s); + } +} diff --git a/web-service/src/test/resources/test.js b/web-service/src/test/resources/test.js new file mode 100644 index 0000000..86eb6d1 --- /dev/null +++ b/web-service/src/test/resources/test.js @@ -0,0 +1,3 @@ +function add(a, b) { + return a + b; +}