php curl登录到espn.com

内容来源于 Stack Overflow,并遵循CC BY-SA 3.0许可协议进行翻译与使用

  • 回答 (1)
  • 关注 (0)
  • 查看 (46)

我尝试了很多不同的东西而没有找到任何解决方案,以便使用cUrl登录http://www.espn.com/login/并在登录后我想要检索受保护的密码区域http://games.espn。 COM / ffl第/会所?leagueId = 93772&teamId = 1&seasonId = 2018

我试图使用的是:

$username = 'email';
$password = 'password!';
$loginUrl = 'http://www.espn.com/login/';

//init curl
$ch = curl_init();

//Set the URL to work with
curl_setopt($ch, CURLOPT_URL, $loginUrl);

// ENABLE HTTP POST
curl_setopt($ch, CURLOPT_POST, 1);

//Set the post parameters
curl_setopt($ch, CURLOPT_POSTFIELDS, 'user='.$username.'&pass='.$password);

//Handle cookies for the login
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');

//Setting CURLOPT_RETURNTRANSFER variable to 1 will force cURL
//not to print out the results of its query.
//Instead, it will return the results as a string return value
//from curl_exec() instead of the usual true/false.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

//execute the request (the login)
$store = curl_exec($ch);

//the login is now done and you can continue to get the
//protected content.
sleep(3);
//set the URL to the protected file
curl_setopt($ch, CURLOPT_URL, 'http://games.espn.com/ffl/clubhouse?leagueId=93772&teamId=1&seasonId=2018');

//execute the request
$content = curl_exec($ch);

curl_close($ch);

//save the data to disk
file_put_contents('download.txt', $content);

但是在脚本登录后再次检索不到html!

提问于
用户回答回答于

本页面的登录程序是远远复杂得多,你的代码使出来是,这里是如何登录:

1:向标题发送OPTIONS请求,并且,它将使用标题响应,您必须解析并保存此correlation-id标头。https://registerdisney.go.com/jgc/v6/client/ESPN-ONESITE.WEB-PROD/api-key?langPref=en-USAccess-Control-Request-Method: POSTAccess-Control-Request-Headers: cache-control,content-type,conversation-id,correlation-id,expires,pragmaOrigin: https://cdn.registerdisney.go.comcorrelation-id: 13fb884f-d873-4344-9f32-fdeaa64cec7c

2:这变得棘手,你需要生成一个conversation-id,我为你提取了生成算法,它隐藏在缩小的js中,它是由uuid函数生成的,如下所示:

function f() { return g() + g() + "-" + g() + "-" + g("4") + "-" + g((Math.floor(10 * Math.random()) % 4 + 8).toString(16)) + "-" + g() + g() + g() }

function g(e) { for (var t = Math.floor(65535 * Math.random()).toString(16), n = 4 - t.length; n > 0; n--) t = "0" + t; return e = ("" + e).substring(0, 4), !isNaN(parseInt(e, 16)) && e.length ? e + t.substr(e.length) : t }

function uuid(){return f();}

(因为你正在运行PHP,而不是javascript,你必须将这个代码转换为PHP。如果你知道javascript和PHP,我很简单),输出看起来像conversation-id: e2e3b494-2b67-4fe1-b0a2-21e0f7fa84ff,生成时,保存它。现在发送POST请求,https://registerdisney.go.com/jgc/v6/client/ESPN-ONESITE.WEB-PROD/api-key?langPref=en-US该请求体字面上包含字符串null,并用头Referer: https://cdn.registerdisney.go.com/v2/ESPN-ONESITE.WEB-PROD/en-US?include=config,l10n,js,html&scheme=http&postMessageOrigin=http%3A%2F%2Fwww.espn.com%2Flogin%2F&cookieDomain=www.espn.com&config=PROD&logLevel=LOG&topHost=www.espn.com&cssOverride=https%3A%2F%2Fsecure.espncdn.com%2Fcombiner%2Fc%3Fcss%3Ddisneyid%2Fcore.css&responderPage=https%3A%2F%2Fwww.espn.com%2Flogin%2Fresponder%2F&buildId=16388ed5943Content-Type: application/jsonconversation-id: $conversation_idcorrelation-id: $correlation_id(和注释,引用者头是硬编码和假的,你是不是重定向到这个网址,但JavaScript代码被写入假它让它看起来像是一个重定向。怪异的狗屎,对吧?)

响应将包含一个api-key标题,看起来像api-key: MR6UpmRG0VAqAvKStLzof79sbb+1w/HHBextDPqktXf9eXoDfklhgRMFKBpOqt5j63AqoYFx0VHH7/eePYnuw9U7Rg1F,你必须解析并保存此api密钥。

3:https://ha.registerdisney.go.com/jgc/v6/client/ESPN-ONESITE.WEB-PROD/guest/login?langPref=en-US HTTP/1.1使用标题Access-Control-Request-Method: POSTAccess-Control-Request-Headers: authorization,cache-control,content-type,conversation-id,correlation-id,expires,pragma和执行OPTIONS请求Origin: https://cdn.registerdisney.go.com

注意:它会在标题中为您提供一个新的correlation-id标记,但忽略它,它似乎不会在任何地方使用,旧的关联标记是您应该继续用于下一个请求的1。

4:做一个POST请求https://ha.registerdisney.go.com/jgc/v6/client/ESPN-ONESITE.WEB-PROD/guest/login?langPref=en-US时,身体必须JSON编码的用户名和密码,它看起来像json_encode(array('loginValue'=>$username,'password'=>$password)),用头Referer: https://cdn.registerdisney.go.com/v2/ESPN-ONESITE.WEB-PROD/en-US?include=config,l10n,js,html&scheme=http&postMessageOrigin=http%3A%2F%2Fwww.espn.com%2Flogin%2F&cookieDomain=www.espn.com&config=PROD&logLevel=LOG&topHost=www.espn.com&cssOverride=https%3A%2F%2Fsecure.espncdn.com%2Fcombiner%2Fc%3Fcss%3Ddisneyid%2Fcore.css&responderPage=https%3A%2F%2Fwww.espn.com%2Flogin%2Fresponder%2F&buildId=16388ed5943Content-Type: application/jsonAuthorization: APIKEY $api_key(注意,你必须从字面上用大写字母串APIKEY启动它,后面跟一个空格和您之前提取的实际api密钥)correlation-id: $correlation_idconversation-id: $conversation_idOrigin: https://cdn.registerdisney.go.com

在这里它以json响应,大概是,如果登录成功,errorjson 的成员为空,但是例如,当用户名不存在时,错误对象包含以下内容: Error: invalid_grant, Description: 'PROFILE.NOT_FOUND', Code: AUTHENTICATION_FAILED"}

(意思是我使用的用户名foo,不存在。)

如果登录现在成功,我认为它会为您提供一个令牌或cookie,您可以将其提供给http://games.espn.com/ffl/clubhouse?leagueId=93772&teamId=1&seasonId=2018以检查登录的页面,但由于我没有有效的用户名/密码进行测试,我实际上无法确认这一点。

扫码关注云+社区

领取腾讯云代金券