search

alist-org / alist

🗂️A file list/WebDAV program that supports multiple storages, powered by Gin and Solidjs. / 一个支持多存储的文件列表/WebDAV程序,使用 Gin 和 Solidjs。
https://alist.nn.ci
GNU Affero General Public License v3.0
42.11k stars 5.45k forks source link

下载直链文件出现错误 #88

Closed Aquaakuma closed 3 years ago

Aquaakuma commented 3 years ago

所有文件无法预览和打开

<Error>
<Code>InvalidArgument</Code>
<Message>At least one of AdditionalHeaders is not in request headers.</Message>
<RequestId>60701CEE8B1AB8313531B74F</RequestId>
<HostId>bj29.cn-beijing.data.alicloudccp.com</HostId>
</Error>
INFO[2021-04-09 17:22:38]
 ________  ___       ___  ________  _________
|\   __  \|\  \     |\  \|\   ____\|\___   ___\
\ \  \|\  \ \  \    \ \  \ \  \___|\|___ \  \_|
 \ \   __  \ \  \    \ \  \ \_____  \   \ \  \
  \ \  \ \  \ \  \____\ \  \|____|\  \   \ \  \
   \ \__\ \__\ \_______\ \__\____\_\  \   \ \__\
    \|__|\|__|\|_______|\|__|\_________\   \|__|
                            \|_________|
INFO[2021-04-09 17:22:38] 检查更新...
INFO[2021-04-09 17:22:39] 当前已是最新版本:v1.0.3
INFO[2021-04-09 17:22:39] 读取配置文件...
DEBU[2021-04-09 17:22:39] config:&{Info:{Title:AList Roots:[] Logo:https://drive.aqualink.top/d/AquaStock/imgUrl/logo1.png FooterText: FooterUrl: MusicImg:https://img.oez.cc/2020/12/19/0f8b57866bdb5.gif CheckUpdate:true Script:document.querySelector('body').style="background-image:url('https://drive.aqualink.top/d/AquaStock/imgUrl/wallhaven-j8xw9m.jpg');background-attachment:fixed;" Autoplay:true Preview:{Url: PreProcess:[] Extensions:[] Text:[txt htm html xml java properties sql js md json conf ini vue php py bat gitignore yml go sh c cpp h hpp] MaxSize:0}} Server:{Address:0.0.0.0 Port:5244 Search:true Static:dist SiteUrl:* Password:Lin.19990426} AliDrive:{ApiUrl:https://api.aliyundrive.com/v2 MaxFilesCount:3000 Drives:[{AccessToken: RefreshToken:c0795053b4a14ffaa8c664ac8df7aad1 RootFolder:606d2863f69f21f31a2840c1853d4a2429d0a084 Name:AquaStock Password: Hide:false DefaultDriveId:}]} Database:{Type:sqlite3 User: Password: Host: Port:0 Name: TablePrefix: DBFile:alist.db}}
INFO[2021-04-09 17:22:39] 初始化client...
INFO[2021-04-09 17:22:39] 初始化阿里云盘...
INFO[2021-04-09 17:22:39] 刷新所有token...
INFO[2021-04-09 17:22:39] 刷新[AquaStock]token...
DEBU[2021-04-09 17:22:39] do_post_req:&{Method:POST URL:https://auth.aliyundrive.com/v2/account/token Proto:HTTP/1.1 ProtoMajor:1 ProtoMinor:1 Header:map[] Body:{Reader:{"refresh_token":"c0795053b4a14ffaa8c664ac8df7aad1","grant_type":"refresh_token"}
} GetBody:0x7c2e00 ContentLength:82 TransferEncoding:[] Close:false Host:auth.aliyundrive.com Form:map[] PostForm:map[] MultipartForm:<nil> Trailer:map[] RemoteAddr: RequestURI: TLS:<nil> Cancel:<nil> Response:<nil> ctx:0xc000024088}
DEBU[2021-04-09 17:22:39] 请求返回信息:{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiIwZDM1ZTgzNzUzMDQ0NWUwOWExYmYwMGQ3ZTM4ZmI5MCIsImN1c3RvbUpzb24iOiJ7XCJjbGllbnRJZFwiOlwiMjVkelgzdmJZcWt0Vnh5WFwiLFwiZG9tYWluSWRcIjpcImJqMjlcIixcInNjb3BlXCI6W1wiRFJJVkUuQUxMXCIsXCJTSEFSRS5BTExcIixcIkZJTEUuQUxMXCIsXCJVU0VSLkFMTFwiLFwiU1RPUkFHRS5BTExcIixcIlNUT1JBR0VGSUxFLkxJU1RcIixcIkJBVENIXCIsXCJPQVVUSC5BTExcIixcIklNQUdFLkFMTFwiLFwiSU5WSVRFLkFMTFwiXSxcInJvbGVcIjpcInVzZXJcIixcInJlZlwiOlwiaHR0cHM6Ly93d3cuYWxpeXVuZHJpdmUuY29tL1wifSIsImV4cCI6MTYxNzk2NzM1OSwiaWF0IjoxNjE3OTYwMDk5fQ.sRY-7rwZ-zJEV4eEWZ83SQNgP8Ib_pognTRYEa8zteqQWUAZgozK0spBmnH_WlyGVB8gULPz3YASM2cUbCN1SqbNp6e3Ni8Tl5Z-_ffLq8WO35auRRazSjT5RCGwajbQcCGo0Gf2v_-KSdu_Sh8zMpiRJr7ydAah0c5g917j98E","refresh_token":"df0be3cdde4d4bab972f5f30fb912dd0","expires_in":7200,"token_type":"Bearer","user_id":"0d35e837530445e09a1bf00d7e38fb90","user_name":"135***077","avatar":"https://ccp-bj29-bj-1592982087.oss-cn-beijing.aliyuncs.com/pds%2Favatar%2Fcb2146a04f4e403ba3cadbe861320d78?x-oss-access-key-id=LTAIsE5mAn2F493Q\u0026x-oss-expires=1617963759\u0026x-oss-signature=eQrNa70xVtMQVEYKOUFpoaHyYpLRtJJqaGWUgoK6CQA%3D\u0026x-oss-signature-version=OSS2","nick_name":"Aquakuma","default_drive_id":"74470","default_sbox_drive_id":"74471","role":"user","status":"enabled","expire_time":"2021-04-09T11:22:39Z","state":"","exist_link":[],"need_link":false,"user_data":{"DingDingRobotUrl":"https://oapi.dingtalk.com/robot/send?access_token=0b4a936d0e98c08608cd99f693393c18fa905aa0868215485a28497501916fec","EncourageDesc":"内测期间有效反馈前10名用户将获得终身免费会员","FeedBackSwitch":true,"FollowingDesc":"34848372","back_up_config":{"手机备份":{"folder_id":"606ba345949bb7bd8a784fe195f72dd3e3b0ac8b","photo_folder_id":"606ba3459e55cf0555aa42ab8ecc2288691849d3","sub_folder":{},"video_folder_id":"606ba34575216e412c2a4db588f4e7b3844b45f1"}},"ding_ding_robot_url":"https://oapi.dingtalk.com/robot/send?access_token=0b4a936d0e98c08608cd99f693393c18fa905aa0868215485a28497501916fec","encourage_desc":"内测期间有效反馈前10名用户将获得终身免费会员","feed_back_switch":true,"following_desc":"34848372","share":"5fb23a699f400bdf8fcd402c8426bb3362fdf8cd"},"pin_setup":true,"is_first_login":false,"need_rp_verify":false,"device_id":"5fd951d713a64632b4b42be49c365c3c"}
DEBU[2021-04-09 17:22:39] config:&{Info:{Title:AList Roots:[AquaStock] Logo:https://drive.aqualink.top/d/AquaStock/imgUrl/logo1.png FooterText: FooterUrl: MusicImg:https://img.oez.cc/2020/12/19/0f8b57866bdb5.gif CheckUpdate:true Script:document.querySelector('body').style="background-image:url('https://drive.aqualink.top/d/AquaStock/imgUrl/wallhaven-j8xw9m.jpg');background-attachment:fixed;" Autoplay:true Preview:{Url: PreProcess:[] Extensions:[] Text:[txt htm html xml java properties sql js md json conf ini vue php py bat gitignore yml go sh c cpp h hpp] MaxSize:0}} Server:{Address:0.0.0.0 Port:5244 Search:true Static:dist SiteUrl:* Password:Lin.19990426} AliDrive:{ApiUrl:https://api.aliyundrive.com/v2 MaxFilesCount:3000 Drives:[{AccessToken:eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiIwZDM1ZTgzNzUzMDQ0NWUwOWExYmYwMGQ3ZTM4ZmI5MCIsImN1c3RvbUpzb24iOiJ7XCJjbGllbnRJZFwiOlwiMjVkelgzdmJZcWt0Vnh5WFwiLFwiZG9tYWluSWRcIjpcImJqMjlcIixcInNjb3BlXCI6W1wiRFJJVkUuQUxMXCIsXCJTSEFSRS5BTExcIixcIkZJTEUuQUxMXCIsXCJVU0VSLkFMTFwiLFwiU1RPUkFHRS5BTExcIixcIlNUT1JBR0VGSUxFLkxJU1RcIixcIkJBVENIXCIsXCJPQVVUSC5BTExcIixcIklNQUdFLkFMTFwiLFwiSU5WSVRFLkFMTFwiXSxcInJvbGVcIjpcInVzZXJcIixcInJlZlwiOlwiaHR0cHM6Ly93d3cuYWxpeXVuZHJpdmUuY29tL1wifSIsImV4cCI6MTYxNzk2NzM1OSwiaWF0IjoxNjE3OTYwMDk5fQ.sRY-7rwZ-zJEV4eEWZ83SQNgP8Ib_pognTRYEa8zteqQWUAZgozK0spBmnH_WlyGVB8gULPz3YASM2cUbCN1SqbNp6e3Ni8Tl5Z-_ffLq8WO35auRRazSjT5RCGwajbQcCGo0Gf2v_-KSdu_Sh8zMpiRJr7ydAah0c5g917j98E RefreshToken:df0be3cdde4d4bab972f5f30fb912dd0 RootFolder:606d2863f69f21f31a2840c1853d4a2429d0a084 Name:AquaStock Password: Hide:false DefaultDriveId:}]} Database:{Type:sqlite3 User: Password: Host: Port:0 Name: TablePrefix: DBFile:alist.db}}
DEBU[2021-04-09 17:22:39] do_post_req:&{Method:POST URL:https://api.aliyundrive.com/v2/user/get Proto:HTTP/1.1 ProtoMajor:1 ProtoMinor:1 Header:map[] Body:{Reader:{}
} GetBody:0x7c2e00 ContentLength:3 TransferEncoding:[] Close:false Host:api.aliyundrive.com Form:map[] PostForm:map[] MultipartForm:<nil> Trailer:map[] RemoteAddr: RequestURI: TLS:<nil> Cancel:<nil> Response:<nil> ctx:0xc000024088}
DEBU[2021-04-09 17:22:39] 请求返回信息:{"domain_id":"bj29","user_id":"0d35e837530445e09a1bf00d7e38fb90","avatar":"https://ccp-bj29-bj-1592982087.oss-cn-beijing.aliyuncs.com/pds%2Favatar%2Fcb2146a04f4e403ba3cadbe861320d78?x-oss-access-key-id=LTAIsE5mAn2F493Q&x-oss-expires=1617963759&x-oss-signature=eQrNa70xVtMQVEYKOUFpoaHyYpLRtJJqaGWUgoK6CQA%3D&x-oss-signature-version=OSS2","created_at":1605515880120,"updated_at":1617666885431,"email":"","nick_name":"Aquakuma","phone":"13559977077","role":"user","status":"enabled","user_name":"135***077","description":"","default_drive_id":"74470","user_data":{"back_up_config":{"手机备份":{"folder_id":"606ba345949bb7bd8a784fe195f72dd3e3b0ac8b","photo_folder_id":"606ba3459e55cf0555aa42ab8ecc2288691849d3","sub_folder":{},"video_folder_id":"606ba34575216e412c2a4db588f4e7b3844b45f1"}},"share":"5fb23a699f400bdf8fcd402c8426bb3362fdf8cd"}}
INFO[2021-04-09 17:22:39] 初始化盘[AquaStock]成功:&{RespError:{Code: Message:} DomainId:bj29 UserId:0d35e837530445e09a1bf00d7e38fb90 Avatar:https://ccp-bj29-bj-1592982087.oss-cn-beijing.aliyuncs.com/pds%2Favatar%2Fcb2146a04f4e403ba3cadbe861320d78?x-oss-access-key-id=LTAIsE5mAn2F493Q&x-oss-expires=1617963759&x-oss-signature=eQrNa70xVtMQVEYKOUFpoaHyYpLRtJJqaGWUgoK6CQA%3D&x-oss-signature-version=OSS2 CreatedAt:1605515880120 UpdatedAt:1617666885431 Email: NickName:Aquakuma Phone:13559977077 Role:user Status:enabled UserName:135***077 Description: DefaultDriveId:74470 UserData:map[back_up_config:map[手机备份:map[folder_id:606ba345949bb7bd8a784fe195f72dd3e3b0ac8b photo_folder_id:606ba3459e55cf0555aa42ab8ecc2288691849d3 sub_folder:map[] video_folder_id:606ba34575216e412c2a4db588f4e7b3844b45f1]] share:5fb23a699f400bdf8fcd402c8426bb3362fdf8cd]}
INFO[2021-04-09 17:22:39] 初始化数据库...
INFO[2021-04-09 17:22:39] 初始化定时任务:刷新token
[GIN-debug] [WARNING] Creating an Engine instance with the Logger and Recovery middleware already attached.

[GIN-debug] [WARNING] Running in "debug" mode. Switch to "release" mode in production.
 - using env:   export GIN_MODE=release
 - using code:  gin.SetMode(gin.ReleaseMode)

INFO[2021-04-09 17:22:39] 初始化路由...
[GIN-debug] GET    /api/info                 --> github.com/Xhofe/alist/server/controllers.Info (5 handlers)
[GIN-debug] POST   /api/get                  --> github.com/Xhofe/alist/server/controllers.Get (5 handlers)
[GIN-debug] POST   /api/path                 --> github.com/Xhofe/alist/server/controllers.Path (5 handlers)
[GIN-debug] POST   /api/office_preview/:drive --> github.com/Xhofe/alist/server/controllers.OfficePreview (5 handlers)
[GIN-debug] POST   /api/video_preview/:drive --> github.com/Xhofe/alist/server/controllers.VideoPreview (5 handlers)
[GIN-debug] POST   /api/local_search         --> github.com/Xhofe/alist/server/controllers.LocalSearch (5 handlers)
[GIN-debug] POST   /api/global_search        --> github.com/Xhofe/alist/server/controllers.GlobalSearch (5 handlers)
[GIN-debug] GET    /api/rebuild/:drive/:password --> github.com/Xhofe/alist/server/controllers.RebuildTree (5 handlers)
[GIN-debug] GET    /d/*path                  --> github.com/Xhofe/alist/server/controllers.Down (5 handlers)
INFO[2021-04-09 17:22:39] Starting server @ 0.0.0.0:5244
[GIN-debug] Listening and serving HTTP on 0.0.0.0:5244
DEBU[2021-04-09 17:22:43] down:AquaStock
[GIN] 2021/04/09 - 17:22:43 | 200 |     735.382µs |   61.131.11.254 | GET      "/d/AquaStock?pw=907325c69271ddf0"
DEBU[2021-04-09 17:22:43] path:{Path:AquaStock Password:pass}
[GIN] 2021/04/09 - 17:22:43 | 200 |     550.033µs |   61.131.11.254 | POST     "/api/path"
DEBU[2021-04-09 17:22:44] path:{Path:AquaStock/imgUrl Password:pass}
[GIN] 2021/04/09 - 17:22:44 | 200 |     599.353µs |   61.131.11.254 | POST     "/api/path"
DEBU[2021-04-09 17:22:45] path:{Path:AquaStock/imgUrl/logo1.png Password:pass}
[GIN] 2021/04/09 - 17:22:45 | 200 |     334.361µs |   61.131.11.254 | POST     "/api/path"
DEBU[2021-04-09 17:22:45] down:AquaStock/imgUrl/logo1.png
DEBU[2021-04-09 17:22:45] do_post_req:&{Method:POST URL:https://api.aliyundrive.com/v2/file/get_download_url Proto:HTTP/1.1 ProtoMajor:1 ProtoMinor:1 Header:map[] Body:{Reader:{"drive_id":"74470","file_id":"606f010752c5091c6d674d4fae4664c1f6eef8ad","expire_sec":14400,"file_name":""}
} GetBody:0x7c2e00 ContentLength:108 TransferEncoding:[] Close:false Host:api.aliyundrive.com Form:map[] PostForm:map[] MultipartForm:<nil> Trailer:map[] RemoteAddr: RequestURI: TLS:<nil> Cancel:<nil> Response:<nil> ctx:0xc000024088}
DEBU[2021-04-09 17:22:45] 请求返回信息:{"method":"GET","url":"https://bj29.cn-beijing.data.alicloudccp.com/5MOLcbsZ%2F74470%2F606f010752c5091c6d674d4fae4664c1f6eef8ad%2F606f0107f2e7614838b24406b4b30bde4a20af5d?di=bj29&dr=74470&f=606f010752c5091c6d674d4fae4664c1f6eef8ad&response-content-disposition=attachment%3B%20filename%2A%3DUTF-8%27%27logo1.png&u=0d35e837530445e09a1bf00d7e38fb90&x-oss-access-key-id=LTAIsE5mAn2F493Q&x-oss-additional-headers=referer&x-oss-expires=1617974565&x-oss-signature=Ciaf8k9D%2F8GfVGFiAVNbX%2FMw%2FkpbytwIwxrLWaK6rC8%3D&x-oss-signature-version=OSS2","expiration":"2021-04-09T13:22:45.627Z","size":80806,"ratelimit":{"part_speed":-1,"part_size":-1}}
[GIN] 2021/04/09 - 17:22:45 | 301 |   75.582062ms |   61.131.11.254 | GET      "/d/AquaStock/imgUrl/logo1.png?pw=907325c69271ddf0"
DEBU[2021-04-09 17:22:54] down:AquaStock/imgUrl/logo1.png
DEBU[2021-04-09 17:22:54] do_post_req:&{Method:POST URL:https://api.aliyundrive.com/v2/file/get_download_url Proto:HTTP/1.1 ProtoMajor:1 ProtoMinor:1 Header:map[] Body:{Reader:{"drive_id":"74470","file_id":"606f010752c5091c6d674d4fae4664c1f6eef8ad","expire_sec":14400,"file_name":""}
} GetBody:0x7c2e00 ContentLength:108 TransferEncoding:[] Close:false Host:api.aliyundrive.com Form:map[] PostForm:map[] MultipartForm:<nil> Trailer:map[] RemoteAddr: RequestURI: TLS:<nil> Cancel:<nil> Response:<nil> ctx:0xc000024088}
DEBU[2021-04-09 17:22:54] 请求返回信息:{"method":"GET","url":"https://bj29.cn-beijing.data.alicloudccp.com/5MOLcbsZ%2F74470%2F606f010752c5091c6d674d4fae4664c1f6eef8ad%2F606f0107f2e7614838b24406b4b30bde4a20af5d?di=bj29&dr=74470&f=606f010752c5091c6d674d4fae4664c1f6eef8ad&response-content-disposition=attachment%3B%20filename%2A%3DUTF-8%27%27logo1.png&u=0d35e837530445e09a1bf00d7e38fb90&x-oss-access-key-id=LTAIsE5mAn2F493Q&x-oss-additional-headers=referer&x-oss-expires=1617974574&x-oss-signature=vmL4dImDF9F88lxQU4xt3jC8BIJfSgcUAojZG5adMoI%3D&x-oss-signature-version=OSS2","expiration":"2021-04-09T13:22:54.099Z","size":80806,"ratelimit":{"part_speed":-1,"part_size":-1}}
[GIN] 2021/04/09 - 17:22:54 | 301 |   55.802224ms |   61.131.11.254 | GET      "/d/AquaStock/imgUrl/logo1.png?pw=907325c69271ddf0"
w311ang commented 3 years ago

https://alist.now.sh 这都有问题了

122cygf commented 3 years ago

经过尝试,换成客户端抓的refresh_token可以暂时解决问题,剩下的我有空再看

Aquaakuma commented 3 years ago

阿里返回的错误说是请求头少了什么,是不是阿里添加了一些请求参数的要求。

122cygf commented 3 years ago

阿里返回的错误说是请求头少了什么,是不是阿里添加了一些请求参数的要求。

没,和上次差不多,都是要referer请求头

yimouleng commented 3 years ago

经过尝试,换成客户端抓的refresh_token可以暂时解决问题,剩下的我有空再看

手机端抓取没找到refresh_token参数,请求头内cookie2参数是否是refresh_token?

122cygf commented 3 years ago

经过尝试,换成客户端抓的refresh_token可以暂时解决问题,剩下的我有空再看

手机端抓取没找到refresh_token参数,请求头内cookie2参数是否是refresh_token?

看起来并不是,你可以想办法修改请求头的access_token让请求失效,之后他会访问ht tps://auth.aliy undrive.com/v2/acco unt/token,body中有refresh_token

yimouleng commented 3 years ago

经过尝试,换成客户端抓的refresh_token可以暂时解决问题,剩下的我有空再看

手机端抓取没找到refresh_token参数,请求头内cookie2参数是否是refresh_token?

看起来并不是,你可以想办法修改请求头的access_token让请求失效,之后他会访问ht tps://auth.aliy undrive.com/v2/acco unt/token,body中有refresh_token

请求头没有发现access_token,想重写请求没法重写,iOS客户端

122cygf commented 3 years ago

经过尝试,换成客户端抓的refresh_token可以暂时解决问题,剩下的我有空再看

手机端抓取没找到refresh_token参数,请求头内cookie2参数是否是refresh_token?

看起来并不是,你可以想办法修改请求头的access_token让请求失效,之后他会访问ht tps://auth.aliy undrive.com/v2/acco unt/token,body中有refresh_token

请求头没有发现access_token,想重写请求没法重写,iOS客户端

那你多抓抓看能不能碰上(

Aquaakuma commented 3 years ago

有没有网页版的解决方案,手机端是不是有ssl。

Aquaakuma commented 3 years ago

有没有网页版的解决方案,手机端是不是有ssl。

手机抓到的token会不会被程序的自动更新token给覆盖掉,我记得程序会自动更新token

122cygf commented 3 years ago

有没有网页版的解决方案,手机端是不是有ssl。

暂时没深研究

w311ang commented 3 years ago

经过尝试,换成客户端抓的refresh_token可以暂时解决问题,剩下的我有空再看

客户端抓的refresh_token我怎么就不行

w311ang commented 3 years ago

经过尝试,换成客户端抓的refresh_token可以暂时解决问题,剩下的我有空再看

手机端抓取没找到refresh_token参数,请求头内cookie2参数是否是refresh_token?

看起来并不是,你可以想办法修改请求头的access_token让请求失效,之后他会访问ht tps://auth.aliy undrive.com/v2/acco unt/token,body中有refresh_token

我使用的是这个方法,是不是有可能是限制ip了,我获取token是在本地,而alist我是挂在vps上的

yimouleng commented 3 years ago

经过尝试,换成客户端抓的refresh_token可以暂时解决问题,剩下的我有空再看

手机端抓取没找到refresh_token参数,请求头内cookie2参数是否是refresh_token?

看起来并不是,你可以想办法修改请求头的access_token让请求失效,之后他会访问ht tps://auth.aliy undrive.com/v2/acco unt/token,body中有refresh_token

请求头没有发现access_token,想重写请求没法重写,iOS客户端

那你多抓抓看能不能碰上(

iOS还是不行,直接用安卓模拟器拿到了token,替换后成功

w311ang commented 3 years ago

经过尝试,换成客户端抓的refresh_token可以暂时解决问题,剩下的我有空再看

手机端抓取没找到refresh_token参数,请求头内cookie2参数是否是refresh_token?

看起来并不是,你可以想办法修改请求头的access_token让请求失效,之后他会访问ht tps://auth.aliy undrive.com/v2/acco unt/token,body中有refresh_token

请求头没有发现access_token,想重写请求没法重写,iOS客户端

那你多抓抓看能不能碰上(

iOS还是不行,直接用安卓模拟器拿到了token,替换后成功

你的alist是放在本地的吗

yimouleng commented 3 years ago

经过尝试,换成客户端抓的refresh_token可以暂时解决问题,剩下的我有空再看

手机端抓取没找到refresh_token参数,请求头内cookie2参数是否是refresh_token?

看起来并不是,你可以想办法修改请求头的access_token让请求失效,之后他会访问ht tps://auth.aliy undrive.com/v2/acco unt/token,body中有refresh_token

请求头没有发现access_token,想重写请求没法重写,iOS客户端

那你多抓抓看能不能碰上(

iOS还是不行,直接用安卓模拟器拿到了token,替换后成功

你的alist是放在本地的吗

服务器,跟放哪里没关系的

zy84338719 commented 3 years ago

经过尝试,换成客户端抓的refresh_token可以暂时解决问题,剩下的我有空再看

手机端抓取没找到refresh_token参数,请求头内cookie2参数是否是refresh_token?

看起来并不是,你可以想办法修改请求头的access_token让请求失效,之后他会访问ht tps://auth.aliy undrive.com/v2/acco unt/token,body中有refresh_token

我看了一下 两个下载文件 加盐这块有变动 可以加盐算法改了?

curl 'https://api.aliyundrive.com/v2/file/get_download_url' \ -H 'authority: api.aliyundrive.com' \ -H 'sec-ch-ua: "Google Chrome";v="89", "Chromium";v="89", ";Not A Brand";v="99"' \ -H 'accept: application/json, text/plain, /' \ -H 'dnt: 1' \ -H 'authorization: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiI2MjQ5NGE2NTg3ZDY0NGQ0YTE2NzRmNzI0NzgzYTkyMCIsImN1c3RvbUpzb24iOiJ7XCJjbGllbnRJZFwiOlwiMjVkelgzdmJZcWt0Vnh5WFwiLFwiZG9tYWluSWRcIjpcImJqMjlcIixcInNjb3BlXCI6W1wiRFJJVkUuQUxMXCIsXCJTSEFSRS5BTExcIixcIkZJTEUuQUxMXCIsXCJVU0VSLkFMTFwiLFwiU1RPUkFHRS5BTExcIixcIlNUT1JBR0VGSUxFLkxJU1RcIixcIkJBVENIXCIsXCJPQVVUSC5BTExcIixcIklNQUdFLkFMTFwiLFwiSU5WSVRFLkFMTFwiXSxcInJvbGVcIjpcInVzZXJcIixcInJlZlwiOlwiaHR0cHM6Ly93d3cuYWxpeXVuZHJpdmUuY29tL1wifSIsImV4cCI6MTYxNzk4ODk5NiwiaWF0IjoxNjE3OTgxNzM2fQ.EIYq21INcta9yGSgw27DzwQqWzXDRBZhvUpLyKGIPUuDmhb1r7EURwsN8jfTU5cPn3UAb5SHjin7VA5sBPsUq08UZH4jAmeqCAiCww-HwYls1Kqb3lbPaK6jxaajzptFD3-fkJaiB79vuEEhsY9m7tSfFXuYluJ0sFmRzSrng' \ -H 'sec-ch-ua-mobile: ?0' \ -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36' \ -H 'content-type: application/json;charset=UTF-8' \ -H 'origin: https://www.aliyundrive.com' \ -H 'sec-fetch-site: same-site' \ -H 'sec-fetch-mode: cors' \ -H 'sec-fetch-dest: empty' \ -H 'referer: https://www.aliyundrive.com/' \ -H 'accept-language: zh,zh-CN;q=0.9' \ --data-raw '{"drive_id":"23270550","file_id":"605cd20f05d6858f199348bb93f0e306cd3bda44"}' \ --compressed

122cygf commented 3 years ago

有一个稍微简单点的方法,可以在浏览器控制台抓登录时候的包,登录有一个包是https://pass port.aliyundr ive.com/newlogin/sms/login.do,返回值json里有个bizExt,base64解码之后最底下有个refresh_token,用那个token下载就正常了

zy84338719 commented 3 years ago

有一个稍微简单点的方法,可以在浏览器控制台抓登录时候的包,登录有一个包是https://pass port.aliyundr ive.com/newlogin/sms/login.do,返回值json里有个bizExt,base64解码之后最底下有个refresh_token,用那个token下载就正常了

现在返回值是这样子的 并没有 biz

{ "content": { "data": { "resultCode": 100, "iframeRedirect": true, "iframeRedirectUrl": "https://passport.aliyundrive.com/iv/remote/pc/mini_login_check.htm?havana_iv_token=CN-SPLIT-AQj9y6OyrUAQ2AQiDWhhdmFuYV9hcHBfaXYyAQE4xrmIvosvQAFKEOkf6AQdd2LQyLz0OMDSODcYKEjDRuyyanVEZMvJS09_RiTkwQ" }, "status": 0, "success": true }, "hasError": false }

w311ang commented 3 years ago

重新安装,再改refresh_token好了

122cygf commented 3 years ago

好玄学

Aquaakuma commented 3 years ago

不行啊,删除数据库重新启动还是那样

122cygf commented 3 years ago

有一个稍微简单点的方法,可以在浏览器控制台抓登录时候的包,登录有一个包是https://pass port.aliyundr ive.com/newlogin/sms/login.do,返回值json里有个bizExt,base64解码之后最底下有个refresh_token,用那个token下载就正常了

现在返回值是这样子的 并没有 biz

{ "content": { "data": { "resultCode": 100, "iframeRedirect": true, "iframeRedirectUrl": "https://passport.aliyundrive.com/iv/remote/pc/mini_login_check.htm?havana_iv_token=CN-SPLIT-AQj9y6OyrUAQ2AQiDWhhdmFuYV9hcHBfaXYyAQE4xrmIvosvQAFKEOkf6AQdd2LQyLz0OMDSODcYKEjDRuyyanVEZMvJS09_RiTkwQ" }, "status": 0, "success": true }, "hasError": false }

这里呢https://passport.aliyundrive.com/mini_login.htm?lang=zh_cn&appName=aliyun_drive&appEntrance=web&styleType=auto&bizParams=&notLoadSsoView=false&notKeepLogin=false&isMobile=true&hidePhoneCode=true&rnd=0.9186864872885723

Aquaakuma commented 3 years ago

有一个稍微简单点的方法,可以在浏览器控制台抓登录时候的包,登录有一个包是https://pass port.aliyundr ive.com/newlogin/sms/login.do,返回值json里有个bizExt,base64解码之后最底下有个refresh_token,用那个token下载就正常了

现在返回值是这样子的 并没有 biz { "content": { "data": { "resultCode": 100, "iframeRedirect": true, "iframeRedirectUrl": "https://passport.aliyundrive.com/iv/remote/pc/mini_login_check.htm?havana_iv_token=CN-SPLIT-AQj9y6OyrUAQ2AQiDWhhdmFuYV9hcHBfaXYyAQE4xrmIvosvQAFKEOkf6AQdd2LQyLz0OMDSODcYKEjDRuyyanVEZMvJS09_RiTkwQ" }, "status": 0, "success": true }, "hasError": false }

这里呢https://passport.aliyundrive.com/mini_login.htm?lang=zh_cn&appName=aliyun_drive&appEntrance=web&styleType=auto&bizParams=&notLoadSsoView=false&notKeepLogin=false&isMobile=true&hidePhoneCode=true&rnd=0.9186864872885723

这个我可以获取到,但是放配置文件里还是不行,是不是因为程序会自动刷新token啊,每次打开conf.yml那个token都不一样

122cygf commented 3 years ago

有一个稍微简单点的方法,可以在浏览器控制台抓登录时候的包,登录有一个包是https://pass port.aliyundr ive.com/newlogin/sms/login.do,返回值json里有个bizExt,base64解码之后最底下有个refresh_token,用那个token下载就正常了

现在返回值是这样子的 并没有 biz { "content": { "data": { "resultCode": 100, "iframeRedirect": true, "iframeRedirectUrl": "https://passport.aliyundrive.com/iv/remote/pc/mini_login_check.htm?havana_iv_token=CN-SPLIT-AQj9y6OyrUAQ2AQiDWhhdmFuYV9hcHBfaXYyAQE4xrmIvosvQAFKEOkf6AQdd2LQyLz0OMDSODcYKEjDRuyyanVEZMvJS09_RiTkwQ" }, "status": 0, "success": true }, "hasError": false }

这里呢https://passport.aliyundrive.com/mini_login.htm?lang=zh_cn&appName=aliyun_drive&appEntrance=web&styleType=auto&bizParams=&notLoadSsoView=false&notKeepLogin=false&isMobile=true&hidePhoneCode=true&rnd=0.9186864872885723

这个我可以获取到,但是放配置文件里还是不行,是不是因为程序会自动刷新token啊,每次打开conf.yml那个token都不一样

主要是拿里面的refresh_token

Aquaakuma commented 3 years ago

有一个稍微简单点的方法,可以在浏览器控制台抓登录时候的包,登录有一个包是https://pass port.aliyundr ive.com/newlogin/sms/login.do,返回值json里有个bizExt,base64解码之后最底下有个refresh_token,用那个token下载就正常了

现在返回值是这样子的 并没有 biz { "content": { "data": { "resultCode": 100, "iframeRedirect": true, "iframeRedirectUrl": "https://passport.aliyundrive.com/iv/remote/pc/mini_login_check.htm?havana_iv_token=CN-SPLIT-AQj9y6OyrUAQ2AQiDWhhdmFuYV9hcHBfaXYyAQE4xrmIvosvQAFKEOkf6AQdd2LQyLz0OMDSODcYKEjDRuyyanVEZMvJS09_RiTkwQ" }, "status": 0, "success": true }, "hasError": false }

这里呢https://passport.aliyundrive.com/mini_login.htm?lang=zh_cn&appName=aliyun_drive&appEntrance=web&styleType=auto&bizParams=&notLoadSsoView=false&notKeepLogin=false&isMobile=true&hidePhoneCode=true&rnd=0.9186864872885723

这个我可以获取到,但是放配置文件里还是不行,是不是因为程序会自动刷新token啊,每次打开conf.yml那个token都不一样

主要是拿里面的refresh_token

可以拿到的,但是还是和之前一样,会不会是因为alist会自动刷新refresh_token,我把拿到的覆盖掉了,可以了,我的错

leganck commented 3 years ago

有一个稍微简单点的方法,可以在浏览器控制台抓登录时候的包,登录有一个包是https://pass port.aliyundr ive.com/newlogin/sms/login.do,返回值json里有个bizExt,base64解码之后最底下有个refresh_token,用那个token下载就正常了

现在返回值是这样子的 并没有 biz { "content": { "data": { "resultCode": 100, "iframeRedirect": true, "iframeRedirectUrl": "https://passport.aliyundrive.com/iv/remote/pc/mini_login_check.htm?havana_iv_token=CN-SPLIT-AQj9y6OyrUAQ2AQiDWhhdmFuYV9hcHBfaXYyAQE4xrmIvosvQAFKEOkf6AQdd2LQyLz0OMDSODcYKEjDRuyyanVEZMvJS09_RiTkwQ" }, "status": 0, "success": true }, "hasError": false }

这里呢https://passport.aliyundrive.com/mini_login.htm?lang=zh_cn&appName=aliyun_drive&appEntrance=web&styleType=auto&bizParams=&notLoadSsoView=false&notKeepLogin=false&isMobile=true&hidePhoneCode=true&rnd=0.9186864872885723

这个链接获取到的token确实可以下载

chauncey09 commented 3 years ago

https://media.cooluc.com/decode_token/ 参考这个教程解决了问题

tongjun741 commented 2 years ago

https://media.cooluc.com/decode_token/ 参考这个教程解决了问题

之前总是获取不到refresh_token,总结了一下操作要点:如果登录时发现有二次验证的文字的话是不成功的,需要在当前浏览器窗口中重新按上面的操作步骤再操作一次。

EvansFix commented 2 years ago

最近好像会提示 【Request has expired.】 不知道是部分文件还是啥?

AccessDenied Request has expired. 619CAE39F797DE38331CB8AF bjxx.cn-beijing.data.alicloudccp.com 2021-11-23T07:45:31.000Z 2021-11-23T09:02:49.000Z
xiaokaixuan commented 2 years ago

https://media.cooluc.com/decode_token/ 使用这个方法抓取Refresh 阿里会提示系统错误,请稍后重试

登陆时先过验证后再打开开发者工具,不然过不了验证的。

Penghaiku commented 2 years ago

https://www.appmiu.com/lesson/11960/ 参考这个抓取 刷新令牌 2022-5-3成功

huxuan1201 commented 2 years ago

这个挂载infuse无法播放的

liheji commented 2 years ago

有一个稍微简单点的方法,可以在浏览器控制台抓登录时候的包,登录有一个包是https://pass port.aliyundr ive.com/newlogin/sms/login.do,返回值json里有个bizExt,base64解码之后最底下有个refresh_token,用那个token下载就正常了

使用网页版 -> 账号密码登录 已获取到不用验证 referer 的 refresh_token,感谢!

bohong65 commented 2 years ago

有一个稍微简单点的方法,可以在浏览器控制台抓登录时候的包,登录有一个包是https://pass port.aliyundr ive.com/newlogin/sms/login.do,返回值json里有个bizExt,base64解码之后最底下有个refresh_token,用那个token下载就正常了

2022.08.23亲测以下方案成功,PC端浏览器登录这里https://passport.aliyundrive.com/mini_login.htm?lang=zh_cn&appName=aliyun_drive&appEntrance=web&styleType=auto&bizParams=&notLoadSsoView=false&notKeepLogin=false&isMobile=true&hidePhoneCode=true&rnd=0.9186864872885723(移动端登录地址) 然后login.do的response返回值json里bizExt值,base64解码之后最底下refresh_token可以实现下载和在线播放了

xinxuanjvshi commented 2 years ago

https://media.cooluc.com/decode_token/ 参考这个教程解决了问题

按照此教程预览和下载问题都完美解决速度很快,感谢!

tces1 commented 2 years ago

有一个稍微简单点的方法,可以在浏览器控制台抓登录时候的包,登录有一个包是https://pass port.aliyundr ive.com/newlogin/sms/login.do,返回值json里有个bizExt,base64解码之后最底下有个refresh_token,用那个token下载就正常了

亲测可用,而且不过第三方,用着放心

jiemo9527 commented 1 year ago

小黄鸟抓包 打开APP,搜 https://auth.aliyundrive.com/v2/account/token 得到里面的refresg_token值。这个比较简单。过ssl证书可以root或者xp模块或者虚拟机方式很多。

MicroNeutron commented 1 year ago

这是安卓的抓包 那我iPhone怎么办

jiemo9527 commented 1 year ago

这是安卓的抓包 那我iPhone怎么办

换个安卓机登录下,或者虚拟机

MicroNeutron commented 1 year ago

Ok

huxuan1201 commented 1 year ago

感谢大佬

无云 @.***

 

------------------ 原始邮件 ------------------ 发件人: "alist-org/alist" @.>; 发送时间: 2022年8月8日(星期一) 中午1:28 @.>; @.**@.>; 主题: Re: [alist-org/alist] 下载直链文件出现错误 (#88)

有一个稍微简单点的方法,可以在浏览器控制台抓登录时候的包,登录有一个包是https://pass port.aliyundr ive.com/newlogin/sms/login.do,返回值json里有个bizExt,base64解码之后最底下有个refresh_token,用那个token下载就正常了

使用网页版 -> 账号密码登录 已获取到不用验证 referer 的 refresh_token,感谢!

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you commented.Message ID: @.***>

ma5d commented 1 year ago

有一个稍微简单点的方法,可以在浏览器控制台抓登录时候的包,登录有一个包是https://pass port.aliyundr ive.com/newlogin/sms/login.do,返回值json里有个bizExt,base64解码之后最底下有个refresh_token,用那个token下载就正常了

2022/10/13 0:01 此法可行

Meteorsss commented 1 year ago

小黄鸟抓包 打开APP,搜 https://auth.aliyundrive.com/v2/account/token 得到里面的refresg_token值。这个比较简单。过ssl证书可以root或者xp模块或者虚拟机方式很多。

这样抓包阿里云盘闪退啊

Karlex-source commented 1 year ago

小黄鸟抓包 打开APP,搜 https://auth.aliyundrive.com/v2/account/token 得到里面的refresg_token值。这个比较简单。过ssl证书可以root或者xp模块或者虚拟机方式很多。

这样抓包阿里云盘闪退啊

不要抓阿里云盘app,手机浏览器打开https://passport.aliyundrive.com/mini_login.htm?lang=zh_cn&appName=aliyun_drive&appEntrance=web&styleType=auto&bizParams=&notLoadSsoView=false&notKeepLogin=false&isMobile=true&hidePhoneCode=true&rnd=0.9186864872885723 ,先过验证再点击抓包,login.do?appName=aliyun中的response,base64解密出token

Lin1031 commented 1 year ago

https://www.appmiu.com/lesson/11960/ 参考这个抓取 刷新令牌 2022-5-3成功

2022.11.01有效

zepang commented 1 year ago

https://www.appmiu.com/lesson/11960/ 参考这个抓取 刷新令牌 2022-5-3成功

2022.11.01有效

是拿到了令牌但是无法播放视频和预览

flyklmwl commented 1 year ago

InvalidArgument At least one of AdditionalHeaders is not in request headers 直链下载报错

已经解决了,参考 https://passport.aliyundrive.com/mini_login.htm?lang=zh_cn&appName=aliyun_drive&appEntrance=web&styleType=auto&bizParams=&notLoadSsoView=false&notKeepLogin=false&isMobile=true&hidePhoneCode=true&rnd=0.9186864872885723

https://media.cooluc.com/decode_token/

nnssz commented 1 year ago

ali云盘的refresh_tocken必须是移动端的,否则alist当中只能预览文件名,无法播放或下载。 下面的活动ali云盘移动端tocken方法有效(20221210) https://media.cooluc.com/decode_token/

makochan2022 commented 1 year ago

ali云盘的refresh_tocken必须是移动端的,否则alist当中只能预览文件名,无法播放或下载。 下面的活动ali云盘移动端tocken方法有效(20221210) https://media.cooluc.com/decode_token/

用这个方法还是无法直链,只能代理!大神有最新方法么