I need to programmatically log into a remote site, get the login cookie, go to another site that has an iframe that checks for that cookie, which will then display a dashboard.
From what I gather, the process appears to be.
- Go to login page, retrieve login cookie (Zend Form)
- POST username and password to PHP form
- Retrieve login cookie (PHPSESSID)
- Store the cookie in the web browser file location or open with a c# view. Preferably safari
- Go to a hosted dashboard with the iframe, which checks for the cookie.
I followed this guide and was able to login successfully to the first site and output the html of the page behind the form.
I tried modifying the script to use the cookie container to open another request to a test server I have with the iframe, and open it in a web browser. Which does not appear to work.
I believe that PHP curl would be a better way of achieving this as it interacts directly with the web browser. I am guessing this would make storing the cookie easier.
Here is my c# script, which is able to login. I made a quick bash command that inserts the sites url into relative src and href references to see if the page would load from the "test.html" file. It does not work
System.Net.CookieCollection cookies = new System.Net.CookieCollection();
System.Net.HttpWebRequest request = (System.Net.HttpWebRequest)System.Net.WebRequest.Create("http://surepathprofile.spower.com/entry");
request.CookieContainer = new System.Net.CookieContainer();
request.CookieContainer.Add(cookies);
//Get the response from the server and save the cookies from the first request..
System.Net.HttpWebResponse response = (System.Net.HttpWebResponse)request.GetResponse();
cookies = response.Cookies;
string getUrl = "http://surepathprofile.spower.com/entry/login";
string postData = String.Format("username={0}&password={1}&submit={2}", "###USERNAME###", "####PASSWORD####", "Submit");
System.Net.HttpWebRequest getRequest = (System.Net.HttpWebRequest)System.Net.WebRequest.Create(getUrl);
getRequest.CookieContainer = new System.Net.CookieContainer();
getRequest.CookieContainer.Add(cookies); //recover cookies First request
getRequest.Method = System.Net.WebRequestMethods.Http.Post;
getRequest.UserAgent = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.115 Safari/537.36";
getRequest.AllowWriteStreamBuffering = true;
getRequest.ProtocolVersion = System.Net.HttpVersion.Version11;
getRequest.AllowAutoRedirect = true;
getRequest.ContentType = "application/x-www-form-urlencoded";
byte[] byteArray = System.Text.Encoding.ASCII.GetBytes(postData);
getRequest.ContentLength = byteArray.Length;
System.IO.Stream newStream = getRequest.GetRequestStream(); //open connection
newStream.Write(byteArray, 0, byteArray.Length); // Send the data.
newStream.Close();
System.Net.HttpWebResponse getResponse = (System.Net.HttpWebResponse)getRequest.GetResponse();
cookies = response.Cookies;
getUrl = "http://104.131.149.136/"; //TEST SERVER WITH IFRAME
getRequest = (System.Net.HttpWebRequest)System.Net.WebRequest.Create(getUrl);
getRequest.CookieContainer = new System.Net.CookieContainer();
getRequest.CookieContainer.Add(cookies); //recover cookies First request
getResponse = (System.Net.HttpWebResponse)getRequest.GetResponse();
string sourceCode = "";
System.IO.Stream recieveStream = getResponse.GetResponseStream();
using (System.IO.StreamReader sr = new System.IO.StreamReader(recieveStream))
{
sourceCode = sr.ReadToEnd();
}
System.Console.Write (sourceCode);
System.IO.File.WriteAllText("test.html", sourceCode);
System.Windows.Forms.WebBrowser webBrowser = new System.Windows.Forms.WebBrowser();
webBrowser.DocumentStream = recieveStream;
EDIT:
I made the script using PHP curl, still doesn't work. It appears to be creating a PHPSID which is one step closer. I think since the domain is wrong (my server) instead of theirs it does not work.
session_start();
echo session_id();
$username = 'asd';
$password = 'asd';
$loginUrl = 'http://surepathprofile.spower.com/entry/login';
$loginForm = 'http://surepathprofile.spower.com/entry/';
//init curl
$ch = curl_init();
//curl_setopt($ch,CURLOPT_COOKIEJAR, "cookie.txt");
//curl_setopt($ch,CURLOPT_COOKIEFILE, "cookie.txt")
//$store = curl_exec($ch);
curl_setopt($ch, CURLOPT_URL, $loginUrl);
// ENABLE HTTP POST
curl_setopt($ch, CURLOPT_POST, 1);
//Set the post parameters
curl_setopt($ch, CURLOPT_POSTFIELDS, 'user='.$username.'&pass='.$password.'&submit=Submit');
//Handle cookies for the login
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($ch,CURLOPT_USERAGENT, "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.115 Safari/537.36");
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_COOKIEJAR, "cookie.txt");
curl_setopt($ch,CURLOPT_COOKIEFILE, "cookie.txt");
//Setting CURLOPT_RETURNTRANSFER variable to 1 will force cURL
//not to print out the results of its query.
//Instead, it will return the results as a string return value
//from curl_exec() instead of the usual true/false.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//execute the request (the login)
$store = curl_exec($ch);
//the login is now done and you can continue to get the
//protected content.
//set the URL to the protected file
//curl_setopt($ch, CURLOPT_URL, 'http://104.131.149.136/');
//execute the request
//$content = curl_exec($ch);
print_r(curl_error($ch));
print_r(curl_getinfo($ch));
print_r(curl_errno($ch));