preface
This project is developed after the Android client of station B. The original intention is to learn popular Android technology, but there is no data resources. Because I like visiting B station, and the Android client of B station is the MD design specification recommended by Google, I spent some time studying the network request of B station, and finally succeeded. I reached an agreement with @android_zzt to develop this practice project imitating B station. The project is being developed outside of work, so the update schedule is variable.
preparation
First, the network request capture of station B is to capture the network request of station B. The environment is MAC. I tried to use Charles.
Mitmproxy is an open source package capture tool hosted on Github. Website address: http://mitmproxy.org/ making address: https://github.com/mitmproxy/mitmproxy tutorial: using mitmproxy HTTP caught on the move
Tips: Https packet capture requires the installation of a certificate, most mobile phones according to the official document or tutorial articles can be successfully installed, but xiaomi mobile phones can not be downloaded normally, the official document mentioned that the certificate will be placed in the ~/. Mitmproxy directory, so you can manually upload to the mobile phone for installation.
After setting up the certificate and proxy, we can start to carry out HTTPS packet capture. First, open the app home page
Observe mitmProxy and find the corresponding network request
In this way, you can analyze the interface parameters and call the STATION B API. However, we found that most interfaces need a sign parameter as a dynamic verification password, and how to generate sign, then we need to decomcompile, find and analyze the sign signature logic in the source code.
Second, decompilation
Decompilation and signing logic refer to @haku’s
BiliBili Android Third Party — Step 0
General operation This article is very detailed, do not repeat, here are some of the problems encountered.
In the old version, SecretKey was directly stored in so library. When I decomcompiled the new version (V5.4 that I was using at that time), STATION B used AES encryption for SecretKey. The algorithm mode can be found in the decomcompiled source code. Key and offset parameters (CHD, CHB, nativelibrary, LibBili), but failed… This respect understands very little, if have big guy to be able to test success, please do not hesitate to give advice! AppKey and AppSecretKey are stored in libbili.so, v3.14.
results
The renderings are as follows:
Version 1.1.0
- Architectural structures,
- Analysis of the Api
- Complete the home page
Version 1.2.0
- Complete the live broadcast playing page
- Integration with IjkPlayer and easy encapsulation
- Integrated DanmakuFlameMaster and bilibili-api from czp3009 to complete the barrage function
Some open source library updates
- preparation
- Decompile resource files
- Mitmproxy fetching Api(HTTPS support)
- Obtain the signKey signature logic of station B
- Frame structures,
Open source libraries used
- RxJava2 is the most responsive programming framework in the world
- RxLifecycle resolves Rxjava memory leaks
- Retrofit is the most popular Framework for Android web requests
- Okhttp3 works with Retrofit, and the signature logic in the project is implemented using the library’s interceptor module
- Dagger2 is a slightly higher threshold but powerful dependency injection framework
- Butterknife binds a dependency injection framework for views
- Communication between Eventbus components
- Fresco is a great way to load and process images, but it’s a little big compared to other photo libraries
- Fragmentation A library of simplified fragments that operate and fill pits
- Multitype RecyclerView Multitype library
- IjkPlayer B station produces FFmpeg based open source video player framework
- DanmakuFlameMaster – B station open source projectile barrage analysis and drawing engine project
Original author: Misery_Dx
The original link: https://github.com/TeamNB/FakeBiliBili
Welcome to follow my wechat public account “Code farming breakthrough”, share Python, Java, big data, machine learning, artificial intelligence and other technologies, pay attention to code farming technology improvement, career breakthrough, thinking transition, 200,000 + code farming growth charge first stop, accompany you have a dream to grow together.