Reverse engineering Javascript behind Google+ button

前端未结

关注

 2  1672

别那么骄傲 2021-02-03 10:57

I am trying to simulate google+ button.In Somepart of code at LINK,It converts the session id into Some kinda hash.What i found is session id name is SAPISID and the converted h

2条回答

佛祖请我去吃肉 (楼主)

2021-02-03 11:53

All credits to Dave Thomas.

I just want to clarify that for the X-Origin, or Origin, you do not include the "X-Origin:" or "Origin:"

Here is one example :

public class SAPISIDHASH {

    public static void main(String [] args) {

        String sapisid = "b4qUZKO4943exo9W/AmP2OAZLWGDwTsuh1";
        String origin = "https://hangouts.google.com";
        String sapisidhash = "1447033700279" + " " + sapisid + " " + origin;
        System.out.println("SAPISID:\n"+ hashString(sapisidhash));
        System.out.println("Expecting:");
        System.out.println("38cb670a2eaa2aca37edf07293150865121275cd");

    }

    private static String hashString(String password)
    {
        String sha1 = "";
        try
        {
            MessageDigest crypt = MessageDigest.getInstance("SHA-1");
            crypt.reset();
            crypt.update(password.getBytes("UTF-8"));
            sha1 = byteToHex(crypt.digest());
        }
        catch(NoSuchAlgorithmException e)
        {
            e.printStackTrace();
        }
        catch(UnsupportedEncodingException e)
        {
            e.printStackTrace();
        }
        return sha1;
    }

    private static String byteToHex(final byte[] hash)
    {
        Formatter formatter = new Formatter();
        for (byte b : hash)
        {
            formatter.format("%02x", b);
        }
        String result = formatter.toString();
        formatter.close();
        return result;
    }
}

source for sha1 in Java : Java String to SHA1

0 讨论(0)

查看其它2个回答