我正在尝试编写与API通信的代码。它更新用户 roblox 组排名。首先,我用Python编写了代码。没有问题。但后来我尝试将它“翻译”为 PHP,由于某种原因,它没有返回与 Python 中相同的标头
我想做一个小组排名系统。出于授权目的,我必须设置
.ROBLOSECURITY
cookie。但即使在那之后我也必须向 auth.roblox.com
发送一个授权请求。将请求发送到设置了 .ROBLOSECURITY
cookie 的端点后,它将返回标头 X-CSRF-TOKEN
。必须设置这两个值才能获得有效授权。
import requests
cookie = "_|WARNING:-DO-NOT-SHARE-THIS.--Sharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items.|..."
session = requests.Session()
session.cookies[".ROBLOSECURITY"] = cookie
req = session.post(
url="https://auth.roblox.com/"
)
if "X-CSRF-Token" in req.headers:
session.headers["X-CSRF-Token"] = req.headers["X-CSRF-Token"]
这段 Python 代码做到了这一点并且有效 这些是添加
print(req.headers)
时返回的标头。
{'content-type': 'application/json; charset=utf-8', 'date': 'Tue, 12 Dec 2023 16:03:33 GMT', 'server': 'Kestrel', 'access-control-expose-headers': 'X-CSRF-TOKEN', 'cache-control': 'no-cache', 'transfer-encoding': 'chunked', 'x-csrf-token': 'the value', 'strict-transport-security': 'max-age=3600', 'x-frame-options': 'SAMEORIGIN', 'roblox-machine-id': '2444778a591b', 'x-roblox-region': 'us-central', 'x-roblox-edge': 'fra4', 'report-to': '{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}', 'nel': '{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}'}
当我有类似的 php 脚本时:
$curl = curl_init();
$authapi = "https://auth.roblox.com/";
$authcookie = "_|WARNING:-DO-NOT-SHARE-THIS.--Sharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items.|...";
curl_setopt($curl, CURLOPT_URL, $authapi);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_HEADER, true);
$cookie = ".ROBLOSECURITY=$authcookie";
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
"Content-Type: application/json", 'Cookie: ' . $cookie
));
curl_setopt($curl, CURLOPT_NOBODY, 0);
$response = curl_exec($curl);
$header_size = curl_getinfo($curl, CURLINFO_HEADER_SIZE);
$headers = substr($response, 0, $header_size);
$body = substr($response, $header_size);
echo $response;
回声返回此。
HTTP/1.1 200 OK
content-length: 16
content-type: application/json; charset=utf-8
date: Tue, 12 Dec 2023 16:13:33 GMT
server: Kestrel
cache-control: no-cache
strict-transport-security: max-age=3600
x-frame-options: SAMEORIGIN
roblox-machine-id: 83cc37212edc
x-roblox-region: us-central
x-roblox-edge: fra4
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://ncs.roblox.com/upload"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1}
{"message":"OK"}
那里没有
X-CSRF-TOKEN
标题。可能是什么问题?谢谢你。
我稍微简化了你的代码,并尝试了这个:
$authapi = "https://auth.roblox.com/";
$authcookie = "_|WARNING:-DO-NOT-SHARE-THIS.--Sharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items.|...";
$curl = curl_init($authapi);
curl_setopt_array($curl, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HEADER => true,
CURLOPT_COOKIE => ".ROBLOSECURITY=$authcookie",
CURLOPT_POST => true,
]);
$response = curl_exec($curl);
$header_size = curl_getinfo($curl, CURLINFO_HEADER_SIZE);
$headers = substr($response, 0, $header_size);
$body = substr($response, $header_size);
echo $response;
它在响应中返回了一个 x-csrf-token