@iflyrpa/actions 1.2.22 → 1.2.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/dist/bundle.js +394 -94
  2. package/dist/bundle.js.map +1 -1
  3. package/dist/index.d.ts +0 -1
  4. package/dist/index.js +394 -94
  5. package/dist/index.js.map +1 -1
  6. package/dist/index.mjs +395 -94
  7. package/dist/index.mjs.map +1 -1
  8. package/dist/types.d.ts +0 -1
  9. package/dist/utils/xhsXsEncrypt.d.ts +19 -35
  10. package/package.json +2 -2
package/dist/index.js CHANGED
@@ -1810,7 +1810,6 @@ var __webpack_exports__ = {};
1810
1810
  __webpack_require__.r(__webpack_exports__);
1811
1811
  __webpack_require__.d(__webpack_exports__, {
1812
1812
  version: ()=>package_namespaceObject.i8,
1813
- BetaFlag: ()=>BetaFlag,
1814
1813
  Action: ()=>Action
1815
1814
  });
1816
1815
  const external_node_fs_namespaceObject = require("node:fs");
@@ -2096,8 +2095,7 @@ var __webpack_exports__ = {};
2096
2095
  20040034: "封面图片推荐jpg、png格式,不支持gif格式。",
2097
2096
  20040124: "服务器异常,请稍后重试!",
2098
2097
  20040001: "当前用户未登录,请登陆后重试!",
2099
- 401100025: "该应用不支持此媒资类型",
2100
- 401100033: "图片宽高不满足要求"
2098
+ 401100025: "该应用不支持此媒资类型"
2101
2099
  };
2102
2100
  const mockAction = async (task, params)=>{
2103
2101
  const { baijiahaoSingleCover, baijiahaoMultCover, baijiahaoCoverType } = params.settingInfo;
@@ -2222,7 +2220,6 @@ var __webpack_exports__ = {};
2222
2220
  };
2223
2221
  const isDraft = "draft" === params.saveType;
2224
2222
  const saveUrl = isDraft ? "https://baijiahao.baidu.com/pcui/article/save?callback=bjhdraft" : "https://baijiahao.baidu.com/pcui/article/publish?callback=bjhpublish";
2225
- task._timerRecord['PrePublish'] = Date.now();
2226
2223
  const res = await http.api({
2227
2224
  method: "post",
2228
2225
  url: saveUrl,
@@ -2360,7 +2357,6 @@ var __webpack_exports__ = {};
2360
2357
  }
2361
2358
  };
2362
2359
  page.on("response", handleResponse);
2363
- task._timerRecord['PrePublish'] = Date.now();
2364
2360
  const operatorContainer = page.locator(".editor-component-operator");
2365
2361
  if ("draft" === params.saveType) await operatorContainer.locator(".op-btn-outter-content").filter({
2366
2362
  hasText: "存草稿"
@@ -2665,57 +2661,366 @@ var __webpack_exports__ = {};
2665
2661
  const external_node_buffer_namespaceObject = require("node:buffer");
2666
2662
  const external_node_crypto_namespaceObject = require("node:crypto");
2667
2663
  var external_node_crypto_default = /*#__PURE__*/ __webpack_require__.n(external_node_crypto_namespaceObject);
2668
- class XsEncrypt {
2669
- async encryptMD5(url) {
2670
- return external_node_crypto_default().createHash("md5").update(url, "utf8").digest("hex");
2671
- }
2672
- async encryptText(text) {
2673
- const textEncoded = external_node_buffer_namespaceObject.Buffer.from(text).toString("base64");
2674
- const cipher = external_node_crypto_default().createCipheriv("aes-128-cbc", new Uint8Array(this.keyBytes), new Uint8Array(this.iv));
2675
- const ciphertext = cipher.update(textEncoded, "utf8", "base64");
2676
- return ciphertext + cipher.final("base64");
2677
- }
2678
- async base64ToHex(encodedData) {
2679
- const decodedData = external_node_buffer_namespaceObject.Buffer.from(encodedData, "base64");
2680
- return decodedData.toString("hex");
2681
- }
2682
- async encryptPayload(payload, platform) {
2683
- const hexPayload = await this.base64ToHex(payload);
2684
- const obj = {
2685
- signSvn: "56",
2686
- signType: "x2",
2687
- appID: platform,
2688
- signVersion: "1",
2689
- payload: hexPayload
2664
+ class CryptoConfig {
2665
+ static{
2666
+ this.MAX_32BIT = 0xFFFFFFFF;
2667
+ }
2668
+ static{
2669
+ this.MAX_SIGNED_32BIT = 0x7FFFFFFF;
2670
+ }
2671
+ static{
2672
+ this.BASE58_ALPHABET = "NOPQRStuvwxWXYZabcyz012DEFTKLMdefghijkl4563GHIJBC7mnop89+/AUVqrsOPQefghijkABCDEFGuvwz0123456789xy";
2673
+ }
2674
+ static{
2675
+ this.STANDARD_BASE64_ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
2676
+ }
2677
+ static{
2678
+ this.CUSTOM_BASE64_ALPHABET = "ZmserbBoHQtNP+wOcza/LpngG8yJq42KWYj0DSfdikx3VT16IlUAFM97hECvuRX5";
2679
+ }
2680
+ static{
2681
+ this.BASE58_BASE = 58;
2682
+ }
2683
+ static{
2684
+ this.BYTE_SIZE = 256;
2685
+ }
2686
+ static{
2687
+ this.HEX_KEY = "af572b95ca65b2d9ec76bb5d2e97cb653299cc663399cc663399cce673399cce6733190c06030100000000008040209048241289c4e271381c0e0703018040a05028148ac56231180c0683c16030984c2693c964b259ac56abd5eaf5fafd7e3f9f4f279349a4d2e9743a9d4e279349a4d2e9f47a3d1e8f47239148a4d269341a8d4623110884422190c86432994ca6d3e974baddee773b1d8e47a35128148ac5623198cce6f3f97c3e1f8f47a3d168b45aad562b158ac5e2f1f87c3e9f4f279349a4d269b45aad56";
2688
+ }
2689
+ static{
2690
+ this.TIMESTAMP_BYTES_COUNT = 16;
2691
+ }
2692
+ static{
2693
+ this.TIMESTAMP_XOR_KEY = 41;
2694
+ }
2695
+ static{
2696
+ this.STARTUP_TIME_OFFSET_MIN = 1000;
2697
+ }
2698
+ static{
2699
+ this.STARTUP_TIME_OFFSET_MAX = 4000;
2700
+ }
2701
+ static{
2702
+ this.EXPECTED_HEX_LENGTH = 32;
2703
+ }
2704
+ static{
2705
+ this.OUTPUT_BYTE_COUNT = 8;
2706
+ }
2707
+ static{
2708
+ this.HEX_CHUNK_SIZE = 2;
2709
+ }
2710
+ static{
2711
+ this.VERSION_BYTES = [
2712
+ 119,
2713
+ 104,
2714
+ 96,
2715
+ 41
2716
+ ];
2717
+ }
2718
+ static{
2719
+ this.FIXED_SEPARATOR_BYTES = [
2720
+ 16,
2721
+ 0,
2722
+ 0,
2723
+ 0,
2724
+ 15,
2725
+ 5,
2726
+ 0,
2727
+ 0,
2728
+ 47,
2729
+ 1,
2730
+ 0,
2731
+ 0
2732
+ ];
2733
+ }
2734
+ static{
2735
+ this.RANDOM_BYTE_COUNT = 4;
2736
+ }
2737
+ static{
2738
+ this.FIXED_INT_VALUE_1 = 15;
2739
+ }
2740
+ static{
2741
+ this.FIXED_INT_VALUE_2 = 1291;
2742
+ }
2743
+ static{
2744
+ this.ENV_STATIC_BYTES = [
2745
+ 1,
2746
+ 249,
2747
+ 83,
2748
+ 102,
2749
+ 103,
2750
+ 201,
2751
+ 181,
2752
+ 131,
2753
+ 99,
2754
+ 94,
2755
+ 7,
2756
+ 68,
2757
+ 250,
2758
+ 132,
2759
+ 21
2760
+ ];
2761
+ }
2762
+ static{
2763
+ this.SIGNATURE_DATA_TEMPLATE = {
2764
+ x0: "4.2.2",
2765
+ x1: "xhs-pc-web",
2766
+ x2: "Windows",
2767
+ x3: "",
2768
+ x4: "object"
2690
2769
  };
2691
- const jsonString = JSON.stringify(obj, null, 0);
2692
- return external_node_buffer_namespaceObject.Buffer.from(jsonString).toString("base64");
2693
2770
  }
2694
- async encryptXs(url, a1, ts, platform = "xhs-pc-web") {
2695
- const text = `x1=${await this.encryptMD5(`url=${url}`)};x2=0|0|0|1|0|0|1|0|0|0|1|0|0|0|0|1|0|0|0;x3=${a1};x4=${ts};`;
2696
- return `XYW_${await this.encryptPayload(await this.encryptText(text), platform)}`;
2771
+ static{
2772
+ this.X3_PREFIX = "mns0101_";
2773
+ }
2774
+ static{
2775
+ this.XYS_PREFIX = "XYS_";
2776
+ }
2777
+ }
2778
+ class RandomGenerator {
2779
+ generateRandomBytes(byteCount) {
2780
+ return Array.from({
2781
+ length: byteCount
2782
+ }, ()=>Math.floor(Math.random() * CryptoConfig.BYTE_SIZE));
2783
+ }
2784
+ generateRandomByteInRange(minVal, maxVal) {
2785
+ return Math.floor(Math.random() * (maxVal - minVal + 1)) + minVal;
2697
2786
  }
2698
- dumps(...rest) {
2699
- const [data, replacer = null, space = 0] = rest;
2700
- return JSON.stringify(data, replacer, space).replace(/\n/g, "").replace(/":\s+"/g, '":"');
2787
+ generateRandomInt() {
2788
+ return Math.floor(Math.random() * (CryptoConfig.MAX_32BIT + 1));
2701
2789
  }
2790
+ }
2791
+ class HexProcessor {
2792
+ hexStringToBytes(hexString) {
2793
+ const byteValues = [];
2794
+ for(let i = 0; i < hexString.length; i += CryptoConfig.HEX_CHUNK_SIZE){
2795
+ const hexChunk = hexString.substr(i, CryptoConfig.HEX_CHUNK_SIZE);
2796
+ byteValues.push(parseInt(hexChunk, 16));
2797
+ }
2798
+ return byteValues;
2799
+ }
2800
+ processHexParameter(hexString, xorKey) {
2801
+ if (hexString.length !== CryptoConfig.EXPECTED_HEX_LENGTH) throw new Error(`hex parameter must be ${CryptoConfig.EXPECTED_HEX_LENGTH} characters`);
2802
+ const byteValues = this.hexStringToBytes(hexString);
2803
+ return byteValues.map((byteVal)=>byteVal ^ xorKey).slice(0, CryptoConfig.OUTPUT_BYTE_COUNT);
2804
+ }
2805
+ }
2806
+ class BitOperations {
2807
+ normalizeTo32bit(value) {
2808
+ return value & CryptoConfig.MAX_32BIT;
2809
+ }
2810
+ toSigned32bit(unsignedValue) {
2811
+ if (unsignedValue > CryptoConfig.MAX_SIGNED_32BIT) return unsignedValue - 0x100000000;
2812
+ return unsignedValue;
2813
+ }
2814
+ computeSeedValue(seed32bit) {
2815
+ const normalizedSeed = this.normalizeTo32bit(seed32bit);
2816
+ const shift15Bits = normalizedSeed >> 15;
2817
+ const shift13Bits = normalizedSeed >> 13;
2818
+ const shift12Bits = normalizedSeed >> 12;
2819
+ const shift10Bits = normalizedSeed >> 10;
2820
+ const xorMaskedResult = shift15Bits & ~shift13Bits | shift13Bits & ~shift15Bits;
2821
+ const shiftedResult = (xorMaskedResult ^ shift12Bits ^ shift10Bits) << 31 & CryptoConfig.MAX_32BIT;
2822
+ return this.toSigned32bit(shiftedResult);
2823
+ }
2824
+ xorTransformArray(sourceIntegers) {
2825
+ const resultBytes = new Uint8Array(sourceIntegers.length);
2826
+ const hexKeyBytes = external_node_buffer_namespaceObject.Buffer.from(CryptoConfig.HEX_KEY, 'hex');
2827
+ for(let index = 0; index < sourceIntegers.length; index++)resultBytes[index] = (sourceIntegers[index] ^ hexKeyBytes[index]) & 0xFF;
2828
+ return resultBytes;
2829
+ }
2830
+ }
2831
+ class Base58Encoder {
2832
+ encodeToB58(inputBytes) {
2833
+ const bytesArray = Array.isArray(inputBytes) ? inputBytes : Array.from(inputBytes);
2834
+ const numberAccumulator = this.bytesToNumber(bytesArray);
2835
+ const leadingZerosCount = this.countLeadingZeros(bytesArray);
2836
+ const encodedCharacters = this.numberToBase58Chars(numberAccumulator);
2837
+ encodedCharacters.push(...Array(leadingZerosCount).fill(CryptoConfig.BASE58_ALPHABET[0]));
2838
+ return encodedCharacters.reverse().join('');
2839
+ }
2840
+ bytesToNumber(inputBytes) {
2841
+ const bytesArray = Array.isArray(inputBytes) ? inputBytes : Array.from(inputBytes);
2842
+ let result = 0n;
2843
+ const BYTE_SIZE = 256n;
2844
+ for (const byteValue of bytesArray)result = result * BYTE_SIZE + BigInt(byteValue);
2845
+ return result;
2846
+ }
2847
+ countLeadingZeros(inputBytes) {
2848
+ let count = 0;
2849
+ for (const byteValue of inputBytes)if (0 === byteValue) count++;
2850
+ else break;
2851
+ return count;
2852
+ }
2853
+ numberToBase58Chars(number) {
2854
+ const characters = [];
2855
+ const base = BigInt(CryptoConfig.BASE58_BASE);
2856
+ while(number > 0n){
2857
+ const remainder = number % base;
2858
+ characters.push(CryptoConfig.BASE58_ALPHABET[Number(remainder)]);
2859
+ number /= base;
2860
+ }
2861
+ return characters;
2862
+ }
2863
+ }
2864
+ class Base64Encoder {
2865
+ encodeToB64(dataToEncode) {
2866
+ const dataBytes = external_node_buffer_namespaceObject.Buffer.from(dataToEncode, 'utf-8');
2867
+ const standardEncodedString = dataBytes.toString('base64');
2868
+ let result = '';
2869
+ for (const char of standardEncodedString){
2870
+ const index = CryptoConfig.STANDARD_BASE64_ALPHABET.indexOf(char);
2871
+ if (-1 !== index) result += CryptoConfig.CUSTOM_BASE64_ALPHABET[index];
2872
+ else result += char;
2873
+ }
2874
+ return result;
2875
+ }
2876
+ }
2877
+ class RequestSignatureValidator {
2878
+ static validateMethod(method) {
2879
+ if ('string' != typeof method) throw new TypeError(`method must be string, got ${typeof method}`);
2880
+ const upperMethod = method.trim().toUpperCase();
2881
+ if ('GET' !== upperMethod && 'POST' !== upperMethod) throw new Error(`method must be 'GET' or 'POST', got '${upperMethod}'`);
2882
+ return upperMethod;
2883
+ }
2884
+ static validateUri(uri) {
2885
+ if ('string' != typeof uri) throw new TypeError(`uri must be string, got ${typeof uri}`);
2886
+ if (!uri.trim()) throw new Error('uri cannot be empty');
2887
+ return uri.trim();
2888
+ }
2889
+ static validateA1Value(a1Value) {
2890
+ if ('string' != typeof a1Value) throw new TypeError(`a1_value must be string, got ${typeof a1Value}`);
2891
+ if (!a1Value.trim()) throw new Error('a1_value cannot be empty');
2892
+ return a1Value.trim();
2893
+ }
2894
+ static validateXsecAppid(xsecAppid) {
2895
+ if ('string' != typeof xsecAppid) throw new TypeError(`xsec_appid must be string, got ${typeof xsecAppid}`);
2896
+ if (!xsecAppid.trim()) throw new Error('xsec_appid cannot be empty');
2897
+ return xsecAppid.trim();
2898
+ }
2899
+ static validatePayload(payload) {
2900
+ if (null !== payload && 'object' != typeof payload) throw new TypeError(`payload must be object or null, got ${typeof payload}`);
2901
+ if (null != payload) {
2902
+ for(const key in payload)if ('string' != typeof key) throw new TypeError(`payload keys must be string, got ${typeof key} for key '${key}'`);
2903
+ }
2904
+ return payload;
2905
+ }
2906
+ }
2907
+ class CryptoProcessor {
2702
2908
  constructor(){
2703
- this.words = [
2704
- 929260340,
2705
- 1633971297,
2706
- 895580464,
2707
- 925905270
2909
+ this.bitOps = new BitOperations();
2910
+ this.b58encoder = new Base58Encoder();
2911
+ this.b64encoder = new Base64Encoder();
2912
+ this.hexProcessor = new HexProcessor();
2913
+ this.randomGen = new RandomGenerator();
2914
+ }
2915
+ encodeTimestamp(ts, randomizeFirst = true) {
2916
+ const key = Array(8).fill(CryptoConfig.TIMESTAMP_XOR_KEY);
2917
+ const arr = this.intToLeBytes(ts, 8);
2918
+ const encoded = arr.map((a, i)=>a ^ key[i]);
2919
+ if (randomizeFirst) encoded[0] = this.randomGen.generateRandomByteInRange(0, 255);
2920
+ return encoded;
2921
+ }
2922
+ intToLeBytes(val, length = 4) {
2923
+ const arr = [];
2924
+ for(let i = 0; i < length; i++){
2925
+ arr.push(0xFF & val);
2926
+ val >>>= 8;
2927
+ }
2928
+ return arr;
2929
+ }
2930
+ strToLenPrefixedBytes(s) {
2931
+ const buf = external_node_buffer_namespaceObject.Buffer.from(s, 'utf-8');
2932
+ return [
2933
+ buf.length,
2934
+ ...Array.from(buf)
2935
+ ];
2936
+ }
2937
+ buildEnvironmentBytes() {
2938
+ return [
2939
+ CryptoConfig.ENV_STATIC_BYTES[0],
2940
+ this.randomGen.generateRandomByteInRange(10, 254),
2941
+ ...CryptoConfig.ENV_STATIC_BYTES.slice(1)
2708
2942
  ];
2709
- this.keyBytes = external_node_buffer_namespaceObject.Buffer.concat(this.words.map((word)=>new Uint8Array(external_node_buffer_namespaceObject.Buffer.from([
2710
- word >> 24 & 0xff,
2711
- word >> 16 & 0xff,
2712
- word >> 8 & 0xff,
2713
- 0xff & word
2714
- ]))));
2715
- this.iv = external_node_buffer_namespaceObject.Buffer.from("4uzjr7mbsibcaldp", "utf8");
2943
+ }
2944
+ buildPayloadArray(hexParameter, a1Value, appIdentifier = "xhs-pc-web", stringParam = "") {
2945
+ const randNum = this.randomGen.generateRandomInt();
2946
+ const ts = Date.now();
2947
+ const startupTs = ts - (CryptoConfig.STARTUP_TIME_OFFSET_MIN + this.randomGen.generateRandomByteInRange(0, CryptoConfig.STARTUP_TIME_OFFSET_MAX - CryptoConfig.STARTUP_TIME_OFFSET_MIN));
2948
+ const arr = [];
2949
+ arr.push(...CryptoConfig.VERSION_BYTES);
2950
+ const randBytes = this.intToLeBytes(randNum, 4);
2951
+ arr.push(...randBytes);
2952
+ const xorKey = randBytes[0];
2953
+ arr.push(...this.encodeTimestamp(ts, true));
2954
+ arr.push(...this.intToLeBytes(startupTs, 8));
2955
+ arr.push(...this.intToLeBytes(CryptoConfig.FIXED_INT_VALUE_1));
2956
+ arr.push(...this.intToLeBytes(CryptoConfig.FIXED_INT_VALUE_2));
2957
+ const stringParamLength = external_node_buffer_namespaceObject.Buffer.from(stringParam, 'utf-8').length;
2958
+ arr.push(...this.intToLeBytes(stringParamLength));
2959
+ const md5Bytes = external_node_buffer_namespaceObject.Buffer.from(hexParameter, 'hex');
2960
+ const xorMd5Bytes = Array.from(md5Bytes).map((b)=>b ^ xorKey);
2961
+ arr.push(...xorMd5Bytes.slice(0, 8));
2962
+ arr.push(...this.strToLenPrefixedBytes(a1Value));
2963
+ arr.push(...this.strToLenPrefixedBytes(appIdentifier));
2964
+ arr.push(CryptoConfig.ENV_STATIC_BYTES[0], this.randomGen.generateRandomByteInRange(0, 255), ...CryptoConfig.ENV_STATIC_BYTES.slice(1));
2965
+ return arr;
2716
2966
  }
2717
2967
  }
2718
- const searchXiaohongshuTopicList_xsEncrypt = new XsEncrypt();
2968
+ class Xhshow {
2969
+ constructor(){
2970
+ this.cryptoProcessor = new CryptoProcessor();
2971
+ }
2972
+ buildContentString(method, uri, payload) {
2973
+ payload = payload || {};
2974
+ if ("POST" === method.toUpperCase()) return uri + JSON.stringify(payload);
2975
+ if (!payload || 0 === Object.keys(payload).length) return uri;
2976
+ {
2977
+ const params = Object.entries(payload).map(([key, value])=>{
2978
+ let valueStr = '';
2979
+ if (Array.isArray(value)) valueStr = value.map((v)=>String(v)).join(',');
2980
+ else if (null != value) valueStr = String(value);
2981
+ return `${key}=${valueStr}`;
2982
+ });
2983
+ return `${uri}?${params.join('&')}`;
2984
+ }
2985
+ }
2986
+ generateDValue(content) {
2987
+ return external_node_crypto_default().createHash('md5').update(content, 'utf-8').digest('hex');
2988
+ }
2989
+ buildSignature(dValue, a1Value, xsecAppid = "xhs-pc-web", stringParam = "") {
2990
+ const payloadArray = this.cryptoProcessor.buildPayloadArray(dValue, a1Value, xsecAppid, stringParam);
2991
+ const xorResult = this.cryptoProcessor.bitOps.xorTransformArray(payloadArray);
2992
+ return this.cryptoProcessor.b58encoder.encodeToB58(xorResult);
2993
+ }
2994
+ signXs(method, uri, a1Value, xsecAppid = "xhs-pc-web", payload) {
2995
+ const validatedMethod = RequestSignatureValidator.validateMethod(method);
2996
+ const validatedUri = RequestSignatureValidator.validateUri(uri);
2997
+ const validatedA1Value = RequestSignatureValidator.validateA1Value(a1Value);
2998
+ const validatedXsecAppid = RequestSignatureValidator.validateXsecAppid(xsecAppid);
2999
+ const validatedPayload = RequestSignatureValidator.validatePayload(payload);
3000
+ const signatureData = {
3001
+ ...CryptoConfig.SIGNATURE_DATA_TEMPLATE
3002
+ };
3003
+ const contentString = this.buildContentString(validatedMethod, validatedUri, validatedPayload);
3004
+ const dValue = this.generateDValue(contentString);
3005
+ signatureData.x3 = CryptoConfig.X3_PREFIX + this.buildSignature(dValue, validatedA1Value, validatedXsecAppid, contentString);
3006
+ return CryptoConfig.XYS_PREFIX + this.cryptoProcessor.b64encoder.encodeToB64(JSON.stringify(signatureData));
3007
+ }
3008
+ signXsGet(uri, a1Value, xsecAppid = "xhs-pc-web", params) {
3009
+ const validatedUri = RequestSignatureValidator.validateUri(uri);
3010
+ const validatedA1Value = RequestSignatureValidator.validateA1Value(a1Value);
3011
+ const validatedXsecAppid = RequestSignatureValidator.validateXsecAppid(xsecAppid);
3012
+ const validatedParams = RequestSignatureValidator.validatePayload(params);
3013
+ return this.signXs("GET", validatedUri, validatedA1Value, validatedXsecAppid, validatedParams);
3014
+ }
3015
+ signXsPost(uri, a1Value, xsecAppid = "xhs-pc-web", payload) {
3016
+ const validatedUri = RequestSignatureValidator.validateUri(uri);
3017
+ const validatedA1Value = RequestSignatureValidator.validateA1Value(a1Value);
3018
+ const validatedXsecAppid = RequestSignatureValidator.validateXsecAppid(xsecAppid);
3019
+ const validatedPayload = RequestSignatureValidator.validatePayload(payload);
3020
+ return this.signXs("POST", validatedUri, validatedA1Value, validatedXsecAppid, validatedPayload);
3021
+ }
3022
+ }
3023
+ const searchXiaohongshuTopicList_xsEncrypt = new Xhshow();
2719
3024
  const searchXiaohongshuTopicList = async (_task, params)=>{
2720
3025
  const http = new Http({
2721
3026
  headers: {
@@ -2743,9 +3048,8 @@ var __webpack_exports__ = {};
2743
3048
  page: 1
2744
3049
  }
2745
3050
  };
2746
- const topicDataStr = searchXiaohongshuTopicList_xsEncrypt.dumps(topicData);
2747
- const fatchTopic = `/web_api/sns/v1/search/topic${topicDataStr}`;
2748
- const xs = await searchXiaohongshuTopicList_xsEncrypt.encryptXs(fatchTopic, a1Cookie, xt);
3051
+ const fatchTopic = "/web_api/sns/v1/search/topic";
3052
+ const xs = searchXiaohongshuTopicList_xsEncrypt.signXsPost(fatchTopic, a1Cookie, "xhs-pc-web", topicData);
2749
3053
  const result = await http.api({
2750
3054
  method: "post",
2751
3055
  url: "https://edith.xiaohongshu.com/web_api/sns/v1/search/topic",
@@ -2926,7 +3230,6 @@ var __webpack_exports__ = {};
2926
3230
  article_ad_type: getAddTypeValue(params.settingInfo.toutiaoAd),
2927
3231
  claim_exclusive: toutiaoExclusive ? toutiaoExclusive : toutiaoOriginal?.includes("exclusive") ? 1 : 0
2928
3232
  };
2929
- task._timerRecord['PrePublish'] = Date.now();
2930
3233
  const msToken = params.cookies.find((it)=>"msToken" === it.name)?.value;
2931
3234
  let publishOption = {};
2932
3235
  if (msToken) {
@@ -3171,7 +3474,6 @@ var __webpack_exports__ = {};
3171
3474
  const confirmBtn = page.locator('div.byte-modal-footer button.byte-btn-primary:has-text("确定")');
3172
3475
  if (await confirmBtn.isVisible()) await confirmBtn.click();
3173
3476
  }
3174
- task._timerRecord['PrePublish'] = Date.now();
3175
3477
  if ("publish" === params.saveType) {
3176
3478
  await page.locator(".publish-footer button").filter({
3177
3479
  hasText: params.settingInfo.timer ? "定时发布" : "确认发布"
@@ -3579,10 +3881,10 @@ var __webpack_exports__ = {};
3579
3881
  origin: "https://creator.xiaohongshu.com"
3580
3882
  }
3581
3883
  });
3582
- const xsEncrypt = new XsEncrypt();
3884
+ const xsEncrypt = new Xhshow();
3583
3885
  const xt = Date.now().toString();
3584
3886
  const sevenDataUrl = "/api/galaxy/v2/creator/datacenter/account/base";
3585
- const xs = await xsEncrypt.encryptXs(sevenDataUrl, a1Cookie, xt);
3887
+ const xs = xsEncrypt.signXsGet(sevenDataUrl, a1Cookie, "xhs-pc-web", null);
3586
3888
  const [overAllData, sevenData] = await Promise.all([
3587
3889
  http.api({
3588
3890
  method: "get",
@@ -3943,7 +4245,7 @@ var __webpack_exports__ = {};
3943
4245
  async function handleXiaohongshuData(params) {
3944
4246
  try {
3945
4247
  const { cookies, pageNum = 1, pageSize = 10, showOriginalData = false, onlySuccess = false } = params;
3946
- const xsEncrypt = new XsEncrypt();
4248
+ const xsEncrypt = new Xhshow();
3947
4249
  const a1Cookie = cookies.find((it)=>"a1" === it.name)?.value;
3948
4250
  if (!a1Cookie) return {
3949
4251
  code: 200,
@@ -3964,8 +4266,12 @@ var __webpack_exports__ = {};
3964
4266
  });
3965
4267
  async function fetchArticles(pageNum, a1Cookie, onlySuccess = false) {
3966
4268
  const xt = Date.now().toString();
3967
- const serveUrl = `/web_api/sns/v5/creator/note/user/posted?tab=${onlySuccess ? 1 : 0}&page=${pageNum - 1}`;
3968
- const xs = await xsEncrypt.encryptXs(serveUrl, a1Cookie, xt);
4269
+ const serveUrl = "/web_api/sns/v5/creator/note/user/posted";
4270
+ const serveParams = {
4271
+ tab: onlySuccess ? 1 : 0,
4272
+ page: pageNum - 1
4273
+ };
4274
+ const xs = xsEncrypt.signXsGet(serveUrl, a1Cookie, "xhs-pc-web", serveParams);
3969
4275
  return await http.api({
3970
4276
  method: "get",
3971
4277
  baseURL: "https://edith.xiaohongshu.com",
@@ -3973,7 +4279,8 @@ var __webpack_exports__ = {};
3973
4279
  headers: {
3974
4280
  "x-s": xs,
3975
4281
  "x-t": xt
3976
- }
4282
+ },
4283
+ params: serveParams
3977
4284
  });
3978
4285
  }
3979
4286
  const articleInfo = await fetchArticles(pageNum, a1Cookie, onlySuccess);
@@ -4604,7 +4911,6 @@ var __webpack_exports__ = {};
4604
4911
  masssend_check: 1,
4605
4912
  is_masssend: 1
4606
4913
  };
4607
- task._timerRecord['PrePublish'] = Date.now();
4608
4914
  const { appMsgId } = await http.api({
4609
4915
  method: "post",
4610
4916
  url: "https://mp.weixin.qq.com/cgi-bin/operate_appmsg",
@@ -5263,7 +5569,6 @@ var __webpack_exports__ = {};
5263
5569
  await poperInstance.locator('.frm_radio_item label[for="not_recomment_0"]').click();
5264
5570
  }
5265
5571
  await page.waitForTimeout(1000);
5266
- task._timerRecord['PrePublish'] = Date.now();
5267
5572
  const articleId = await new Promise(async (resolve)=>{
5268
5573
  const handleResponse = async (response)=>{
5269
5574
  const url = response.url();
@@ -5597,7 +5902,7 @@ var __webpack_exports__ = {};
5597
5902
  902: "登录已过期,请重新登录!",
5598
5903
  906: "账号存在风险,请重新登录"
5599
5904
  };
5600
- const mock_xsEncrypt = new XsEncrypt();
5905
+ const mock_xsEncrypt = new Xhshow();
5601
5906
  const xiaohongshuPublish_mock_mockAction = async (task, params)=>{
5602
5907
  const tmpCachePath = task.getTmpPath();
5603
5908
  const a1Cookie = params.cookies.find((it)=>"a1" === it.name)?.value;
@@ -5606,13 +5911,14 @@ var __webpack_exports__ = {};
5606
5911
  message: "账号数据异常,请重新绑定账号后重试。",
5607
5912
  data: ""
5608
5913
  };
5914
+ const headers = {
5915
+ cookie: params.cookies.map((it)=>`${it.name}=${it.value}`).join(";"),
5916
+ origin: "https://creator.xiaohongshu.com",
5917
+ referer: "https://creator.xiaohongshu.com/",
5918
+ "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
5919
+ };
5609
5920
  const http = new Http({
5610
- headers: {
5611
- cookie: params.cookies.map((it)=>`${it.name}=${it.value}`).join(";"),
5612
- origin: "https://creator.xiaohongshu.com",
5613
- referer: "https://creator.xiaohongshu.com/",
5614
- "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
5615
- }
5921
+ headers
5616
5922
  });
5617
5923
  http.addResponseInterceptor((response)=>{
5618
5924
  const responseData = response.data;
@@ -5625,9 +5931,16 @@ var __webpack_exports__ = {};
5625
5931
  };
5626
5932
  }
5627
5933
  });
5628
- const fetchCoverUrl = `/api/media/v1/upload/creator/permit?biz_name=spectrum&scene=image&file_count=${params.banners.length}&version=1&source=web`;
5934
+ const fetchCoverUrl = "/api/media/v1/upload/creator/permit";
5935
+ const fetchCoverParams = {
5936
+ biz_name: "spectrum",
5937
+ scene: "image",
5938
+ file_count: params.banners.length,
5939
+ version: 1,
5940
+ source: "web"
5941
+ };
5629
5942
  const xt = Date.now().toString();
5630
- const xs = await mock_xsEncrypt.encryptXs(fetchCoverUrl, a1Cookie, xt);
5943
+ const xs = mock_xsEncrypt.signXsGet(fetchCoverUrl, a1Cookie, "xhs-pc-web", fetchCoverParams);
5631
5944
  const coverIdInfo = await http.api({
5632
5945
  method: "get",
5633
5946
  baseURL: "https://creator.xiaohongshu.com",
@@ -5636,7 +5949,8 @@ var __webpack_exports__ = {};
5636
5949
  headers: {
5637
5950
  "x-s": xs,
5638
5951
  "x-t": xt
5639
- }
5952
+ },
5953
+ params: fetchCoverParams
5640
5954
  });
5641
5955
  let uploadInfos = [];
5642
5956
  coverIdInfo.data.uploadTempPermits.forEach((item)=>{
@@ -5710,9 +6024,8 @@ var __webpack_exports__ = {};
5710
6024
  const topicData = {
5711
6025
  topic_names: topic["name"]
5712
6026
  };
5713
- const topicDataStr = mock_xsEncrypt.dumps(topicData);
5714
6027
  const publishXt = Date.now().toString();
5715
- const publishXs = await mock_xsEncrypt.encryptXs(`/web_api/sns/capa/postgw/topic/batch_customized${topicDataStr}`, a1Cookie, publishXt);
6028
+ const publishXs = mock_xsEncrypt.signXsPost("/web_api/sns/capa/postgw/topic/batch_customized", a1Cookie, "xhs-pc-web", topicData);
5716
6029
  let createTopic = await http.api({
5717
6030
  method: "POST",
5718
6031
  url: "https://edith.xiaohongshu.com/web_api/sns/capa/postgw/topic/batch_customized",
@@ -5795,7 +6108,6 @@ var __webpack_exports__ = {};
5795
6108
  };
5796
6109
  }
5797
6110
  }
5798
- task._timerRecord['PrePublish'] = Date.now();
5799
6111
  const business_binds = {
5800
6112
  version: 1,
5801
6113
  bizType: "",
@@ -5812,9 +6124,8 @@ var __webpack_exports__ = {};
5812
6124
  } : {}
5813
6125
  };
5814
6126
  publishData.common.business_binds = JSON.stringify(business_binds);
5815
- const publishDataStr = mock_xsEncrypt.dumps(publishData);
5816
6127
  const publishXt = Date.now().toString();
5817
- const publishXs = await mock_xsEncrypt.encryptXs(`/web_api/sns/v2/note${publishDataStr}`, a1Cookie, publishXt);
6128
+ const publishXs = mock_xsEncrypt.signXsPost("/web_api/sns/v2/note", a1Cookie, "xhs-pc-web", publishData);
5818
6129
  const xscommon = GenXSCommon(a1Cookie, publishXt, publishXs);
5819
6130
  const publishResult = await http.api({
5820
6131
  method: "post",
@@ -5830,7 +6141,7 @@ var __webpack_exports__ = {};
5830
6141
  return (0, share_namespaceObject.success)(publishResult.data?.id);
5831
6142
  };
5832
6143
  const rpa_GenXSCommon = __webpack_require__("./src/utils/XhsXsCommonEnc.js");
5833
- const rpa_xsEncrypt = new XsEncrypt();
6144
+ const rpa_xsEncrypt = new Xhshow();
5834
6145
  const xiaohongshuPublish_rpa_rpaAction = async (task, params)=>{
5835
6146
  const commonCookies = {
5836
6147
  path: "/",
@@ -5861,7 +6172,8 @@ var __webpack_exports__ = {};
5861
6172
  const url = request.url();
5862
6173
  if (interceptUrls.some((pattern)=>url.includes(pattern))) {
5863
6174
  const urlObj = new URL(url);
5864
- const fetchCoverUrl = urlObj.pathname + urlObj.search;
6175
+ urlObj.pathname, urlObj.search;
6176
+ const fetchCoverParams = Object.fromEntries(new URLSearchParams(urlObj.search));
5865
6177
  const xt = Date.now().toString();
5866
6178
  const a1Cookie = params.cookies.find((it)=>"a1" === it.name)?.value;
5867
6179
  if (!a1Cookie) {
@@ -5879,9 +6191,8 @@ var __webpack_exports__ = {};
5879
6191
  const isNoteRequest = urlObj.pathname.includes(interceptUrls[5]);
5880
6192
  const xs = await (isNoteRequest ? (async ()=>{
5881
6193
  const publishData = JSON.parse(request.postData() || "");
5882
- const publishDataStr = rpa_xsEncrypt.dumps(publishData);
5883
- return rpa_xsEncrypt.encryptXs(interceptUrls[5] + publishDataStr, a1Cookie, xt);
5884
- })() : rpa_xsEncrypt.encryptXs(fetchCoverUrl, a1Cookie, xt));
6194
+ return rpa_xsEncrypt.signXsPost(interceptUrls[5], a1Cookie, "xhs-pc-web", publishData);
6195
+ })() : rpa_xsEncrypt.signXsGet(urlObj.pathname, a1Cookie, "xhs-pc-web", fetchCoverParams));
5885
6196
  const xscommon = rpa_GenXSCommon(a1Cookie, xt, xs);
5886
6197
  const newHeaders = {
5887
6198
  ...request.headers(),
@@ -6023,7 +6334,6 @@ var __webpack_exports__ = {};
6023
6334
  hasText: "仅自己可见"
6024
6335
  }).click();
6025
6336
  }
6026
- task._timerRecord['PrePublish'] = Date.now();
6027
6337
  const releaseTimeInstance = page.locator("label").filter({
6028
6338
  hasText: params.isImmediatelyPublish ? "立即发布" : "定时发布"
6029
6339
  });
@@ -6049,31 +6359,21 @@ var __webpack_exports__ = {};
6049
6359
  return executeAction(xiaohongshuPublish_mock_mockAction, xiaohongshuPublish_rpa_rpaAction)(task, params);
6050
6360
  };
6051
6361
  var package_namespaceObject = {
6052
- i8: "1.2.21"
6362
+ i8: "1.2.23"
6053
6363
  };
6054
- const BetaFlag = "HuiwenCanary";
6055
6364
  class Action {
6056
6365
  constructor(task){
6057
6366
  this.task = task;
6058
6367
  }
6059
6368
  async bindTask(func, params) {
6060
6369
  let responseData;
6061
- this.task.isBeta = this.task?.isFeatOn(BetaFlag) ?? false;
6062
- this.task._timerRecord = {
6063
- ActionStart: Date.now()
6064
- };
6065
6370
  if (this.task.setArticleId) this.task.setArticleId(params.articleId ?? "");
6066
- if (this.task.setSaveType) this.task.setSaveType(params.saveType ?? "");
6067
- if (void 0 !== this.task.isInitializedGB) this.task.setGbInitType(this.task.isInitializedGB);
6068
- if ("object" == typeof params) params.cookies = params?.cookies ?? [];
6371
+ if ("object" == typeof params && null !== params) params.cookies = params?.cookies ?? [];
6069
6372
  try {
6070
6373
  responseData = await func(this.task, params);
6071
6374
  } catch (error) {
6072
6375
  responseData = Http.handleApiError(error);
6073
- } finally{
6074
- this.task._timerRecord['ActionEnd'] = Date.now();
6075
6376
  }
6076
- if (this.task.isBeta && this.task.setTimeConsuming) this.task.setTimeConsuming(this.task._timerRecord);
6077
6377
  if (200 === responseData.code) this.task.logger.info(`${func.name} action params error`, responseData);
6078
6378
  else if (0 !== responseData.code) {
6079
6379
  this.task.logger.error(responseData.message || `${func.name} 执行失败`, stringifyError(responseData.data), responseData.extra);