Mushroom Street website sweep QR Code login is how to do?
http://mp.weixin.qq.com/qa/index.php?qa=15867&qa_1=%E8%98%91%E8%8F%87%E8%A1%97%E7%BD%91%E7%AB%99%E7%9A%84% E6%89%ab%e4%ba%8c%e7%bb%b4%e7%a0%81%e7%99%bb%e5%bd%95%e6%98%af%e6%80%8e%e4%b9%88%e5%81%9a%e5%88%b0%e7%9a%84%ef %bc%9f
The following is a private process, the web version of the process:
1. The server returns a session ID
The web version does not log in with a user name and password, but instead uses a QR code to log in, so the server needs to first assign a unique session ID to identify the current login, by requesting the address:
https://login.weixin.qq.com/jslogin?appid=wx782c26e4c19acffb&redirect_uri=https%3A%2F%2Fwx.qq.com% 2fcgi-bin%2fmmwebwx-bin%2fwebwxnewloginpage&fun=new&lang=zh_cn&_= 1377482012272 (where 1377482012272 is the current distance Linwei the millisecond of the standard Time)
The server will return the following string:
Window. Qrlogin.code = 200; Window. Qrlogin.uuid = "DEA6IDUNDY9VKN";
And this dea6idundy9vkn string is the ID that the server returns to us.
2. Get QR code with session ID
Now that the Web version is logged in through a QR code, how do I get this random QR code? The answer is to use the ID just obtained to request the server generated QR code, through the above ID we get the following URL address:
Https://login.weixin.qq.com/qrcode/DeA6idundY9VKn?t=webwx
The request returned is that we need the QR code, at this time the user needs to scan the phone version of the QR code (I do not understand how the official thinking, login Web version even need a phone to cooperate with the login, do not consider I was forced to choose the web is because the phone is not around this situation? )
3. Poll the phone to see if the QR code has been scanned and the web-side login is confirmed
When the QR code is obtained, it is necessary for the user to go to the mobile phone to scan the QR code and obtain the user's authorization, at this time we do not know when the user completes this operation, so we only poll, and the polling address is:
https://login.weixin.qq.com/cgi-bin/mmwebwx-bin/login?uuid=DeA6idundY9VKn&tip=1&_= 1377482045264 (note uuid and last time both parameters)
If the server returns:
window.code=201;
Then the user at the end of the mobile phone has completed the scan, but has not yet clicked to confirm;
If the server returns:
window.redirect_uri= a URL address
Then the user has completed the authorization process at the end of the mobile phone, save the next step to use the URL address.
4. Access the login address to get UIn and SID
By accessing the URL address obtained in the previous step, you can obtain the two values of Wxuin and Wxsid in the cookies returned by the server, both of which are used in subsequent communication, and that the cookies also need to include both.
5. Initial information of the making
The previous step is to complete this complex login process, if we need to get the current user's information, friends List, and so on, there is a key is to synchronize information (subsequent and server polling need to use synchronization information), by accessing the following link:
https://wx.qq.com/cgi-bin/mmwebwx-bin/webwxinit?r=1377482058764 (R is still time)
Access to the link requires the use of post, with the following JSON information in the body:
12 |
{ : { : " 2545437902 " , " Sid " "Qflp+z+fepzvofog" , "Skey" : , "DeviceID" : "e1615250492" }} |
The UIn and SID in this JSON string are the two cookie values obtained in the previous step, and DeviceID is a locally generated random string (which analyzes the official always e+ a string of numbers, so we also maintain this format).
The server will return a long JSON string, including: The value in Baseresponse is used to represent the request status code, ContactList is mainly used to represent the contact (this list is not complete, only includes such as the Address Book assistant, file assistant, team and some public accounts, etc. Later, through another interface to obtain more comprehensive information), Synckey is the user and the server synchronization information, the user is currently logged on users own information.
6. Get all your friends List
You've got some friends and public accounts in the previous step, and if you need to get complete friend information, you'll need to visit the following links:
https://wx.qq.com/cgi-bin/mmwebwx-bin/webwxgetcontact?r=1377482079876 (R is still time)
Access to the link also requires the Post method, but the body is empty json:{}, the server is determined by the identity of the cookie, so need to keep the previously accessed cookies are not modified (in Objective-c will automatically save the relevant cookies, No program special processing), in the returned JSON string, Memberlist contains all the friend information.
7. Keep the information in sync with the server
Synchronizing with the server requires polling on the client, and the URL for the poll is as follows:
https://webpush.weixin.qq.com/cgi-bin/mmwebwx-bin/synccheck?callback=jQuery18309326978388708085_1377482079946 &r=1377482079876&
sid=qflp+z+fepzvofog&uin=2545437902&deviceid=e1615250492&synckey= (see note below) &_=1377482079876
The Parameters R and _ are Time,sid,uin,deviceid corresponding to the value of the above step, where Synkey is the sync key value obtained from the previous step, but it needs to be combined into the following string according to certain rules:
1_124125|2_452346345|3_65476547|1000_5643635
is to separate the key and value with _, different key value pairs are separated by |, but remember | URL encoding is required to%7c, by accessing the address above, the following string is returned:
Window.synccheck={retcode: "0″,selector:" 0″}
If the value in Retcode is not 0, then there is a problem with the communication with the server, but the specific problem I can not predict, the value in selector indicates that the client needs to make the processing, now know that when the message is 6, it is necessary to access the other interface to obtain new messages.
8. Get the message from someone else
When you know that a new message is in one step, you need to get the message content by visiting the following link:
https://wx.qq.com/cgi-bin/mmwebwx-bin/webwxsync?sid=QfLp+Z+FePzvOFoG&r=1377482079876
The parameter SID in the link above corresponds to the value in the above step, R is time, the access link needs to use post, the body includes the JSON string, the JSON string format is as follows:
123 |
{
"BaseRequest" : {
"Uin"
:2545437902,
"Sid"
:
"QfLp+Z+FePzvOFoG"
},
"SyncKey" : {
"Count"
:4,
"List"
:[{
"Key"
:1,
"Val"
:620310295},{
"Key"
:2,
"Val"
:620310303},{
"Key"
:3,
"Val"
:620310285},{
"Key"
:1000,
"Val"
:1377479086}]},
"rr" :1377482079876};
|
In the following information, the UIn and Sid included in Baserequest correspond to the values in the previous step, Synckey is also the synchronization key-value pair obtained in the above step, RR is time, the server returns a JSON string after successful access, where Addmsglist is an array, All new messages are included.
9. Send a message to the user
The user actively sends the message via the following URL address:
https://wx.qq.com/cgi-bin/mmwebwx-bin/webwxsendmsg?sid=QfLp+Z+FePzvOFoG&r=1377482079876
The above SID and R parameters are no longer explained by the way the URL is accessed by post, and the JSON string in the body is in the following format:
1234567891011121314151617 |
{
"BaseRequest"
:{
"DeviceID" :
"e441551176"
,
"Sid" :
"S8wNi91Zry3024eg"
,
"Skey" :
"F820928BBA5D8ECA23448F076D2E8A915E1349E9FB4F4332"
,
"Uin" :
"2545437902"
},
"Msg" : {
"ClientMsgId" : 1377504862158,
"Content" :
"hello"
,
"FromUserName" :
"wxid_2rrz8g8ezuox22"
,
"LocalID" : 1377504862158,
"ToUserName" :
"wxid_j4nu420ojhsr21"
,
"Type" : 1
},
"rr" = 1377504864463
}
|
Where baserequest are authorization-related values that correspond to the values in the above steps, MSG is a description of the message, including the sender and receiver, the message content, the type of message (1 is text), and Clientmsgid and localid generated locally. The RR is available for the current time. The
Baseresponse describes the sending situation in the return JSON result, and RET is 0 for successful delivery.