Bilibili App Auth

哔哩哔哩 App 端鉴权

Ce script ne devrait pas être installé directement. C'est une librairie créée pour d'autres scripts. Elle doit être inclus avec la commande // @require https://update.greasyfork.org/scripts/566236/1754598/Bilibili%20App%20Auth.js

Aide pour l'installation

Vous devrez installer une extension telle que Tampermonkey, Greasemonkey ou Violentmonkey pour installer ce script.

Vous devrez installer une extension telle que Tampermonkey pour installer ce script.

Vous devrez installer une extension telle que Tampermonkey ou Violentmonkey pour installer ce script.

Vous devrez installer une extension telle que Tampermonkey ou Userscripts pour installer ce script.

Vous devrez installer une extension telle que Tampermonkey pour installer ce script.

Vous devrez installer une extension de gestionnaire de script utilisateur pour installer ce script.

(J'ai déjà un gestionnaire de scripts utilisateur, laissez-moi l'installer !)

Aide pour l'installation

Vous devrez installer une extension telle que Stylus pour installer ce style.

Vous devrez installer une extension telle que Stylus pour installer ce style.

Vous devrez installer une extension telle que Stylus pour installer ce style.

Vous devrez installer une extension du gestionnaire de style pour utilisateur pour installer ce style.

Vous devrez installer une extension du gestionnaire de style pour utilisateur pour installer ce style.

Vous devrez installer une extension du gestionnaire de style pour utilisateur pour installer ce style.

(J'ai déjà un gestionnaire de style utilisateur, laissez-moi l'installer!) 

// ==UserScript==
// @name               Bilibili App Auth
// @name:zh-CN         哔哩哔哩 App 扫码鉴权库
// @namespace          https://gab.moe/
// @version            1.0.0
// @author             GabrielxD
// @description:zh-CN  为用户脚本提供 B 站 App 端扫码登录和 API 签名能力的依赖库
// @license            MIT
// @grant              GM_xmlhttpRequest
// ==/UserScript==

"use strict";

function createBilibiliAppAuth(
  deps = {
    GM_xmlhttpRequest: null,
  },
) {
  const logger = (() => {
    const { name: scriptName, version: scriptVersion } = GM_info.script;
    const nameStyle = `padding: 2px 10px; border-radius: 4px 0 0 4px; color: #fff; background: #2394F1; font-weight: bold;`;
    const versionStyle = `padding: 2px 10px; border-radius: 0 4px 4px 0; color: #fff; background: #FA7298; font-weight: bold;`;

    return new Proxy(console, {
      get(target, prop, receiver) {
        const value = Reflect.get(target, prop, receiver);
        if (typeof value !== "function") {
          return value;
        }

        return value.bind(
          target,
          `%c${scriptName}%cv${scriptVersion}`,
          nameStyle,
          versionStyle,
        );
      },
    });
  })();

  const missingDeps = Object.entries(deps)
    .filter(([_, value]) => value === null)
    .map(([key]) => key);

  if (missingDeps.length > 0) {
    logger.warn(
      `${missingDeps.join(
        ", ",
      )} are required, please pass them to the function`,
    );
    return null;
  }

  const { GM_xmlhttpRequest } = deps;

  // Migrated from https://github.com/blueimp/JavaScript-MD5
  const md5 = (() => {
    function safeAdd(x, y) {
      var lsw = (x & 0xffff) + (y & 0xffff);
      var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
      return (msw << 16) | (lsw & 0xffff);
    }
    function bitRotateLeft(num, cnt) {
      return (num << cnt) | (num >>> (32 - cnt));
    }
    function md5cmn(q, a, b, x, s, t) {
      return safeAdd(
        bitRotateLeft(safeAdd(safeAdd(a, q), safeAdd(x, t)), s),
        b,
      );
    }
    function md5ff(a, b, c, d, x, s, t) {
      return md5cmn((b & c) | (~b & d), a, b, x, s, t);
    }
    function md5gg(a, b, c, d, x, s, t) {
      return md5cmn((b & d) | (c & ~d), a, b, x, s, t);
    }
    function md5hh(a, b, c, d, x, s, t) {
      return md5cmn(b ^ c ^ d, a, b, x, s, t);
    }
    function md5ii(a, b, c, d, x, s, t) {
      return md5cmn(c ^ (b | ~d), a, b, x, s, t);
    }
    function binlMD5(x, len) {
      /* append padding */
      x[len >> 5] |= 0x80 << len % 32;
      x[(((len + 64) >>> 9) << 4) + 14] = len;

      var i;
      var olda;
      var oldb;
      var oldc;
      var oldd;
      var a = 1732584193;
      var b = -271733879;
      var c = -1732584194;
      var d = 271733878;

      for (i = 0; i < x.length; i += 16) {
        olda = a;
        oldb = b;
        oldc = c;
        oldd = d;

        a = md5ff(a, b, c, d, x[i], 7, -680876936);
        d = md5ff(d, a, b, c, x[i + 1], 12, -389564586);
        c = md5ff(c, d, a, b, x[i + 2], 17, 606105819);
        b = md5ff(b, c, d, a, x[i + 3], 22, -1044525330);
        a = md5ff(a, b, c, d, x[i + 4], 7, -176418897);
        d = md5ff(d, a, b, c, x[i + 5], 12, 1200080426);
        c = md5ff(c, d, a, b, x[i + 6], 17, -1473231341);
        b = md5ff(b, c, d, a, x[i + 7], 22, -45705983);
        a = md5ff(a, b, c, d, x[i + 8], 7, 1770035416);
        d = md5ff(d, a, b, c, x[i + 9], 12, -1958414417);
        c = md5ff(c, d, a, b, x[i + 10], 17, -42063);
        b = md5ff(b, c, d, a, x[i + 11], 22, -1990404162);
        a = md5ff(a, b, c, d, x[i + 12], 7, 1804603682);
        d = md5ff(d, a, b, c, x[i + 13], 12, -40341101);
        c = md5ff(c, d, a, b, x[i + 14], 17, -1502002290);
        b = md5ff(b, c, d, a, x[i + 15], 22, 1236535329);

        a = md5gg(a, b, c, d, x[i + 1], 5, -165796510);
        d = md5gg(d, a, b, c, x[i + 6], 9, -1069501632);
        c = md5gg(c, d, a, b, x[i + 11], 14, 643717713);
        b = md5gg(b, c, d, a, x[i], 20, -373897302);
        a = md5gg(a, b, c, d, x[i + 5], 5, -701558691);
        d = md5gg(d, a, b, c, x[i + 10], 9, 38016083);
        c = md5gg(c, d, a, b, x[i + 15], 14, -660478335);
        b = md5gg(b, c, d, a, x[i + 4], 20, -405537848);
        a = md5gg(a, b, c, d, x[i + 9], 5, 568446438);
        d = md5gg(d, a, b, c, x[i + 14], 9, -1019803690);
        c = md5gg(c, d, a, b, x[i + 3], 14, -187363961);
        b = md5gg(b, c, d, a, x[i + 8], 20, 1163531501);
        a = md5gg(a, b, c, d, x[i + 13], 5, -1444681467);
        d = md5gg(d, a, b, c, x[i + 2], 9, -51403784);
        c = md5gg(c, d, a, b, x[i + 7], 14, 1735328473);
        b = md5gg(b, c, d, a, x[i + 12], 20, -1926607734);

        a = md5hh(a, b, c, d, x[i + 5], 4, -378558);
        d = md5hh(d, a, b, c, x[i + 8], 11, -2022574463);
        c = md5hh(c, d, a, b, x[i + 11], 16, 1839030562);
        b = md5hh(b, c, d, a, x[i + 14], 23, -35309556);
        a = md5hh(a, b, c, d, x[i + 1], 4, -1530992060);
        d = md5hh(d, a, b, c, x[i + 4], 11, 1272893353);
        c = md5hh(c, d, a, b, x[i + 7], 16, -155497632);
        b = md5hh(b, c, d, a, x[i + 10], 23, -1094730640);
        a = md5hh(a, b, c, d, x[i + 13], 4, 681279174);
        d = md5hh(d, a, b, c, x[i], 11, -358537222);
        c = md5hh(c, d, a, b, x[i + 3], 16, -722521979);
        b = md5hh(b, c, d, a, x[i + 6], 23, 76029189);
        a = md5hh(a, b, c, d, x[i + 9], 4, -640364487);
        d = md5hh(d, a, b, c, x[i + 12], 11, -421815835);
        c = md5hh(c, d, a, b, x[i + 15], 16, 530742520);
        b = md5hh(b, c, d, a, x[i + 2], 23, -995338651);

        a = md5ii(a, b, c, d, x[i], 6, -198630844);
        d = md5ii(d, a, b, c, x[i + 7], 10, 1126891415);
        c = md5ii(c, d, a, b, x[i + 14], 15, -1416354905);
        b = md5ii(b, c, d, a, x[i + 5], 21, -57434055);
        a = md5ii(a, b, c, d, x[i + 12], 6, 1700485571);
        d = md5ii(d, a, b, c, x[i + 3], 10, -1894986606);
        c = md5ii(c, d, a, b, x[i + 10], 15, -1051523);
        b = md5ii(b, c, d, a, x[i + 1], 21, -2054922799);
        a = md5ii(a, b, c, d, x[i + 8], 6, 1873313359);
        d = md5ii(d, a, b, c, x[i + 15], 10, -30611744);
        c = md5ii(c, d, a, b, x[i + 6], 15, -1560198380);
        b = md5ii(b, c, d, a, x[i + 13], 21, 1309151649);
        a = md5ii(a, b, c, d, x[i + 4], 6, -145523070);
        d = md5ii(d, a, b, c, x[i + 11], 10, -1120210379);
        c = md5ii(c, d, a, b, x[i + 2], 15, 718787259);
        b = md5ii(b, c, d, a, x[i + 9], 21, -343485551);

        a = safeAdd(a, olda);
        b = safeAdd(b, oldb);
        c = safeAdd(c, oldc);
        d = safeAdd(d, oldd);
      }
      return [a, b, c, d];
    }
    function binl2rstr(input) {
      var i;
      var output = "";
      var length32 = input.length * 32;
      for (i = 0; i < length32; i += 8) {
        output += String.fromCharCode((input[i >> 5] >>> i % 32) & 0xff);
      }
      return output;
    }
    function rstr2binl(input) {
      var i;
      var output = [];
      output[(input.length >> 2) - 1] = undefined;
      for (i = 0; i < output.length; i += 1) {
        output[i] = 0;
      }
      var length8 = input.length * 8;
      for (i = 0; i < length8; i += 8) {
        output[i >> 5] |= (input.charCodeAt(i / 8) & 0xff) << i % 32;
      }
      return output;
    }
    function rstrMD5(s) {
      return binl2rstr(binlMD5(rstr2binl(s), s.length * 8));
    }
    function rstrHMACMD5(key, data) {
      var i;
      var bkey = rstr2binl(key);
      var ipad = [];
      var opad = [];
      var hash;
      ipad[15] = opad[15] = undefined;
      if (bkey.length > 16) {
        bkey = binlMD5(bkey, key.length * 8);
      }
      for (i = 0; i < 16; i += 1) {
        ipad[i] = bkey[i] ^ 0x36363636;
        opad[i] = bkey[i] ^ 0x5c5c5c5c;
      }
      hash = binlMD5(ipad.concat(rstr2binl(data)), 512 + data.length * 8);
      return binl2rstr(binlMD5(opad.concat(hash), 512 + 128));
    }
    function rstr2hex(input) {
      var hexTab = "0123456789abcdef";
      var output = "";
      var x;
      var i;
      for (i = 0; i < input.length; i += 1) {
        x = input.charCodeAt(i);
        output += hexTab.charAt((x >>> 4) & 0x0f) + hexTab.charAt(x & 0x0f);
      }
      return output;
    }
    function str2rstrUTF8(input) {
      return unescape(encodeURIComponent(input));
    }
    function rawMD5(s) {
      return rstrMD5(str2rstrUTF8(s));
    }
    function hexMD5(s) {
      return rstr2hex(rawMD5(s));
    }
    function rawHMACMD5(k, d) {
      return rstrHMACMD5(str2rstrUTF8(k), str2rstrUTF8(d));
    }
    function hexHMACMD5(k, d) {
      return rstr2hex(rawHMACMD5(k, d));
    }
    return function md5(string, key, raw) {
      if (!key) {
        if (!raw) {
          return hexMD5(string);
        }
        return rawMD5(string);
      }
      if (!raw) {
        return hexHMACMD5(key, string);
      }
      return rawHMACMD5(key, string);
    };
  })();

  const isObject = value => value !== null && typeof value === "object";

  const getCurrentUnixTS = () => Math.floor(Date.now() / 1000);

  /** 部分可用的 APP 预设 (appkey / appsec) */
  const APP_PRESETS = {
    /** 粉版 (Android, 7.X 及更新版本获取用户信息) */
    android: {
      appkey: "783bbb7264451d82",
      appsec: "2653583c8873dea268ab9386918b1d65",
    },
    /** AndroidBiliThings */
    android_things: {
      appkey: "8d23902c1688a798",
      appsec: "710f0212e62bd499b8d3ac6e1db9302a",
    },
    /** 第三方授权 */
    third_party: {
      appkey: "27eb53fc9058f8c3",
      appsec: "c2ed53a74eeefe3cf99fbd01d8c9c375",
    },
    /** 云视听小电视(TV版) */
    tv: {
      appkey: "4409e2ce8ffd12b8",
      appsec: "59b43e04ad6965f34319062b478f83dd",
    },
    /** HD 版 */
    hd: {
      appkey: "dfca71928277209b",
      appsec: "b5475a8825547a4fc26c7d518eaaa02e",
    },
  };

  /**
   * 哔哩哔哩 App 端扫码登录
   *
   * 事件:
   * - `start`     — 登录流程开始(获取到二维码后触发)
   * - `scan`      — 二维码状态轮询中(等待扫码 / 已扫码未确认), `event.detail` 为轮询响应
   * - `completed` — 登录成功, `event.detail` 为登录响应数据
   * - `error`     — 登录失败 / 二维码过期, `event.detail` 为错误响应
   * - `end`       — 登录流程结束(无论成功或失败), `event.detail` 为最终响应
   */
  class BilibiliAppAuth extends EventTarget {
    USER_AGENT =
      "Mozilla/5.0 BiliDroid/8.43.0 ([email protected]) os/android model/android mobi_app/android build/8430300 channel/master innerVer/8430300 osVer/15 network/2";
    #appkey;
    #appsec;
    #timer = null;
    /** 轮询间隔(ms) */
    interval = 2000;

    /**
     * @param {string | { appkey: string; appsec: string }} app
     *   预设名称(如 "tv", "android", "hd" 等)或自定义 { appkey, appsec }
     */
    constructor(app) {
      super();
      if (typeof app === "string") {
        const preset = APP_PRESETS[app];
        if (!preset) {
          logger.error(
            `未知的 APP 预设: "${app}",可用预设: ${Object.keys(
              APP_PRESETS,
            ).join(", ")}`,
          );
          return;
        }
        this.#appkey = preset.appkey;
        this.#appsec = preset.appsec;
      } else {
        if (!app?.appkey || !app?.appsec) {
          logger.error("自定义配置必须提供 appkey 和 appsec");
          return;
        }
        this.#appkey = app.appkey;
        this.#appsec = app.appsec;
      }
    }

    static request = (() => {
      const _request = (url, options = {}) => {
        const {
          method = "GET",
          headers,
          data = null,
          params = null,
          timeout = 30_000,
          responseType,
          cookie,
          anonymous,
        } = options;

        let query = params;
        if (isObject(params) && !(params instanceof URLSearchParams)) {
          query = new URLSearchParams(params);
        }
        const fullURL = query
          ? `${url}${url.includes("?") ? "&" : "?"}${query}`
          : url;

        let ctrl;
        const promise = new Promise((resolve, reject) => {
          GM_xmlhttpRequest({
            method,
            url: fullURL,
            headers,
            data,
            timeout,
            responseType,
            cookie,
            anonymous,
            onload(res) {
              if (res.status >= 200 && res.status < 300) {
                let result = res.response ?? res.responseText;
                if (!responseType && typeof result === "string") {
                  try {
                    result = JSON.parse(result);
                  } catch {}
                }
                resolve({
                  body: result,
                  status: res.status,
                  headers: res.responseHeaders,
                  raw: res,
                });
              } else {
                reject({
                  body: res.responseText,
                  status: res.status,
                  statusText: res.statusText,
                  raw: res,
                });
              }
            },
            onerror: res =>
              reject({ status: 0, msg: "Network Error", raw: res }),
            ontimeout: res => reject({ status: 0, msg: "Timeout", raw: res }),
          });
        });

        promise.abort = () => ctrl?.abort();
        return promise;
      };
      _request.get = (url, params, opts) =>
        _request(url, { ...opts, method: "GET", params });
      _request.post = (url, data, opts) =>
        _request(url, { ...opts, method: "POST", data });

      return _request;
    })();

    /**
     * 为请求参数进行 APP 签名
     * @param {Record<string, any> | URLSearchParams} params
     * @returns {URLSearchParams} 签名后的 params
     */
    signParams(params) {
      if (!(params instanceof URLSearchParams)) {
        params = new URLSearchParams(params);
      }
      params.set("appkey", this.#appkey);
      params.sort();
      params.set("sign", md5(`${params.toString()}${this.#appsec}`));
      return params;
    }

    /**
     * 获取登录二维码 URL 及密钥
     */
    async getAuthCode() {
      const signedParams = this.signParams({
        local_id: 0,
        ts: getCurrentUnixTS(),
        mobi_app: "android",
      });

      const resp = await BilibiliAppAuth.request.post(
        "https://passport.bilibili.com/x/passport-tv-login/qrcode/auth_code",
        signedParams,
        {
          responseType: "json",
          anonymous: true,
          headers: {
            "User-Agent": this.USER_AGENT,
            "Content-Type": "application/x-www-form-urlencoded; charset=utf-8",
          },
        },
      );

      if (resp.body.code !== 0) {
        logger.error("getAuthCode error:", resp.body);
        return null;
      }

      return resp.body.data;
    }

    /**
     * 查询登录二维码状态
     * @param {string} authCode
     */
    async poll(authCode) {
      const signedParams = this.signParams({
        auth_code: authCode,
        local_id: 0,
        ts: getCurrentUnixTS(),
      });

      const resp = await BilibiliAppAuth.request.post(
        "https://passport.bilibili.com/x/passport-tv-login/qrcode/poll",
        signedParams,
        {
          responseType: "json",
          anonymous: true,
          headers: {
            "User-Agent": this.USER_AGENT,
            "Content-Type": "application/x-www-form-urlencoded; charset=utf-8",
          },
        },
      );

      return resp.body;
    }

    /**
     * 开始扫码登录流程
     * @returns {Promise<string | null>} 二维码 URL,失败返回 null
     */
    async login() {
      const data = await this.getAuthCode();
      if (!data) {
        this.dispatchEvent(
          new CustomEvent("error", {
            detail: { code: -1, message: "获取二维码失败", data: null },
          }),
        );
        return null;
      }

      const authCode = data.auth_code;
      this.dispatchEvent(new Event("start"));

      let count = 0;
      this.#timer = setInterval(async () => {
        try {
          const resp = await this.poll(authCode);

          if (resp.code === 0) {
            this.dispatchEvent(new CustomEvent("completed", { detail: resp }));
            this.#finish(resp);
          } else if (resp.code === 86039 || resp.code === 86090) {
            // 86039: 尚未扫码, 86090: 已扫码未确认
            this.dispatchEvent(new CustomEvent("scan", { detail: resp }));
          } else {
            // 86038: 二维码已失效 / 其他错误
            this.dispatchEvent(new CustomEvent("error", { detail: resp }));
            this.#finish(resp);
          }

          count++;
          if (count > 180_000 / this.interval) {
            const timeout = {
              code: 86038,
              message: "二维码已失效",
              ttl: 1,
              data: null,
            };
            this.dispatchEvent(new CustomEvent("error", { detail: timeout }));
            this.#finish(timeout);
          }
        } catch (err) {
          logger.error("poll error:", err);
          this.dispatchEvent(
            new CustomEvent("error", {
              detail: { code: -1, message: "轮询请求异常", data: err },
            }),
          );
          this.#finish({
            code: -1,
            message: "轮询请求异常",
            data: err,
          });
        }
      }, this.interval);

      return data.url;
    }

    /**
     * 结束轮询并触发 end 事件
     * @param {any} detail
     */
    #finish(detail) {
      clearInterval(this.#timer);
      this.#timer = null;
      this.dispatchEvent(new CustomEvent("end", { detail }));
    }

    /**
     * 中断登录流程
     */
    interrupt() {
      if (this.#timer !== null) {
        clearInterval(this.#timer);
        this.#timer = null;
        this.dispatchEvent(
          new CustomEvent("end", {
            detail: { code: -1, message: "用户中断", data: null },
          }),
        );
      }
    }
  }

  return BilibiliAppAuth;
}