QQ机器人{协议篇}
今天聊聊QQ机器人的web接口吧~
其实也没什么,就是一系列的HTTP调用顺序,入参回参。网上完整的似乎不多,而且早期的也不适用了,所以整理下,有需要童鞋可以参考下。
按照调用顺序,一一列举下哈:
1.获取二维码
URL(GET):https://ssl.ptlogin2.qq.com/ptqrshow?appid=501004106&e=0&l=M&s=5&d=72&v=4&t=0.09821339275864471
Content-Type:image/png
request:除了”t“是个随机数,其它默认即可。
response:返回二维码图片流,且每次调用都会回写一个唯一的cookie。
2.二维码验证
URL(GET):https://ssl.ptlogin2.qq.com/ptqrlogin?ptqrtoken=12345678&webqq_type=10&remember_uin=1&login2qq=1&aid=501004106&u1=http%3A%2F%2Fw.qq.com%2Fproxy.html%3Flogin2qq%3D1%26webqq_type%3D10&ptredirect=0&ptlang=2052&daid=164&from_ui=1&pttype=1&dumy=&fp=loginerroralert&action=0-0-9604&mibao_css=m_webqq&t=undefined&g=1&js_type=0&js_ver=10181&login_sig=&pt_randsalt=0
Content-Type:application/x-javascript; charset=utf-8
request:参数全部默认即可。将上次调用回写的cookie送给服务端,作为区分二维码的唯一标识。
response:回参为javascript
返回内容分为4种(如果用户授权登录成功,则返回链接地址):
- ptuiCB(‘66’,’0’,”,’0’,’二维码未失效。(4041234080)’, ”);
- ptuiCB(‘65’,’0’,”,’0’,’二维码已失效。(3395291230)’, ”);
- ptuiCB(‘67’,’0’,”,’0’,’二维码认证中。(661679884)’, ”);
- ptuiCB(‘0’,’0’,’http://ptlogin4.web2.qq.com/check_sig?pttype=1&uin=QQ&service=ptqrlogin&nodirect=0&ptsigx=e44f55aaa2f9c6b98448a85da0da474a6200382020317396fe4b2756381ac3c2952973e20aea1763f7b295779b283bfff33c91b27ec759ce68888832e16d448e&s_url=http%3A%2F%2Fw.qq.com%2Fproxy.html%3Flogin2qq%3D1%26webqq_type%3D10&f_url=&ptlang=2052&ptredirect=100&aid=501004106&daid=164&j_later=0&low_login_hour=0®master=0&pt_login_type=3&pt_aid=0&pt_aaid=16&pt_light=0&pt_3rd_aid=0‘,’0’,’登录成功!’, ‘昵称’);
注:ptqrtoken是hash运算出来的,2017/2/13左右webQQ新改的协议。
3.获取ptwebqq
URL(GET):上个请求二维码验证成功后返回的地址
Content-Type:text/html
request:默认
response:获取session中的ptwebqq,作为后续请求入参
Status Code:302 Found(注:此请求返回302)
4.获取vfwebqq
URL(GET):http://s.web2.qq.com/api/getvfwebqq?clientid=53999199
Content-Type:application/json;charset=utf-8
request:默认
Referer:http://s.web2.qq.com/proxy.html?v=20130916001&callback=1&id=1
response:{“retcode”:0,”result”:{“vfwebqq”:”5ea7a9e76d5e3610e325011f8daf2cb60007f73fec45990abb08b1c0573e4eb759353321b3eaea8b”}}
5.二次登录
URL(POST):http://d1.web2.qq.com/channel/login2
Content-Type:application/json;charset=utf-8
request:r:{“ptwebqq”:”之前请求获取到的ptwebqq”,”clientid”:53999199,”psessionid”:”“,”status”:”online”}
Referer:http://d1.web2.qq.com/proxy.html?v=20151105001&callback=1&id=2
response:{“result”:{“cip”:23600812,”f”:0,”index”:1075,”port”:47450,”psessionid”:”8368046764001d636f6e6e7365727665725f77656271714031302e3133332e34312e383400001ad00000066b026e040015808a206d0000000a406172314338344a69526d0000002859185d94e66218548d1ecb1a12513c86126b3afb97a3c2955b1070324790733ddb059ab166de6857”,”status”:”online”,”uin”:**,”user_state”:0,”vfwebqq”:”59185d94e66218548d1ecb1a12513c86126b3afb97a3c2955b1070324790733ddb059ab166de6857”},”retcode”:0}
6.获取好友列表
URL(POST):http://s.web2.qq.com/api/get_user_friends2
Content-Type:application/json;charset=utf-8
request:r:{“vfwebqq”:”5ea7a9e76d5e3610e325011f8daf2cb60007f73fec45990abb08b1c0573e4eb759353321b3eaea8b”,”hash”:”5B750DD50CFF0DE2”}
Referer:http://s.web2.qq.com/proxy.html?v=20130916001&callback=1&id=1
response:(返回json,涉及个人信息就不列出了)
注:hash入参是hash运算出来的。
7.获取群列表
URL(POST):http://s.web2.qq.com/api/get_group_name_list_mask2
Content-Type:application/json;charset=utf-8
request:r:{“vfwebqq”:”5ea7a9e76d5e3610e325011f8daf2cb60007f73fec45990abb08b1c0573e4eb759353321b3eaea8b”,”hash”:”5B750DD50CFF0DE2”}
Referer:http://s.web2.qq.com/proxy.html?v=20130916001&callback=1&id=1
response:(返回json,涉及个人信息就不列出了)
注:hash入参是hash运算出来的。
8.获取讨论组列表
URL(GET):http://s.web2.qq.com/api/get_discus_list?clientid=53999199&psessionid=8368046764001d636f6e6e7365727665725f77656271714031302e3133332e34312e383400001ad00000066b026e040015808a206d0000000a406172314338344a69526d0000002859185d94e66218548d1ecb1a12513c86126b3afb97a3c2955b1070324790733ddb059ab166de6857&vfwebqq=5ea7a9e76d5e3610e325011f8daf2cb60007f73fec45990abb08b1c0573e4eb759353321b3eaea8b&t=1485759632898
Content-Type:application/json;charset=utf-8
request:入参:psessionid(二次登录请求返回),vfwebqq(之前请求返回),其它默认
Referer:http://s.web2.qq.com/proxy.html?v=20130916001&callback=1&id=1
response:(返回json,涉及个人信息就不列出了)
9.获取个人信息
URL(GET):http://s.web2.qq.com/api/get_self_info2
Content-Type:application/json;charset=utf-8
request:t(随机数)
Referer:http://s.web2.qq.com/proxy.html?v=20130916001&callback=1&id=1
response:(返回json,涉及个人信息就不列出了)
10.获取在线好友
URL(GET):http://d1.web2.qq.com/channel/get_online_buddies2?vfwebqq=5ea7a9e76d5e3610e325011f8daf2cb60007f73fec45990abb08b1c0573e4eb759353321b3eaea8b&clientid=53999199&psessionid=8368046764001d636f6e6e7365727665725f77656271714031302e3133332e34312e383400001ad00000066b026e040015808a206d0000000a406172314338344a69526d0000002859185d94e66218548d1ecb1a12513c86126b3afb97a3c2955b1070324790733ddb059ab166de6857&t=1485759633353
Content-Type:text/plain; charset=UTF-8
request:入参:psessionid(二次登录请求返回),vfwebqq(之前请求返回),其它默认
Referer:http://s.web2.qq.com/proxy.html?v=20130916001&callback=1&id=1
response:(返回json,涉及个人信息就不列出了)
注:此请求必须,否则后续无法正常收发消息
11.获取消息
URL(POST):https://d1.web2.qq.com/channel/poll2
Content-Type:text/html或者text/plain; charset=UTF-8
request:r:{“ptwebqq”:”之前请求返回”,”clientid”:53999199,”psessionid”:”二次登录返回”,”key”:”“}
Referer:https://d1.web2.qq.com/cfproxy.html?v=20151105001&callback=1
response:没有消息则返回504页面(服务不稳定),否则返回json,各类消息样例如下。
- 群普通消息:{“result”:[{“poll_type”:”group_message”,”value”:{“content”:[[“font”,{“color”:”000000”,”name”:”微软雅黑”,”size”:10,”style”:[0,0,0]}],”消息内容”],”from_uin”:3137996082,”group_code”:3137996082,”msg_id”:18987,”msg_type”:0,”send_uin”:2583344358,”time”:1479979036,”to_uin”:123456}}],”retcode”:0}
- 带有@:{“result”:[{“poll_type”:”group_message”,”value”:{“content”:[[“font”,{“color”:”000000”,”name”:”微软雅黑”,”size”:10,”style”:[0,0,0]}],”那这个不对”,”@徐牧知”,”“,” “,”@雷**”,”“,” 提的问题改下”],”from_uin”:1944701608,”group_code”:1944701608,”msg_id”:27053,”msg_type”:0,”send_uin”:3093228221,”time”:1480389332,”to_uin”:1234567}}],”retcode”:0}
- 讨论组:{“result”:[{“poll_type”:”discu_message”,”value”:{“content”:[[“font”,{“color”:”000000”,”name”:”微软雅黑”,”size”:10,”style”:[0,0,0]}],”咋回事”],”did”:3203113144,”from_uin”:3203113144,”msg_id”:35357,”msg_type”:0,”send_uin”:3721929266,”time”:1479980104,”to_uin”:123456}}],”retcode”:0}
- 私人:{“result”:[{“poll_type”:”message”,”value”:{“content”:[[“font”,{“color”:”000000”,”name”:”微软雅黑”,”size”:10,”style”:[0,0,0]}],”dddd”],”from_uin”:255456191,”msg_id”:4160,”msg_type”:0,”time”:1479979683,”to_uin”:234567}}],”retcode”:0}
12.发送消息
URL(POST):https://d1.web2.qq.com/channel/send_buddy_msg2(私聊);
https://d1.web2.qq.com/channel/send_discu_msg2(讨论组);
https://d1.web2.qq.com/channel/send_qun_msg2(群)
Content-Type:text/plain; charset=UTF-8
request:r:{“to”:1896640503,”content”:”[\”hh\”,[\”font\”,{\”name\”:\”宋体\”,\”size\”:10,\”style\”:[0,0,0],\”color\”:\”000000\”}]]”,”face”:480,”clientid”:53999199,”msg_id”:36460004,”psessionid”:”二次登录返回”}(私人);
r={“did”:3203113144,”content”:”[[\”face\”,14],\” 哈哈哈\”,[\”font\”,{\”name\”:\”宋体\”,\”size\”:10,\”style\”:[0,0,0],\”color\”:\”000000\”}]]”,”face”:480,”clientid”:53999199,”msg_id”:37040003,”psessionid”:”二次登录返回”}(讨论组);
r={“group_uin”:3137996082,”content”:”[\”啦啦啦\”,[\”font\”,{\”name\”:\”宋体\”,\”size\”:10,\”style\”:[0,0,0],\”color\”:\”000000\”}]]”,”face”:480,”clientid”:53999199,”msg_id”:37040004,”psessionid”:”二次登录返回”}(群)
Referer:https://d1.web2.qq.com/cfproxy.html?v=20151105001&callback=1
response:发送成功:{“errCode”:0,”msg”:”send ok”}(但现在即使发送成功也返回{“errmsg”:”error!!!”,”retcode”:100100})
我的QQ机器人所涉及到的接口调用上面已经按顺序列出了,当然还有许多请求未列出,看自身需求,下面说几点注意吧:
- 因为需要登录验证,所以cookie必不可少,但是每次请求手动去设置cookie又会很麻烦,所以我采用Apache HttpComponents httpClient,每次请求它可以自动带上cookie,非常方便。
- 列出的可能有误差,但是基本就是这个流程,详细请求可查看webQQ;按照请求顺序,依次将相关入参回参保存,方便下次请求需要。
- 入参需要URL编码后发送(UTF-8)
- 获取好友、群组这些信息,返回的都是临时账号,每次获取都不一样,并不是QQ号
- 标有Referer的请求,Request Headers需要加Referer请求头,否则请求可能失败。
- 请求头最好加上user-agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.75 Safari/537.36这类
- 有几个接口入参有hash字段,这应该是webQQ的入参校验,防止非法请求吧~hash字段是通过js运算出来的,可以看到源码,所以可以用Java执行下js就可以得到了,具体怎么做就不多说了,有机会放GitHub地址自己去看~
好了,简单整理了下,希望腾讯不要生气哇~要是腾讯能维护下现在的webQQ就好了,现在很多请求总是异常,QQ机器人不能100%响应。
(2017-2-13更新,因为二维码验证接口入参增加了hash验证,协议有变动)