如何使用delphi10中的IdHTTP登录Instagram网站 [英] How to login to Instagram website using IdHTTP in delphi10
问题描述
我正在使用Delphi中的idhttp登录instagram网站。
我使用google chrome开发人员工具来获取数据,这是迄今为止所尝试的。
I am trying to login to instagram website using idhttp in Delphi. I used google chrome developer tools to get the data and this is what I've tried so far..
procedure TForm1.Button1Click(Sender: TObject);
var
lHTTP: TIdHTTP;
S,M : TStrings;
IdSSL: TIdSSLIOHandlerSocketOpenSSL;
begin
S := TStringList.Create;
S.Add('username :' +Edit1.Text);
S.Add('password :'+ Edit2.Text);
lHTTP := TIdHTTP.Create(nil);
lHTTP.ReadTimeout := 30000;
lHTTP.HandleRedirects := True;
IdSSL := TIdSSLIOHandlerSocketOpenSSL.Create(lHTTP);
IdSSL.SSLOptions.Method := sslvTLSv1;
IdSSL.SSLOptions.Mode := sslmClient;
lHTTP.IOHandler := IdSSL;
lHTTP.Request.CustomHeaders.Add('x-csrftoken:'+ Edit3.Text);
lHTTP.Request.CustomHeaders.Add('x-instagram-ajax:1');
lHTTP.Request.CustomHeaders.Add(' x-requested-with:XMLHttpRequest');
lHTTP.Request.CustomHeaders.Add('referer:https://www.instagram.com/');
lHTTP.Request.ContentType := 'application/x-www-form-urlencoded';
lHTTP.Request.UserAgent := 'Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36';
lHTTP.Post('https://www.instagram.com/accounts/login/ajax/', S);
Memo1.Lines.Add(lHTTP.Request.ToString);
end;
我现在手动获取访问令牌,只是为了测试代码。我得到 HTTP / 1.1 403 Forbidden。!
I get the access token manually for now, just to test the code. I get HTTP/1.1 403 Forbidden. !
更新
这是Cookie信息..
This is the cookies information..
Response Headers
set-cookie:csrftoken=e3YbQ1FobxgMGcLHRAkj****ML97psae; expires=Tue, 20-Jun-2017 19:09:21 GMT; Max-Age=31449600; Path=/
set-cookie:s_network=; expires=Tue, 21-Jun-2016 20:09:21 GMT; Max-Age=3600; Path=/
set-cookie:sessionid=IGSC3074cea6684a55981cc30d3c5222ed9e4675db0aa4665d3f5b7ed4ae09be01b6%3AugN5uNRztrtVarx6LuheBkv5tNuaVHrL%3A%7B%22_token_ver%22%3A2%2C%22_auth_user_id%22%3A348733484%2C%22_token%22%3A%22348733484%3A6dXogo2jTCkOf29JEUxHavzxqp9iUOr4%3Aa4f855cabbd5c5d2999538a8ec9093c6a59af65e7306998a5647341bdd691158%22%2C%22asns%22%3A%7B%225.37.149.220%22%3A28885%2C%22time%22%3A1466536160%7D%2C%22_auth_user_backend%22%3A%22accounts.backends.CaseInsensitiveModelBackend%22%2C%22last_refreshed%22%3A1466536160.338314%2C%22_platform%22%3A4%2C%22_auth_user_hash%22%3A%22%22%7D; expires=Mon, 19-Sep-2016 19:09:21 GMT; httponly; Max-Age=7776000; Path=/
set-cookie:ds_user_id=348733***; expires=Mon, 19-Sep-2016 19:09:21 GMT; Max-Age=
Request Headers
set-cookie:sessionid=IGSC3074cea6684a55981cc30d3c5222ed9e4675db0aa4665d3f5b7ed4ae09be01b6%3AugN5uNRztrtVarx6LuheBkv5tNuaVHrL%3A%7B%22_token_ver%22%3A2%2C%22_auth_user_id%22%3A348***484%2C%22_token%22%3A%22348733484%3A6dXogo2jTCkOf29JEUxHavzxqp9iUOr4%3Aa4f855cabbd5c5d2999538a8ec9093c6a59af65e7306998a5647341bdd691158%22%2C%22asns%22%3A%7B%225.37.149.220%22%3A28885%2C%22time%22%3A1466536160%7D%2C%22_auth_user_backend%22%3A%22accounts.backends.CaseInsensitiveModelBackend%22%2C%22last_refreshed%22%3A1466536160.338314%2C%22_platform%22%3A4%2C%22_auth_user_hash%22%3A%22%22%7D; expires=Mon, 19-Sep-2016 19:09:21 GMT; httponly; Max-Age=7776000; Path=/
set-cookie:ds_user_id=348733***; expires=Mon, 19-Sep-2016 19:09:21 GMT; Max-Age=7776000; Path=/
推荐答案
您没有填充 TStringList 正确。您需要使用 = 而不是:作为 name = value 分隔符。与 CustomHeaders.Add()相同。在后一种情况下,我建议使用 CustomHeaders.Values [] 。
You are not populating the TStringList correctly. You need to use = instead of : as the name=value delimiter. Same with CustomHeaders.Add(). In the latter case, I would suggest using CustomHeaders.Values[] instead.
您还应该使用 Request.Referer 属性而不是 CustomHeaders.Add()。
You also should be using the Request.Referer property instead of CustomHeaders.Add().
在提交实际登录之前,需要首先请求包含登录表单的HTML页面,以便可以使用登录表单捕获和提交与HTML相关联的任何Cookie。 Instagram没有什么不同。
It is not uncommon to need to first request the HTML page that contains the login form before submitting the actual login, so that any cookies associated with the HTML can be captured and submitted with the login form. Instagram is no different.
另外, Request.ToString()是没有意义的,你不应该在所有。
Also, Request.ToString() is meaningless, you should not be using that at all.
最后,你泄漏了你创建的对象。
And lastly, you are leaking the objects that you create.
而是:
procedure TForm1.Button1Click(Sender: TObject);
var
lHTTP: TIdHTTP;
IdSSL: TIdSSLIOHandlerSocketOpenSSL;
Params : TStrings;
Reply, Token: string;
Cookie: TIdCookie;
begin
Params := TStringList.Create;
try
Params.Add('username=' + Edit1.Text);
Params.Add('password=' + Edit2.Text);
lHTTP := TIdHTTP.Create(nil);
try
IdSSL := TIdSSLIOHandlerSocketOpenSSL.Create(lHTTP);
IdSSL.SSLOptions.Method := sslvTLSv1;
IdSSL.SSLOptions.Mode := sslmClient;
lHTTP.IOHandler := IdSSL;
lHTTP.ReadTimeout := 30000;
lHTTP.HandleRedirects := True;
// capture cookies first...
// passing nil to ignore any response body data and not waste memory for it...
lHTTP.Request.UserAgent := 'Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36';
lHTTP.Get('https://www.instagram.com', TStream(nil));
Cookie := lHTTP.CookieManager.CookieCollection.Cookie['csrftoken', 'www.instagram.com'];
if Cookie <> nil then
Token := Cookie.Value;
// now submit the login webform...
lHTTP.Request.CustomHeaders.Values['X-CSRFToken'] := Token;
lHTTP.Request.CustomHeaders.Values['X-Instagram-AJAX'] := '1';
lHTTP.Request.CustomHeaders.Values['X-Requested-With'] := 'XMLHttpRequest';
lHTTP.Request.Referer := 'https://www.instagram.com/';
lHTTP.Request.ContentType := 'application/x-www-form-urlencoded';
lHTTP.Request.UserAgent := 'Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36';
Reply := lHTTP.Post('https://www.instagram.com/accounts/login/ajax/', Params);
Memo1.Text := Reply;
finally
lHTTP.Free;
end;
finally
Params.Free;
end;
end;
这是两个请求的结果HTTP对话框 1 :
Here is the resulting HTTP dialog for the two requests 1:
1 :我没有一个Instagram帐号,这就是为什么在这个例子中没有登录的身份验证。但是如下所示,代码仍然可以从登录POST接收到HTTP 200响应的JSON数据。
1: I don't have an Instagram account, which is why the login is not authenticated in this example. But as you can see below, the code is still able to receive an HTTP 200 response with JSON data from the login POST.
GET / HTTP/1.1
Host: www.instagram.com
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=86400
Content-Language: en
Set-Cookie: sessionid=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/; HttpOnly; Domain=instagram.com
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Vary: Cookie, Accept-Language, Accept-Encoding
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Date: Tue, 21 Jun 2016 20:06:56 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Set-Cookie: csrftoken=<token>; expires=Tue, 20-Jun-2017 20:06:56 GMT; Max-Age=31449600; Path=/
Set-Cookie: mid=<value>; expires=Mon, 16-Jun-2036 20:06:56 GMT; Max-Age=630720000; Path=/
Connection: keep-alive
Content-Length: <HTML byte length>
<actual HTML bytes>
POST /accounts/login/ajax/ HTTP/1.0
Content-Type: application/x-www-form-urlencoded
Content-Length: <params byte length>
X-CSRFToken: <token>
X-Instagram-AJAX: 1
X-Requested-With: XMLHttpRequest
Host: www.instagram.com
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: https://www.instagram.com/
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36
Cookie: mid=<value>; csrftoken=<token>
username=<user>&password=<pass>
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=86400
Content-Language: en
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Vary: Cookie, Accept-Language
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Date: Tue, 21 Jun 2016 20:06:57 GMT
Content-Type: application/json
Set-Cookie: csrftoken=<token>; expires=Tue, 20-Jun-2017 20:06:57 GMT; Max-Age=31449600; Path=/
Connection: close
Content-Length: <json byte length>
{"status": "ok", "authenticated": false, "user": "<user>"}
这篇关于如何使用delphi10中的IdHTTP登录Instagram网站的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
