feat: 各种接口补充与错误修正 (#1066)

* fix(video/collection.md): unclosed xml tags * feat(video/report.md): uuid not really random * feat: b23.tv short link * feat: login/moral/exp log * feat: v_voucher * feat: upload video cover & post * feat(creativecenter/upload.md): upload octet-stream * feat(creativecenter/upload.md): update some notes * feat(clientinfo/ip.md): another from live * feat: live web heartbeat * feat: update popular series & precious * fix(creativecenter/upload.md): mistakes in example * feat: merge duplicate fav info * feat(README.md): missing link to webmask * feat(search/hot.md): word_type * feat(login/login_action): recovery old api * feat(video/collection.md): series operation * feat: video season operation * feat: add & mod some links * feat(search/suggest.md): up to date * feat: web home header image * feat(misc/sign/bili_ticket.md): demo for nodejs * feat(creativecenter/upload.md): x-upos-auth validity period * feat: add referer & buvid3 to request header * feat: customer service message heartbeat & upload * feat(customerservice/msg.md): upload code 1200201 * feat(video/report.md): click/web/h5 * feat(video/report.md): view count desc * feat: laser2 * feat: wbi_key in bili_ticket * fix: typo & unclosed XML tags * feat(misc/sign/v_voucher): cookie x-bili-gaia-vtoken * feat(search/hot.md): square * feat(video/status_number.md): fold archive_stat/stat * feat(fav/info.md): resource/infos invalid type 21 * feat: /x/activity/subject/info * feat: lottery * feat(docs/misc/b23.tv): remove some unnecessary fields * feat(creativecenter/upload.md): types/predict * fix(video/collection.md): invalid end tag * feat: app version upgrade * feat(creativecenter/upload.md): tag/recommend #528 * feat(user/status_number.md): navnum * feat: /x/activity/page/list * feat(comment/list.md): desc about pagination_str * feat(comment/list.md): update example * feat(dynamic/all.md): #1082 * fix(comment/list.md): -352 not -412 * feat: #700 * feat(video/video_stream.md): #606 & cv949156 * feat(message/private_msg.md): single_unread freq * feat: getUserWallet * fix: broken form * feat(Layout.vue): copyright to 2024 * feat: /x/topic/pub/rcmd/search * feat: #425 * feat(misc/time_stamp.md): rtc/getTimestamp * fix(misc/time_stamp.md): missing end tag * feat: #745 * feat(dynamic/all.md): update feed/all * feat(danmaku/action.md): #220 * feat(live/info.md): gethistory from cv8186413 * fix(danmaku/action.md): missing end tag
2024-08-21 19:02:39 +08:00
parent f7599fb693
commit 60a0c5d1a2
46 changed files with 18489 additions and 8207 deletions
--- a/docs/misc/sign/bili_ticket.md
+++ b/docs/misc/sign/bili_ticket.md
@@ -24,8 +24,78 @@
 3. 构造请求参数，`key_id` 为 `ec02`，`hexsign` 为变量 `hexsign` 值，`context[ts]` 为变量 `timestamp` 值，`csrf` 为 cookie 中的 `bili_jct` 值也可为空
 4. 发送 `POST` 请求，获取 `data` 字段中的 `ticket` 字段的值即为所求

+## 接口
+
+> https://api.bilibili.com/bapis/bilibili.api.ticket.v1.Ticket/GenWebTicket
+
+*请求方式: POST*
+
+**URL参数:**
+
+| 参数名 | 类型 | 内容 | 必要性 | 备注 |
+| ----- | ---- | ---- | ------ | ---- |
+| key_id | str | ec02 | 必要 |      |
+| hexsign | str | 由 `hmac_sha256` 算法计算的 `hexsign` 值 | 必要 |      |
+| context[ts] | num | UNIX 秒级时间戳 | 必要 |      |
+| csrf | str | cookie 中的 `bili_jct` 值 | 非必要 |      |
+
+**JSON回复:**
+
+根对象:
+
+| 字段 | 类型 | 内容 | 备注 |
+| ---- | ---- | ---- | ---- |
+| code | num | 返回值 | 0: 成功<br />400: 参数错误 |
+| message | str | 返回消息 | OK: 成功 |
+| data | obj | 数据本体 | |
+| ttl | num | 1 |  |
+
+`data` 对象:
+
+| 字段 | 类型 | 内容 | 备注 |
+| ---- | ---- | ---- | ---- |
+| ticket | str | bili_ticket | |
+| created_at | num | 创建时间 | UNIX 秒级时间戳 |
+| ttl | num | 有效时长 | 259200 秒 (3 天) |
+| context | obj | 空 |  |
+| nav | obj | wbi_img 相关 | 参见 [WBI 签名](./wbi.md) |
+
+`nav` 对象:
+
+| 字段 | 类型 | 内容 | 备注 |
+| ---- | ---- | ---- | ---- |
+| img | str | img_key 值 | 参见 [WBI 签名](./wbi.md) |
+| sub | str | sub_key 值 | 参见 [WBI 签名](./wbi.md) |
+
+**示例:**
+
+<details>
+<summary>查看响应示例:</summary>
+
+```json
+{
+  "code": 0,
+  "message": "OK",
+  "data": {
+    "ticket": "eyJhbGciOiJIUzI1NiIsImtpZCI6InMwMyIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MjM2OTMwODAsImlhdCI6MTcyMzQzMzgyMCwicGx0IjotMX0.efOwv7i4m0ykABrXEDHGAechU2AByMcP_-3EYpQrNKs",
+    "created_at": 1723433820,
+    "ttl": 259200,
+    "context": {},
+    "nav": {
+      "img": "https://i0.hdslb.com/bfs/wbi/7cd084941338484aae1ad9425b84077c.png",
+      "sub": "https://i0.hdslb.com/bfs/wbi/4932caff0ff746eab6f01bf08b70ac45.png"
+    }
+  },
+  "ttl": 1
+}
+```
+
+</details>
+
 ## Demo

+此处提供 [Python](#python), [Java](#java), [JavaScript (Node.js)](#javascript-nodejs) 的示例代码
+
 ### Python

 需要 `requests` 依赖
@@ -176,3 +246,62 @@ public class BiliTicketDemo {

 }
 ```
+
+### JavaScript (Node.js)
+
+```javascript
+const crypto = require('crypto');
+
+/**
+ * Generate HMAC-SHA256 signature
+ * @param {string} key     The key string to use for the HMAC-SHA256 hash
+ * @param {string} message The message string to hash
+ * @returns {string} The HMAC-SHA256 signature as a hex string
+ */
+function hmacSha256(key, message) {
+    const hmac = crypto.createHmac('sha256', key);
+    hmac.update(message);
+    return hmac.digest('hex');
+}
+
+/**
+ * Get Bilibili web ticket
+ * @param {string} csrf    CSRF token, can be empty or null
+ * @returns {Promise<any>} Promise of the ticket response in JSON format
+ */
+async function getBiliTicket(csrf) {
+    const ts = Math.floor(Date.now() / 1000);
+    const hexSign = hmacSha256('XgwSnGZ1p', `ts${ts}`);
+    const url = 'https://api.bilibili.com/bapis/bilibili.api.ticket.v1.Ticket/GenWebTicket';
+    const params = new URLSearchParams({
+        key_id: 'ec02',
+        hexsign: hexSign,
+        'context[ts]': ts,
+        csrf: csrf || ''
+    });
+    try {
+        const response = await fetch(`${url}?${params.toString()}`, {
+            method: 'POST',
+            headers: {
+                'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0'
+            }
+        });
+        if (!response.ok) {
+            throw new Error(`HTTP error! status: ${response.status}`);
+        }
+        const data = await response.json();
+        return data;
+    } catch (e) {
+        throw error;
+    }
+}
+
+(async () => {
+    try {
+        const ticketResponse = await getBiliTicket(''); // use empty CSRF here
+        console.log(ticketResponse);
+    } catch (e) {
+        console.error('Failed to get BiliTicket:', error);
+    }
+})();
+```