APPStore协议之登录接口
以前还能用各种软件抓APPStore的HTTPS通讯过程,现在不行了。不过还是抓到了。
登录地址:https://buy.itunes.apple.com/WebObjects/MZFinance.woa/wa/authenticate
Header
X-Apple-Store-Front: 143465-19,17
X-Apple-ActionSignature: Au8X+4ZjPiuApI9jJWaw0nqdvnxkkHvZ5MbBpFLVU2k2AAAB0AMAAAACAAABAKvN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76vN76sAAAAVLNOxBL4I34K8lx9aMmbHrYeq+XZWAAAAnwFdxIb8ydvD8FVzWQzr+sgk4im2OAAAAIYFAOPPA8GHP5bKhHp2gvKVI39ZaDu0Ygqlwsnc53VHt35/yuxkS8nrnU5g3JWarO+coJmSBxaHsybQ3QUGfGs9D7i2dkr20z3D69YjVIGkdbX8UqrQVc2SvRuQuWrAcgq9emVr1baJfdXnbf61Vivi0IuAIwu9YE32w1OcAlxOUiScvSI4VAAAAAAAAAAAAAAA
User-Agent: iTunes/11.3 (Windows; Microsoft Windows 7 x64 Ultimate Edition Service Pack 1 (Build 7601)) AppleWebKit/537.60.17
POST参数
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>appleId</key>
<string>xxxx@qq.com</string>
<key>password</key>
<string>****</string>
<key>guid</key>
<string>CB3211A8.E1F3825D.00000000.4048D81D.BB74D76F.759AE7F6.6622C8C0</string>
<key>attempt</key>
<integer>1</integer>
<key>why</key>
<string>purchase</string>
<key>machineName</key>
<string>Vip22</string>
<key>rmp</key>
<string>0</string>
<key>createSession</key>
<string>true</string>
</dict>
</plist>
其中难点在于 X-Apple-ActionSignature 的算法