optimize: risk control, add bili_ticket

Author: snowtafir

CHANGELOG.md

@@ -1,4 +1,5 @@
 # 2.0.4
+* 优化B站风控相关，新增bili_tiket参数
 * fix Repeated Instantiation Puppeteer
 * 优化获取B站登录ck
 * 添加截图列队，优化配置文件注释

package.json

@@ -1,6 +1,6 @@
 {
   "name": "yz-yuki-plugin",
-  "version": "2.0.4-3",
+  "version": "2.0.4-4",
   "description": "优纪插件，yunzaijs 关于 微博推送、B站推送 等功能的拓展插件",
   "author": "snowtafir",
   "type": "module",

src/models/bilibili/bilibili.get.web.data.ts

@@ -1,7 +1,7 @@
 import axios from "axios";
 import lodash from "lodash";
 import { BiliApi } from '@/models/bilibili//bilibili.api';
-import { readSavedCookieItems, readSavedCookieOtherItems, readSyncCookie } from '@/models/bilibili/bilibili.models';
+import { cookieWithBiliTicket, readSavedCookieItems, readSavedCookieOtherItems, readSyncCookie } from '@/models/bilibili/bilibili.models';
 import { getWbiSign } from '@/models/bilibili//bilibili.wbi';
 
 export class BiliGetWebData {
@@ -12,6 +12,7 @@ export class BiliGetWebData {
   async getBiliDynamicListDataByUid(uid: any) {
     const url = BiliApi.BILIBIL_API.biliDynamicInfoList;
     let { cookie } = await readSyncCookie();
+    cookie = await cookieWithBiliTicket(cookie);
 
     const data = {
       offset: '',
@@ -43,6 +44,7 @@ export class BiliGetWebData {
   async getBilibiUserInfoByUid(uid: any) {
     const url = BiliApi.BILIBIL_API.biliSpaceUserInfoWbi;
     let { cookie } = await readSyncCookie();
+    cookie = await cookieWithBiliTicket(cookie);
 
     const data = {
       mid: uid,
@@ -67,6 +69,7 @@ export class BiliGetWebData {
   async searchBiliUserInfoByKeyword(keyword: string) {
     const url = BiliApi.BILIBIL_API.biliSearchUpWbi;
     let { cookie } = await readSyncCookie();
+    cookie = await cookieWithBiliTicket(cookie);
 
     const data = {
       keyword: keyword,

src/models/bilibili/bilibili.models.ts

@@ -13,6 +13,7 @@ import { _paths } from '@/utils/paths';
 import { ScreenshotOptions } from '@/utils/puppeteer.render';
 import { BiliApi } from '@/models/bilibili/bilibili.api';
 import { gen_buvid_fp } from '@/models/bilibili/bilibili.buid.fp';
+import { getBiliTicket } from '@/models/bilibili/bilibili.ticket';
 
 declare const logger: any;
 
@@ -427,11 +428,11 @@ export async function getNewTempCk() {
 
   const result = await postGateway(newTempCk);
 
-  const { code, data } = await result.data; // 解析校验结果
+  const data = await result.data; // 解析校验结果
 
-  if (code !== 0) {
-    logger?.mark(`优纪插件：tempCK，Gateway校验失败：${JSON.stringify(data)}`);
-  } else if (code === 0) {
+  if (data?.code !== 0) {
+    logger?.error(`优纪插件：tempCK，Gateway校验失败：${JSON.stringify(data)}`);
+  } else if (data?.code === 0) {
     logger?.mark(`优纪插件：tempCK，Gateway校验成功：${JSON.stringify(data)}`);
   }
 }
@@ -594,21 +595,22 @@ async function getPayload(cookie: string) {
  * @returns 返回POST请求的结果
  */
 export async function postGateway(cookie: string) {
-  const payload = getPayload(cookie);
+  const data = { payload: await getPayload(cookie) };
   const requestUrl = 'https://api.bilibili.com/x/internal/gaia-gateway/ExClimbWuzhi';
 
-  const headers = lodash.merge({}, BiliApi.BILIBILI_HEADERS, {
-    'Cookie': cookie,
-    'Content-type': 'Application/json',
-    'Charset': 'UTF-8',
-  }, {
-    'Host': 'api.bilibili.com',
-    'Origin': 'https://www.bilibili.com',
-    'Referer': 'https://www.bilibili.com/',
-  });
+  const config = {
+    headers: lodash.merge({}, BiliApi.BILIBILI_HEADERS, {
+      'Cookie': cookie,
+      'Content-type': 'application/json;charset=UTF-8',
+    }, {
+      'Host': 'api.bilibili.com',
+      'Origin': 'https://www.bilibili.com',
+      'Referer': 'https://www.bilibili.com/',
+    })
+  }
 
   try {
-    const res = await axios.post(requestUrl, { payload }, { headers });
+    const res = await axios.post(requestUrl, data, config);
     return res;
   } catch (error) {
     logger.error('Error making POST request:', error);
@@ -625,3 +627,27 @@ export async function get_buvid_fp(cookie: string) {
   let buvidFp = gen_buvid_fp(uuid, seedget);
   return `buvid_fp=${buvidFp};`;
 }
+
+/**
+ * 获取有效bili_ticket并添加到cookie
+ * @param {string} cookie
+ * @returns {Promise<{ cookie: string; }>} 返回包含最新有效的bili_ticket的cookie
+ */
+export async function cookieWithBiliTicket(cookie: string): Promise<string> {
+  const BiliJctKey = "Yz:yuki:bili:bili_ticket"
+  cookie = await readSavedCookieItems(cookie, ['bili_ticket'], true);
+  const biliTicket = await Redis.get(BiliJctKey);
+  if (!biliTicket) {
+    try {
+      const csrf = await readSavedCookieItems(cookie, ['bili_jct'], false);
+      const { ticket, ttl } = await getBiliTicket(csrf);
+      await Redis.set(BiliJctKey, ticket, { EX: ttl });
+      return cookie + `;bili_ticket=${ticket};`;
+    } catch (error) {
+      logger?.error(`${error}`);
+      return cookie;
+    }
+  } else {
+    return cookie + `;bili_ticket=${biliTicket};`;
+  }
+}

src/models/bilibili/bilibili.ticket.ts

@@ -0,0 +1,64 @@
+import { createHmac } from 'crypto';
+import { BiliApi } from '@/models/bilibili/bilibili.api';
+
+/**
+ * Generate HMAC-SHA256 signature
+ * @param {string} key     The key string to use for the HMAC-SHA256 hash
+ * @param {string} message The message string to hash
+ * @returns {string} The HMAC-SHA256 signature as a hex string
+ */
+function hmacSha256(key: string, message: string): string {
+    return createHmac('sha256', key).update(message).digest('hex');
+}
+
+/**
+ * Get Bilibili web ticket
+ * @param {string | null} csrf CSRF token, can be empty or null, or the cookie's bili_jct value
+ * @returns {Promise<{ code: number, ticket: string, created_at: number, ttl: number }>} 
+ * Promise that resolves to an object containing code, ticket, created_at, and ttl values
+ */
+export async function getBiliTicket(csrf: string | null): Promise<{ code?: number; ticket?: string; created_at?: number; ttl?: number }> {
+    const ts = Math.floor(Date.now() / 1000);
+    const hexSign = hmacSha256('XgwSnGZ1p', `ts${ts}`);
+    const url = 'https://api.bilibili.com/bapis/bilibili.api.ticket.v1.Ticket/GenWebTicket';
+
+    const params = new URLSearchParams({
+        key_id: 'ec02',
+        hexsign: hexSign,
+        'context[ts]': String(ts),
+        csrf: csrf ?? ''  // 使用空字符串代替null
+    });
+
+    try {
+        const response = await fetch(`${url}?${params}`, {
+            method: 'POST',
+            headers: {
+                'User-Agent': BiliApi.BILIBILI_HEADERS['User-Agent']
+            }
+        });
+
+        if (!response.ok) {
+            throw new Error(`get bili_jct HTTP error! status: ${response.status}`);
+        }
+
+        const data = await response.json();
+
+        if (data.code !== 0) {
+            if (data.code === 400) {
+                throw new Error(`get bili_jct Parameter error! ${data.message}`);
+            }
+            throw new Error(`Failed to retrieve bili ticket: ${data.message}`);
+        }
+
+        // 返回所需的对象结构
+        return {
+            code: data.code,
+            ticket: data.data?.ticket,
+            created_at: data.data?.created_at,
+            ttl: data.data?.ttl
+        };
+
+    } catch (error) {
+        throw new Error(`Failed to fetch Bilibili ticket: ${error instanceof Error ? error.message : String(error)}`);
+    }
+}