当前位置: 文江博客话题详情

如何从使用 OpenID 的网站请求页面?

发布于 2024-12-02 22:08:05 字数 933 浏览 1 评论 0原文

这个问题之前已经在这里提出过。接受的答案对于提问者和回答者来说可能都是显而易见的——但对我来说却不然。我对上述问题进行了评论以获取更精确的信息,但没有得到回应。 我还访问了元问答以获取有关如何带回问题的帮助从他们的坟墓里出来,也没有得到答案。

上述问题的答案是:

从客户端的角度来看,OpenID 登录与任何其他基于 Web 的登录非常相似。没有为客户端定义的协议;这是一个普通的 Web 会话,根据您的 OpenID 提供商的不同而有所不同。因此,我怀疑是否存在这样的库。您可能需要自己编写代码。

我知道如何使用 Python 登录网站已经使用 Urllib2 模块。但这还不足以让我猜测如何验证 OpenID。

我实际上正在尝试获取 我的 json 格式的 StackOverflow 收件箱,为此我需要登录。

有人可以提供一个简短的信息吗?介绍或关于如何做到这一点的好教程的链接?

原文

This question has been asked here before. The accepted answer was probably obvious to both questioner and answerer---but not to me. I have commented on the above question to get more precisions, but there was no response. I also approached the meta Q&A for help on how to bring back questions from their grave, and got no answer either.

The answer to the here above question was:

From the client's perspective, an OpenID login is very similar to any other web-based login. There isn't a defined protocol for the client; it is an ordinary web session that varies based on your OpenID provider. For this reason, I doubt that any such libraries exist. You will probably have to code it yourself.

I know how to log onto a website with Python already, using the Urllib2 module. But that's not enough for me to guess how to authenticate to an OpenID.

I'm actually trying to get my StackOverflow inbox in json format, for which I need to be logged in.

Could someone provide a short intro or a link to a nice tutorial on how to do that?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(5

黒涩兲箜 2024-12-09 22:08:05

好吧,我自己对 OpenID 不太了解,但你的帖子(和赏金!!)让我感兴趣。

此链接说明了 OpenID 身份验证序列的确切流程(至少适用于 v1.0。新版本是2.0)。据我所知,这些步骤类似于“

  1. You fetch the Login page of stackoverflow”,该页面还将提供使用 OpenID 登录的选项(作为表单字段)。
  2. 您发送您的 openID,它实际上是 uri 的一种形式,而不是用户名/电子邮件(如果是 Google 个人资料,则为您的个人资料 ID)
  3. Stackoverflow 然后将连接到您的 ID 提供商(在本例中为 google)并向您发送重定向到 google 登录页面和另一个链接到您稍后应该重定向的位置(假设a
  4. 您可以按照惯例登录到谷歌提供的页面(使用Python中的POST方法)
  5. 谷歌提供了一个加密令牌(对此步骤不太确定)返回您的登录信息request
  6. 您使用此令牌将新请求发送到a
  7. Stackoverflow 将使用此令牌联系 google。如果真实性成立,它将返回一个会话 ID
  8. 稍后对 STackOverflow 的请求应该具有此会话 ID
  9. 不知道如何注销!

此链接介绍了 OpenID 中的各种响应及其含义。因此,当您为客户编写代码时,它可能会派上用场。

来自 wiki 页面的链接 OpenID 解释

编辑:使用 Firefox 的 Tamper Data Add on,可以执行以下事件序列建造的。

  1. 用户向 SO 登录页面发送请求。在表单字段中输入 openID 后,结果页面会发送 302 重定向到 google 页面。
    重定向 URL 有很多 OpenID 参数(用于 google 服务器)。其中之一是 return_to=https://stackoverflow.com/users/authenticate/?s=some_value
  2. 用户将看到谷歌登录页面。登录时有一些 302 重定向用户在 google 领域中。
  3. 最后收到一个 302,它将用户重定向到之前在 'return_to' 中指定的 stackoverflow
  5. 页面 302'd by google),SO 服务器处理您的请求,并在响应标头中发送一个“Set-Cookie”字段来设置名为 gauth 和 usr 的 cookie,并带有一个值以及另一个 302 stackoverflow.com。此步骤完成您的登录
  6. 您的客户端只需存储 cookie usr
  7. 只要您记得将 Cookie usr 与任何请求发送到 SO,您就登录了。
  8. 您现在可以请求您的收件箱,只需记住将 usr cookie 与请求一起发送即可。

我建议你开始编写你的 python 客户端并仔细研究响应。在大多数情况下,这将是一系列 302,用户干预最少(除了填写您的 Google 用户名和密码并允许访问网站页面)。

然而,为了更简单,您可以使用浏览器登录 SO,复制所有 cookie 值,并使用设置了 cookie 值的 urllib2 发出请求。

当然,如果您在浏览器上注销,则必须重新登录并更改 python 程序中的 cookie 值。

Well I myself don't know much about OpenID but your post (and the bounty!!) got me interested.

This link tells the exact flow of OpenID authentication sequence (Atleast for v1.0. The new version is 2.0). From what I could make out, the steps would be something like

  1. You fetch the login page of stackoverflow that will also provide an option to login using OpenID (As a form field).
  2. You send ur openID which is actually a form of uri and NOT username/email(If it is Google profile it is your profile ID)
  3. Stackoverflow will then connect to your ID provider (in this case google) and send you a redirect to google login page and another link to where you should redirect later (lets say a)
  4. You can login to the google provided page conventionally (using POST method from Python)
  5. Google provides a cryptographic token (Not pretty sure about this step) in return to your login request
  6. You send the new request to a with this token.
  7. Stackoverflow will contact google with this token. If authenticity established, it will return a session ID
  8. Later requests to STackOverflow should have this session ID
  9. No idea about logging out!!

This link tells about various responses in OpenID and what they mean. So maybe it will come in handy when your code your client.

Links from the wiki page OpenID Explained

EDIT: Using Tamper Data Add on for Firefox, the following sequence of events can be constructed.

  1. User sends a request to the SO login page. On entering the openID in the form field the resulting page sends a 302 redirecting to a google page.
    The redirect URL has a lot of OpenID parameters (which are for the google server). One of them is return_to=https://stackoverflow.com/users/authenticate/?s=some_value.
  2. The user is presented with the google login page. On login there are a few 302's which redirect the user around in google realm.
  3. Finally a 302 is received which redirects user to stackoverflow's page specified in 'return_to' earlier
  4. During this entire series of operation a lot of cookie's have been generated which must be stored correctly
  5. On accessing the SO page (which was 302'd by google), the SO server processes your request and in the response header sends a field "Set-Cookie" to set cookies named gauth and usr with a value along with another 302 to stackoverflow.com. This step completes your login
  6. Your client simply stores the cookie usr
  7. You are logged in as long as you remeber to send the Cookie usr with any request to SO.
  8. You can now request your inbox just remeber to send the usr cookie with the request.

I suggest you start coding your python client and study the responses carefully. In most cases it will be a series of 302's with minimal user intervention (except for filling out your Google username and password and allowing the site page).

However to make it easier, you could just login to SO using your browser, copy all the cookie values and make a request using urllib2 with the cookie values set.

Of course in case you log out on the browser, you will have to login again and change the cookie value in your python program.

回复 原文
硪扪都還晓 2024-12-09 22:08:05

我知道这接近考古学,挖掘一篇两年前的帖子,但我刚刚根据经过验证的答案编写了代码的新增强版本,所以我认为在这里分享它可能很酷,因为这个问题/答案已经对我实现这一点有很大帮助。

因此,以下是不同之处:

  • 它使用新的 requests 库,该库是对 urllib2 的增强;
  • 它支持使用 google 和 stackexchange 的 openid 提供商进行身份验证。
  • 它更短,更容易阅读,尽管它的打印输出较少,

这是代码:

#!/usr/bin/env python

import sys
import urllib
import requests
from BeautifulSoup import BeautifulSoup

def get_google_auth_session(username, password):
    session = requests.Session()
    google_accounts_url = 'http://accounts.google.com'
    authentication_url = 'https://accounts.google.com/ServiceLoginAuth'
    stack_overflow_url = 'http://stackoverflow.com/users/authenticate'

    r = session.get(google_accounts_url)
    dsh = BeautifulSoup(r.text).findAll(attrs={'name' : 'dsh'})[0].get('value').encode()
    auto = r.headers['X-Auto-Login']
    follow_up = urllib.unquote(urllib.unquote(auto)).split('continue=')[-1]
    galx = r.cookies['GALX']

    payload = {'continue' : follow_up,
               'followup' : follow_up,
               'dsh' : dsh,
               'GALX' : galx,
               'pstMsg' : 1,
               'dnConn' : 'https://accounts.youtube.com',
               'checkConnection' : '',
               'checkedDomains' : '',
               'timeStmp' : '',
               'secTok' : '',
               'Email' : username,
               'Passwd' : password,
               'signIn' : 'Sign in',
               'PersistentCookie' : 'yes',
               'rmShown' : 1}

    r = session.post(authentication_url, data=payload)

    if r.url != authentication_url: # XXX
        print "Logged in"
    else:
        print "login failed"
        sys.exit(1)

    payload = {'oauth_version' : '',
               'oauth_server' : '',
               'openid_username' : '',
               'openid_identifier' : ''}
    r = session.post(stack_overflow_url, data=payload)
    return session

def get_so_auth_session(email, password):
    session = requests.Session()
    r = session.get('http://stackoverflow.com/users/login')
    fkey = BeautifulSoup(r.text).findAll(attrs={'name' : 'fkey'})[0]['value']

    payload = {'openid_identifier': 'https://openid.stackexchange.com',
               'openid_username': '',
               'oauth_version': '',
               'oauth_server': '',
               'fkey': fkey,
               }
    r = session.post('http://stackoverflow.com/users/authenticate', allow_redirects=True, data=payload)
    fkey = BeautifulSoup(r.text).findAll(attrs={'name' : 'fkey'})[0]['value']
    session_name = BeautifulSoup(r.text).findAll(attrs={'name' : 'session'})[0]['value']

    payload = {'email': email,
               'password': password,
               'fkey': fkey,
               'session': session_name}

    r = session.post('https://openid.stackexchange.com/account/login/submit', data=payload)
    # check if url changed for error detection
    error = BeautifulSoup(r.text).findAll(attrs={'class' : 'error'})
    if len(error) != 0:
        print "ERROR:", error[0].text
        sys.exit(1)
    return session

if __name__ == "__main__":
    prov = raw_input('Choose your openid provider [1 for StackOverflow, 2 for Google]: ')
    name = raw_input('Enter your OpenID address: ')
    pswd = getpass('Enter your password: ')
    if '1' in prov:
        so = get_so_auth_session(name, pswd)
    elif '2' in prov:
        so = get_google_auth_session(name, pswd)
    else:
        print "Error no openid provider given"

    r = so.get('http://stackoverflow.com/inbox/genuwine')
    print r.json()

该代码也可以作为 github gist

华泰

I know this is close to archeology, digging a post that's two years old, but I just wrote a new enhanced version of the code from the validated answer, so I thought it may be cool to share it here, as this question/answers has been a great help for me to implement that.

So, here's what's different:

  • it uses the new requests library that is an enhancement over urllib2 ;
  • it supports authenticating using google's and stackexchange's openid provider.
  • it is way shorter and simpler to read, though it has less printouts

here's the code:

#!/usr/bin/env python

import sys
import urllib
import requests
from BeautifulSoup import BeautifulSoup

def get_google_auth_session(username, password):
    session = requests.Session()
    google_accounts_url = 'http://accounts.google.com'
    authentication_url = 'https://accounts.google.com/ServiceLoginAuth'
    stack_overflow_url = 'http://stackoverflow.com/users/authenticate'

    r = session.get(google_accounts_url)
    dsh = BeautifulSoup(r.text).findAll(attrs={'name' : 'dsh'})[0].get('value').encode()
    auto = r.headers['X-Auto-Login']
    follow_up = urllib.unquote(urllib.unquote(auto)).split('continue=')[-1]
    galx = r.cookies['GALX']

    payload = {'continue' : follow_up,
               'followup' : follow_up,
               'dsh' : dsh,
               'GALX' : galx,
               'pstMsg' : 1,
               'dnConn' : 'https://accounts.youtube.com',
               'checkConnection' : '',
               'checkedDomains' : '',
               'timeStmp' : '',
               'secTok' : '',
               'Email' : username,
               'Passwd' : password,
               'signIn' : 'Sign in',
               'PersistentCookie' : 'yes',
               'rmShown' : 1}

    r = session.post(authentication_url, data=payload)

    if r.url != authentication_url: # XXX
        print "Logged in"
    else:
        print "login failed"
        sys.exit(1)

    payload = {'oauth_version' : '',
               'oauth_server' : '',
               'openid_username' : '',
               'openid_identifier' : ''}
    r = session.post(stack_overflow_url, data=payload)
    return session

def get_so_auth_session(email, password):
    session = requests.Session()
    r = session.get('http://stackoverflow.com/users/login')
    fkey = BeautifulSoup(r.text).findAll(attrs={'name' : 'fkey'})[0]['value']

    payload = {'openid_identifier': 'https://openid.stackexchange.com',
               'openid_username': '',
               'oauth_version': '',
               'oauth_server': '',
               'fkey': fkey,
               }
    r = session.post('http://stackoverflow.com/users/authenticate', allow_redirects=True, data=payload)
    fkey = BeautifulSoup(r.text).findAll(attrs={'name' : 'fkey'})[0]['value']
    session_name = BeautifulSoup(r.text).findAll(attrs={'name' : 'session'})[0]['value']

    payload = {'email': email,
               'password': password,
               'fkey': fkey,
               'session': session_name}

    r = session.post('https://openid.stackexchange.com/account/login/submit', data=payload)
    # check if url changed for error detection
    error = BeautifulSoup(r.text).findAll(attrs={'class' : 'error'})
    if len(error) != 0:
        print "ERROR:", error[0].text
        sys.exit(1)
    return session

if __name__ == "__main__":
    prov = raw_input('Choose your openid provider [1 for StackOverflow, 2 for Google]: ')
    name = raw_input('Enter your OpenID address: ')
    pswd = getpass('Enter your password: ')
    if '1' in prov:
        so = get_so_auth_session(name, pswd)
    elif '2' in prov:
        so = get_google_auth_session(name, pswd)
    else:
        print "Error no openid provider given"

    r = so.get('http://stackoverflow.com/inbox/genuwine')
    print r.json()

the code is also available as a github gist

HTH

回复 原文
︶葆Ⅱㄣ 2024-12-09 22:08:05

这个答案总结了其他人在下面所说的内容,特别是 RedBaron,并添加了我用来访问的方法使用 Google 帐户的 StackOverflow Inbox。

使用 Firefox 的 Tamper Data 开发者工具并登录 StackOVerflow,可以看到 OpenID 的工作方式如下:

  1. StackOverflow 向给定服务(此处为 Google)请求身份验证,该服务在发布的数据;
  2. Google 帐户接管并检查现有 cookie 作为身份验证证明;
  3. 如果没有找到 cookie,Google 会请求身份验证并设置 cookie;
  4. 设置 cookie 后,StackOverflow 就会确认用户的身份验证。

上面总结了这个过程,实际上更复杂,因为确实发生了许多重定向和 cookie 交换。

因为以编程方式复制相同的过程被证明有些困难(这可能只是我的文盲),特别是试图寻找要调用的所有区域设置细节等的 URL。我选择首先登录 Google 帐户,获得一个当之无愧的 cookie 并然后登录 Stackoverflow,它将使用 cookie 进行身份验证。

只需使用以下 Python 模块即可完成此操作:urllib、urllib2、cookielib 和 BeautifulSoup。

这是(简化的)代码,它并不完美,但它可以解决问题。扩展版本可以在 Github 上找到。

#!/usr/bin/env python

import urllib
import urllib2
import cookielib
from BeautifulSoup import BeautifulSoup
from getpass import getpass

# Define URLs
google_accounts_url = 'http://accounts.google.com'
authentication_url = 'https://accounts.google.com/ServiceLoginAuth'
stack_overflow_url = 'https://stackoverflow.com/users/authenticate'
genuwine_url = 'https://stackoverflow.com/inbox/genuwine'

# Build opener
jar = cookielib.CookieJar()
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))

def request_url(request):    
    '''
        Requests given URL.
    '''     
    try:
        response = opener.open(request)
    except:
        raise
    return response


def authenticate(username='', password=''):        
    '''
        Authenticates to Google Accounts using user-provided username and password,
        then authenticates to StackOverflow.
    '''
    # Build up headers
    user_agent = 'Mozilla/5.0 (Ubuntu; X11; Linux i686; rv:8.0) Gecko/20100101 Firefox/8.0'
    headers = {'User-Agent' : user_agent}

    # Set Data to None
    data = None

    # Build up URL request with headers and data    
    request = urllib2.Request(google_accounts_url, data, headers)
    response = request_url(request)

    # Build up POST data for authentication
    html = response.read()
    dsh = BeautifulSoup(html).findAll(attrs={'name' : 'dsh'})[0].get('value').encode()

    auto = response.headers.getheader('X-Auto-Login')

    follow_up = urllib.unquote(urllib.unquote(auto)).split('continue=')[-1]

    galx = jar._cookies['accounts.google.com']['/']['GALX'].value

    values = {'continue' : follow_up,
              'followup' : follow_up,
              'dsh' : dsh,
              'GALX' : galx,
              'pstMsg' : 1,
              'dnConn' : 'https://accounts.youtube.com',
              'checkConnection' : '',
              'checkedDomains' : '',
              'timeStmp' : '',
              'secTok' : '',
              'Email' : username,
              'Passwd' : password,
              'signIn' : 'Sign in',
              'PersistentCookie' : 'yes',
              'rmShown' : 1}

    data = urllib.urlencode(values)

    # Build up URL for authentication
    request = urllib2.Request(authentication_url, data, headers)
    response = request_url(request)

    # Check if logged in
    if response.url != request._Request__original:
        print '\n Logged in :)\n'
    else:
        print '\n Log in failed :(\n'

    # Build OpenID Data    
    values = {'oauth_version' : '',
              'oauth_server' : '',
              'openid_username' : '',
              'openid_identifier' : 'https://www.google.com/accounts/o8/id'}

    data = urllib.urlencode(values)

    # Build up URL for OpenID authetication
    request = urllib2.Request(stack_overflow_url, data, headers)
    response = request_url(request)

    # Retrieve Genuwine
    data = None
    request = urllib2.Request(genuwine_url, data, headers)
    response = request_url(request)
    print response.read()


if __name__ == '__main__':
    username = raw_input('Enter your Gmail address: ')
    password = getpass('Enter your password: ')
    authenticate(username, password)

This answer sums up what others have said below, especially RedBaron, plus adding a method I used to get to the StackOverflow Inbox using Google Accounts.

Using the Tamper Data developer tool of Firefox and logging on to StackOVerflow, one can see that OpenID works this way:

  1. StackOverflow requests authentication from a given service (here Google), defined in the posted data;
  2. Google Accounts takes over and checks for an already existing cookie as proof of authentication;
  3. If no cookie is found, Google requests authentication and sets a cookie;
  4. Once the cookie is set, StackOverflow acknowledges authentication of the user.

The above sums up the process, which in reality is more complicated, since many redirects and cookie exchanges occur indeed.

Because reproducing the same process programmatically proved somehow difficult (and that might just be my illiteracy), especially trying to hunt down the URLs to call with all locale specifics etc. I opted for loging on to Google Accounts first, getting a well deserved cookie and then login onto Stackoverflow, which would use the cookie for authentication.

This is done simply using the following Python modules: urllib, urllib2, cookielib and BeautifulSoup.

Here is the (simplified) code, it's not perfect, but it does the trick. The extended version can be found on Github.

#!/usr/bin/env python

import urllib
import urllib2
import cookielib
from BeautifulSoup import BeautifulSoup
from getpass import getpass

# Define URLs
google_accounts_url = 'http://accounts.google.com'
authentication_url = 'https://accounts.google.com/ServiceLoginAuth'
stack_overflow_url = 'https://stackoverflow.com/users/authenticate'
genuwine_url = 'https://stackoverflow.com/inbox/genuwine'

# Build opener
jar = cookielib.CookieJar()
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))

def request_url(request):    
    '''
        Requests given URL.
    '''     
    try:
        response = opener.open(request)
    except:
        raise
    return response


def authenticate(username='', password=''):        
    '''
        Authenticates to Google Accounts using user-provided username and password,
        then authenticates to StackOverflow.
    '''
    # Build up headers
    user_agent = 'Mozilla/5.0 (Ubuntu; X11; Linux i686; rv:8.0) Gecko/20100101 Firefox/8.0'
    headers = {'User-Agent' : user_agent}

    # Set Data to None
    data = None

    # Build up URL request with headers and data    
    request = urllib2.Request(google_accounts_url, data, headers)
    response = request_url(request)

    # Build up POST data for authentication
    html = response.read()
    dsh = BeautifulSoup(html).findAll(attrs={'name' : 'dsh'})[0].get('value').encode()

    auto = response.headers.getheader('X-Auto-Login')

    follow_up = urllib.unquote(urllib.unquote(auto)).split('continue=')[-1]

    galx = jar._cookies['accounts.google.com']['/']['GALX'].value

    values = {'continue' : follow_up,
              'followup' : follow_up,
              'dsh' : dsh,
              'GALX' : galx,
              'pstMsg' : 1,
              'dnConn' : 'https://accounts.youtube.com',
              'checkConnection' : '',
              'checkedDomains' : '',
              'timeStmp' : '',
              'secTok' : '',
              'Email' : username,
              'Passwd' : password,
              'signIn' : 'Sign in',
              'PersistentCookie' : 'yes',
              'rmShown' : 1}

    data = urllib.urlencode(values)

    # Build up URL for authentication
    request = urllib2.Request(authentication_url, data, headers)
    response = request_url(request)

    # Check if logged in
    if response.url != request._Request__original:
        print '\n Logged in :)\n'
    else:
        print '\n Log in failed :(\n'

    # Build OpenID Data    
    values = {'oauth_version' : '',
              'oauth_server' : '',
              'openid_username' : '',
              'openid_identifier' : 'https://www.google.com/accounts/o8/id'}

    data = urllib.urlencode(values)

    # Build up URL for OpenID authetication
    request = urllib2.Request(stack_overflow_url, data, headers)
    response = request_url(request)

    # Retrieve Genuwine
    data = None
    request = urllib2.Request(genuwine_url, data, headers)
    response = request_url(request)
    print response.read()


if __name__ == '__main__':
    username = raw_input('Enter your Gmail address: ')
    password = getpass('Enter your password: ')
    authenticate(username, password)
回复 原文
如梦亦如幻 2024-12-09 22:08:05

您需要在任何“登录”页面上实现cookie,在Python中您使用 cookiejar。例如:

jar = cookielib.CookieJar()
myopener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))
#myopener now supports cookies.
....

You need to implement cookies on any "login" page, in Python you use cookiejar. For example:

jar = cookielib.CookieJar()
myopener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))
#myopener now supports cookies.
....
回复 原文
我早已燃尽 2024-12-09 22:08:05

我制作了一个使用 Mozilla Firefox cookie 登录 stackoverflow.com 的简单脚本。它不是完全自动化的,因为你需要手动登录,但这就是我设法做的。

Scipt适用于最新版本的FF(我使用的是8.0.1),但是你需要获取最新的sqlite dll,因为python 2.7附带的默认版本无法打开DB。您可以在这里获取它: http://www.sqlite.org/sqlite -dll-win32-x86-3070900.zip

import urllib2
import webbrowser
import cookielib
import os
import sqlite3
import re
from time import sleep

#login in Firefox. Must be default browser. In other cases log in manually
webbrowser.open_new('http://stackoverflow.com/users/login')

#wait for user to log in
sleep(60)

#Process profiles.ini to get path to cookies.sqlite
profile = open(os.path.join(os.environ['APPDATA'],'Mozilla','Firefox','profiles.ini'), 'r').read()

COOKIE_DB = os.path.join(os.environ['APPDATA'],'Mozilla','Firefox','Profiles',re.findall('Profiles/(.*)\n',profile)[0],'cookies.sqlite')
CONTENTS = "host, path, isSecure, expiry, name, value"

#extract cookies for specific host
def get_cookies(host):
    cj = cookielib.LWPCookieJar()   
    con = sqlite3.connect(COOKIE_DB)
    cur = con.cursor()
    sql = "SELECT {c} FROM moz_cookies WHERE host LIKE '%{h}%'".format(c=CONTENTS, h=host)
    cur.execute(sql)
    for item in cur.fetchall():
        c = cookielib.Cookie(0, item[4], item[5],
            None, False,
            item[0], item[0].startswith('.'), item[0].startswith('.'),
            item[1], False,
            item[2],
            item[3], item[3]=="",
            None, None, {})
        cj.set_cookie(c)
    return cj

host = 'stackoverflow'

cj = get_cookies(host)

opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))

response = opener.open('http://stackoverflow.com').read()

# if username in response - Auth successful
if 'Stanislav Golovanov' in response:
    print 'Auth successful'

I made a simple script that logins to stackoverflow.com using Mozilla Firefox cookies. It's not entirely automated, because you need to login manually, but it's all i managed to do.

Scipt is actual for latest versions of FF ( i'm using 8.0.1 ), but you need to get latest sqlite dll, because default one that comes with python 2.7 can't open DB. You can get it here: http://www.sqlite.org/sqlite-dll-win32-x86-3070900.zip

import urllib2
import webbrowser
import cookielib
import os
import sqlite3
import re
from time import sleep

#login in Firefox. Must be default browser. In other cases log in manually
webbrowser.open_new('http://stackoverflow.com/users/login')

#wait for user to log in
sleep(60)

#Process profiles.ini to get path to cookies.sqlite
profile = open(os.path.join(os.environ['APPDATA'],'Mozilla','Firefox','profiles.ini'), 'r').read()

COOKIE_DB = os.path.join(os.environ['APPDATA'],'Mozilla','Firefox','Profiles',re.findall('Profiles/(.*)\n',profile)[0],'cookies.sqlite')
CONTENTS = "host, path, isSecure, expiry, name, value"

#extract cookies for specific host
def get_cookies(host):
    cj = cookielib.LWPCookieJar()   
    con = sqlite3.connect(COOKIE_DB)
    cur = con.cursor()
    sql = "SELECT {c} FROM moz_cookies WHERE host LIKE '%{h}%'".format(c=CONTENTS, h=host)
    cur.execute(sql)
    for item in cur.fetchall():
        c = cookielib.Cookie(0, item[4], item[5],
            None, False,
            item[0], item[0].startswith('.'), item[0].startswith('.'),
            item[1], False,
            item[2],
            item[3], item[3]=="",
            None, None, {})
        cj.set_cookie(c)
    return cj

host = 'stackoverflow'

cj = get_cookies(host)

opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))

response = opener.open('http://stackoverflow.com').read()

# if username in response - Auth successful
if 'Stanislav Golovanov' in response:
    print 'Auth successful'
回复 原文
~没有更多了~

关于作者

情话墙

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

胡图图

文章 0 评论 0

zt006

文章 0 评论 0

z祗昰~

文章 0 评论 0

冰葑

文章 0 评论 0

野の

文章 0 评论 0

天空

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文