Authorization Desktop applications VKontakte
VKontakte social network in a somewhat strange way cares about the security of its users, which creates all sorts of obstacles for logging in ways other than the browser without providing SSL. Below is a script in Ruby that allows you to quickly connect your Desktop application to your account via E-Mail and password, and then use the API.
This script is not intended for "industrial" use and the authorization method is not official and may change.
As a result, we get the following answer:
It was written in one evening for personal purposes and does not know how to work with accounts that are not tied to a mobile phone, since captcha is required. And also does not handle possible errors.
You can modify it to your needs as you like, since the principle is clear.
How to work with the API is described in detail here: vk.com/developers.php
About the rights of the application is written in the same place. Upon receipt of the authorization form, it was indicated “settings = 32767”, that is, 2 ^ n-1 such that all rights cannot be obtained by all means. At present, the maximum rights correspond to 16383, which may change in the future.
PS “simple authorization” was removed from the title, as it is relatively simple, but it is difficult to call it trivial.
This script is not intended for "industrial" use and the authorization method is not official and may change.
require 'net/http' # ( ) app_id = '1234567' # ID , email = 'mail@example.com' password = 'qwerty' app_rights = 16383 # (16383 - ) # resp = Net::HTTP.post_form(URI.parse('http://vk.com/login.php'), {'m' => '1', 'email' => email, 'pass' => password}) cookies = resp.response['set-cookie'] remixsid = cookies.split('remixsid=')[1].split(';')[0].split(',')[0] # http://vk.com header = { "Cookie" => 'remixsid=' + remixsid } conn = Net::HTTP.new('vk.com', 80) # resp = conn.get('http://vk.com/login.php?app=' + app_id + '&layout=popup&type=browser&settings=32767', header) auth_hash = resp.body.split('var auth_hash = \'')[1].split('\';')[0] rights_hash = resp.body.split('var app_settings_hash = \'')[1].split('\';')[0] # req = '' mask = 1 14.times do if (app_rights & mask == 0) req += ('&app_settings_' + mask.to_s + '=0') else req += ('&app_settings_' + mask.to_s + '=1') end mask *= 2 end resp = conn.get('http://vk.com/apps.php?act=a_save_settings&addMember=1' + req + '&hash=' + rights_hash + '&id=' + app_id, header) # resp = conn.get('http://vk.com/login.php?act=a_auth&app=' + app_id + '&hash=' + auth_hash + '&permanent=1', header) auth_json = resp.body # API JSON puts auth_json # - As a result, we get the following answer:
{"mid":1000xxxxx,"sid":"xxxx6ed0xxxx2516xxxx49eacd0ec30f9961c01d30d15c3152e459xxxx", "secret":"335xxxxxxx","expire":0} It was written in one evening for personal purposes and does not know how to work with accounts that are not tied to a mobile phone, since captcha is required. And also does not handle possible errors.
You can modify it to your needs as you like, since the principle is clear.
How to work with the API is described in detail here: vk.com/developers.php
About the rights of the application is written in the same place. Upon receipt of the authorization form, it was indicated “settings = 32767”, that is, 2 ^ n-1 such that all rights cannot be obtained by all means. At present, the maximum rights correspond to 16383, which may change in the future.
PS “simple authorization” was removed from the title, as it is relatively simple, but it is difficult to call it trivial.
')
Source: https://habr.com/ru/post/111430/
All Articles