feat: add x-s-common sign. #7

ReaJason · May 4, 2023 · 0fc8b1a · 0fc8b1a
1 parent c418100
commit 0fc8b1a
Show file tree

Hide file tree

Showing 4 changed files with 219 additions and 19 deletions.
diff --git a/tests/__init__.py b/tests/__init__.py
@@ -6,4 +6,4 @@
   pytest tests/test_help.py::test_sign_get -- test specific function
 """
 
-test_cookie = "a1=1875ee347c84l911yfccaewmv2ntixkksu1c6vyu550000205660; webId=3ceadc9abfc351b88b07b556afddab35; gid=yYW2ddq2K2MjyYW2ddq4W7hvSY41jyyviSS0y72dE6hJIS2893CTTK888J82KK88d8fj8Y80; gid.sign=UVwC9x1B9Z2JAmibp1WDAdLvX6E=; xhsTrackerId=e8600419-ff4f-45af-8752-e43bbab7768b; xhsTrackerId.sig=7Dp6WPiPnBFeCM5YCzDnFacb3j6wBspf81N2DVfaV4c; customerClientId=608443185621149; x-user-id-creator.xiaohongshu.com=63273a77000000002303cc9b; web_session=040069b253793fdd9ccd79950e364b000cde81; customerBeakerSessionId=54fb33dea20c0d29ab304a8d759d3749f13eb8a8gAJ9cQAoWBAAAABjdXN0b21lclVzZXJUeXBlcQFLAVgOAAAAX2NyZWF0aW9uX3RpbWVxAkdB2Q77fHVgQlgJAAAAYXV0aFRva2VucQNYQQAAAGIwMzE2YmNkYjU0ZjQxNzc5YzhhZjBhZGU5NzE3MGZhLWZjYThhNmEyYmIyNDQ3YjI5ZWMwYmNlYWEwZDU0ZjY3cQRYAwAAAF9pZHEFWCAAAABmNjM3YWY3NTgzMTM0YTg3YTk5NmM1NmE0ZWRjOTk0NXEGWA4AAABfYWNjZXNzZWRfdGltZXEHR0HZDvt8dWBCWAYAAAB1c2VySWRxCFgYAAAANjMyNzNhNzcwMDAwMDAwMDIzMDNjYzlicQl1Lg==; access-token-creator.xiaohongshu.com=customer.ares.AT-691b76bb3efd498ebe3a6cb017f46ae7-222b758297b14765843c0f4778dc0cad; galaxy.creator.beaker.session.id=1681649137954060365593; timestamp2=168164925795925b122ee29b4db0ade54110c5505d98eefae496ed9465439ae; timestamp2.sig=s9pWgtNJqg5corNC_vTNfPkkrq2TVZTil_WTOQimrAo; xhsTracker=url=user-profile&xhsshare=CopyLink; xhsTracker.sig=WS8d3HYlzoIfhHjyJtY_Y1QP5iYacJ96TpUFr1hgfm4; xsecappid=xhs-pc-web; extra_exp_ids=yamcha_0327_exp,h5_1208_exp3,ques_exp2; extra_exp_ids.sig=tP-EUqmkBBQjAxiuz_uTOZ2UHKu0CJkOe3bWvplEOns; webBuild=2.1.0; websectiga=6169c1e84f393779a5f7de7303038f3b47a78e47be716e7bec57ccce17d45f99; sec_poison_id=807e04d8-2952-4e56-ac43-e65bb827f25f"
+test_cookie = "open-api_worker_plugin_uuid=7d8efd4116794035a86c8e0205f4d15f;a1=187d2defea8dz1fgwydnci40kw265ikh9fsxn66qs50000726043;webId=ba57f42593b9e55840a289fa0b755374;xhsTrackerId=793cad31-9269-477d-a07d-854bdb2f41ce;xhsTrackerId.sig=xJiFE97D1WnVhw2BTfgN04BZ_rJRSyYHbFXvM527-Ag;web_session=040069b253793fdd9ccd79950e364b000cde81;xhsTracker=url=user-profile&xhsshare=CopyLink;xhsTracker.sig=WS8d3HYlzoIfhHjyJtY_Y1QP5iYacJ96TpUFr1hgfm4;extra_exp_ids=yamcha_0327_clt,h5_1208_exp3,ques_clt2;extra_exp_ids.sig=-9P_FIY9nRpp4czlpi3JlPCL_zdr5ZMYd73Vy8sdzzY;gid=yYWfJfi820jSyYWfJfdidiKK0YfuyikEvfISMAM348TEJC28K23TxI888WJK84q8S4WfY2Sy;gid.sign=PSF1M3U6EBC/Jv6eGddPbmsWzLI=;sec_poison_id=9f2e6c0b-e61d-45fb-9ca9-7b44953f2fc7;websectiga=8886be45f388a1ee7bf611a69f3e174cae48f1ea02c0f8ec3256031b8be9c7ee;xsecappid=xhs-pc-web"
diff --git a/tests/test_help.py b/tests/test_help.py
@@ -18,6 +18,12 @@ def header():
     }
 
 
+def test_sign():
+    sign = help.sign("/api/sns/web/v1/user/otherinfo?"
+                     "target_user_id=5ff0e6410000000001008400")
+    print(sign)
+
+
 def test_sign_get(header):
     uri = ("/api/sns/web/v1/user/otherinfo?"
            "target_user_id=5ff0e6410000000001008400")

diff --git a/xhs/core.py b/xhs/core.py
@@ -143,6 +143,7 @@ def _pre_headers(self, url: str, data=None):
         signs = sign(url, data)
         self.__session.headers.update({"x-s": signs["x-s"]})
         self.__session.headers.update({"x-t": signs["x-t"]})
+        self.__session.headers.update({"x-t": signs["x-t"]})
 
     def request(self, method, url, **kwargs):
         response = self.__session.request(

diff --git a/xhs/help.py b/xhs/help.py
@@ -1,7 +1,9 @@
+import ctypes
 import hashlib
 import json
 import random
 import time
+import urllib.parse
 
 import requests
 
@@ -12,26 +14,15 @@ def sign(uri, data=None, ctime=None):
     """
     def h(n):
         m = ""
-        a = 0
         d = "A4NjFqYu5wPHsO0XTdDgMa2r1ZQocVte9UJBvk6/7=yRnhISGKblCWi+LpfE8xzm3"
-        while a < 32:
-            o = ord(n[a])
-            a += 1
-            g = 0
-            if a < 32:
-                g = ord(n[a])
-            a += 1
-            h = 0
-            if a < 32:
-                h = ord(n[a])
-            a += 1
+        for i in range(0, 32, 3):
+            o = ord(n[i])
+            g = ord(n[i+1]) if i+1 < 32 else 0
+            h = ord(n[i+2]) if i+2 < 32 else 0
             x = ((o & 3) << 4) | (g >> 4)
             p = ((15 & g) << 2) | (h >> 6)
             v = o >> 2
-            if h:
-                b = h & 63
-            else:
-                b = 64
+            b = h & 63 if h else 64
             if not g:
                 p = b = 64
             m += d[v] + d[x] + d[p] + d[b]
@@ -40,12 +31,214 @@ def h(n):
     v = int(round(time.time() * 1000) if not ctime else ctime)
     raw_str = f"{v}test{uri}{json.dumps(data, separators=(',', ':'), ensure_ascii=False) if isinstance(data, dict) else ''}"
     md5_str = hashlib.md5(raw_str.encode('utf-8')).hexdigest()
+    x_s = h(md5_str)
+    x_t = str(v)
+
+    common = {
+        "s0": 5,  # getPlatformCode
+        "s1": "",
+        "x0": "1",  # localStorage.getItem("b1b1")
+        "x1": "3.2.0",  # version
+        "x2": "Windows",
+        "x3": "xhs-pc-web",
+        "x4": "2.3.1",
+        "x5": "",  # cookie of a1
+        "x6": x_t,
+        "x7": x_s,
+        "x8": "",  # localStorage.getItem("b1")
+        "x9": mrc(x_t + x_s),
+        "x10": 1,  # getSigCount
+    }
+    encodeStr = encodeUtf8(json.dumps(common, separators=(',', ':')))
+    x_s_common = b64Encode(encodeStr)
     return {
-        "x-s": h(md5_str),
-        "x-t": str(v),
+        "x-s": x_s,
+        "x-t": x_t,
+        "x-s-common": x_s_common,
     }
 
 
+def mrc(e):
+    ie = [
+        0, 1996959894, 3993919788, 2567524794, 124634137, 1886057615, 3915621685,
+        2657392035, 249268274, 2044508324, 3772115230, 2547177864, 162941995,
+        2125561021, 3887607047, 2428444049, 498536548, 1789927666, 4089016648,
+        2227061214, 450548861, 1843258603, 4107580753, 2211677639, 325883990,
+        1684777152, 4251122042, 2321926636, 335633487, 1661365465, 4195302755,
+        2366115317, 997073096, 1281953886, 3579855332, 2724688242, 1006888145,
+        1258607687, 3524101629, 2768942443, 901097722, 1119000684, 3686517206,
+        2898065728, 853044451, 1172266101, 3705015759, 2882616665, 651767980,
+        1373503546, 3369554304, 3218104598, 565507253, 1454621731, 3485111705,
+        3099436303, 671266974, 1594198024, 3322730930, 2970347812, 795835527,
+        1483230225, 3244367275, 3060149565, 1994146192, 31158534, 2563907772,
+        4023717930, 1907459465, 112637215, 2680153253, 3904427059, 2013776290,
+        251722036, 2517215374, 3775830040, 2137656763, 141376813, 2439277719,
+        3865271297, 1802195444, 476864866, 2238001368, 4066508878, 1812370925,
+        453092731, 2181625025, 4111451223, 1706088902, 314042704, 2344532202,
+        4240017532, 1658658271, 366619977, 2362670323, 4224994405, 1303535960,
+        984961486, 2747007092, 3569037538, 1256170817, 1037604311, 2765210733,
+        3554079995, 1131014506, 879679996, 2909243462, 3663771856, 1141124467,
+        855842277, 2852801631, 3708648649, 1342533948, 654459306, 3188396048,
+        3373015174, 1466479909, 544179635, 3110523913, 3462522015, 1591671054,
+        702138776, 2966460450, 3352799412, 1504918807, 783551873, 3082640443,
+        3233442989, 3988292384, 2596254646, 62317068, 1957810842, 3939845945,
+        2647816111, 81470997, 1943803523, 3814918930, 2489596804, 225274430,
+        2053790376, 3826175755, 2466906013, 167816743, 2097651377, 4027552580,
+        2265490386, 503444072, 1762050814, 4150417245, 2154129355, 426522225,
+        1852507879, 4275313526, 2312317920, 282753626, 1742555852, 4189708143,
+        2394877945, 397917763, 1622183637, 3604390888, 2714866558, 953729732,
+        1340076626, 3518719985, 2797360999, 1068828381, 1219638859, 3624741850,
+        2936675148, 906185462, 1090812512, 3747672003, 2825379669, 829329135,
+        1181335161, 3412177804, 3160834842, 628085408, 1382605366, 3423369109,
+        3138078467, 570562233, 1426400815, 3317316542, 2998733608, 733239954,
+        1555261956, 3268935591, 3050360625, 752459403, 1541320221, 2607071920,
+        3965973030, 1969922972, 40735498, 2617837225, 3943577151, 1913087877,
+        83908371, 2512341634, 3803740692, 2075208622, 213261112, 2463272603,
+        3855990285, 2094854071, 198958881, 2262029012, 4057260610, 1759359992,
+        534414190, 2176718541, 4139329115, 1873836001, 414664567, 2282248934,
+        4279200368, 1711684554, 285281116, 2405801727, 4167216745, 1634467795,
+        376229701, 2685067896, 3608007406, 1308918612, 956543938, 2808555105,
+        3495958263, 1231636301, 1047427035, 2932959818, 3654703836, 1088359270,
+        936918000, 2847714899, 3736837829, 1202900863, 817233897, 3183342108,
+        3401237130, 1404277552, 615818150, 3134207493, 3453421203, 1423857449,
+        601450431, 3009837614, 3294710456, 1567103746, 711928724, 3020668471,
+        3272380065, 1510334235, 755167117,
+    ]
+    o = -1
+
+    def right_without_sign(num, bit=0) -> int:
+        val = ctypes.c_uint32(num).value >> bit
+        MAX32INT = 4294967295
+        return (val + (MAX32INT + 1)) % (2 * (MAX32INT + 1)) - MAX32INT - 1
+
+    for n in range(57):
+        o = ie[(o & 255) ^ ord(e[n])] ^ right_without_sign(o, 8)
+    return o ^ -1 ^ 3988292384
+
+
+lookup = [
+    "Z",
+    "m",
+    "s",
+    "e",
+    "r",
+    "b",
+    "B",
+    "o",
+    "H",
+    "Q",
+    "t",
+    "N",
+    "P",
+    "+",
+    "w",
+    "O",
+    "c",
+    "z",
+    "a",
+    "/",
+    "L",
+    "p",
+    "n",
+    "g",
+    "G",
+    "8",
+    "y",
+    "J",
+    "q",
+    "4",
+    "2",
+    "K",
+    "W",
+    "Y",
+    "j",
+    "0",
+    "D",
+    "S",
+    "f",
+    "d",
+    "i",
+    "k",
+    "x",
+    "3",
+    "V",
+    "T",
+    "1",
+    "6",
+    "I",
+    "l",
+    "U",
+    "A",
+    "F",
+    "M",
+    "9",
+    "7",
+    "h",
+    "E",
+    "C",
+    "v",
+    "u",
+    "R",
+    "X",
+    "5",
+]
+
+
+def tripletToBase64(e):
+    return (
+        lookup[63 & (e >> 18)] +
+        lookup[63 & (e >> 12)] +
+        lookup[(e >> 6) & 63] +
+        lookup[e & 63]
+    )
+
+
+def encodeChunk(e, t, r):
+    m = []
+    for b in range(t, r, 3):
+        n = (16711680 & (e[b] << 16)) + \
+            ((e[b + 1] << 8) & 65280) + (e[b + 2] & 255)
+        m.append(tripletToBase64(n))
+    return ''.join(m)
+
+
+def b64Encode(e):
+    P = len(e)
+    W = P % 3
+    U = []
+    z = 16383
+    H = 0
+    Z = P - W
+    while H < Z:
+        U.append(encodeChunk(e, H, Z if H + z > Z else H + z))
+        H += z
+    if 1 == W:
+        F = e[P - 1]
+        U.append(lookup[F >> 2] + lookup[(F << 4) & 63] + "==")
+    elif 2 == W:
+        F = (e[P - 2] << 8) + e[P - 1]
+        U.append(lookup[F >> 10] + lookup[63 & (F >> 4)] +
+                 lookup[(F << 2) & 63] + "=")
+    return "".join(U)
+
+
+def encodeUtf8(e):
+    b = []
+    m = urllib.parse.quote(e, safe='~()*!.\'')
+    w = 0
+    while w < len(m):
+        T = m[w]
+        if T == "%":
+            E = m[w + 1] + m[w + 2]
+            S = int(E, 16)
+            b.append(S)
+            w += 2
+        else:
+            b.append(ord(T[0]))
+        w += 1
+    return b
+
+
 def base36encode(number, alphabet='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ'):
     """Converts an integer to a base36 string."""
     if not isinstance(number, int):