The question is clear I hope.
I want log in to DeviantArt through my application and I found stuff but it just doesn't seem to work...
Here's my code(running in a thread):
//===========================================
// Login
//===========================================
string formUrl = "https://www.deviantart.com/users/login";
string formParams = string.Format("login-username={0}&login-password={1}", "mai username", "mai password");
string cookieHeader;
System.Net.WebRequest req = System.Net.WebRequest.Create(formUrl);
req.ContentType = "application/x-www-form-urlencoded";
req.Method = "POST";
byte[] bytes = Encoding.ASCII.GetBytes(formParams);
req.ContentLength = bytes.Length;
using (Stream os = req.GetRequestStream())
{
os.Write(bytes, 0, bytes.Length);
}
//=========Send Cookie=============
System.Net.WebResponse resp = req.GetResponse();
cookieHeader = resp.Headers["Set-cookie"];
string pageSource;
using (StreamReader sr = new StreamReader(resp.GetResponseStream()))
{
pageSource = sr.ReadToEnd();
}
string getUrl = "http://www.deviantart.com/users/loggedin";
System.Net.WebRequest getRequest = System.Net.WebRequest.Create(getUrl);
getRequest.Headers.Add("Cookie", cookieHeader);
System.Net.WebResponse getResponse = getRequest.GetResponse();
I get a 403 error at the last line where I'm trying to get response. Some information about DeviantArt: 1: You can access pages etc. but you can't comment or anything. 2: When I tried to check if deviantart.com existed it gave me a 403 no permission error so that's why I'm trying to log in. When I write pageSource to a textfile I get this. What do I do wrong and how do I fix it? because I really have no clue why this isn't working...
PS: Alternate ways to do this are also welcome except Selenium
Related
I'm stucked here at getting a WebResponse from HTTPWebRequest.
The WebRequest.GetResponse() Method throws a WebException
("500 Internal Server Error"). When i read the returned HTML it says:
HTTP 403: Forbidden ('_xsrf' argument missing from POST)
Anyone knows this Error or knows what Im doing wrong?
(Im trying to log in to a Website using POST)
EDIT:
My sourcecode:
private String GetLoginCookies(String pHTTPurl, String pUserIDwithFormID, String pPasswordWithFormID)
{
String loginPageUrl = pHTTPurl;
CookieContainer cookieContainer = new CookieContainer();
var Request = (HttpWebRequest)WebRequest.Create(loginPageUrl);
Request.CookieContainer = cookieContainer;
Request.Method = "GET";
WebResponse Response = Request.GetResponse();
HttpWebResponse HttpResponse = Response as HttpWebResponse;
CookieCollection cookies = null;
if (HttpResponse != null)
{
//Cookies die benötigt werden um den Loginvorgang abzuschließen
cookies = HttpResponse.Cookies;
}
string formParams = string.Format(pUserIDwithFormID + "&" + pPasswordWithFormID);
Request = (HttpWebRequest)WebRequest.Create(loginPageUrl);
Request.CookieContainer = cookieContainer;
Request.UserAgent = "I am not a Bot! Ok maybe..";
WebResponse resp = null;
Request.ContentType = "application/x-www-form-urlencoded";
Request.Method = "POST";
byte[] bytes = Encoding.ASCII.GetBytes(formParams);
Request.ContentLength = bytes.Length;
using (Stream os = Request.GetRequestStream())
{
os.Write(bytes, 0, bytes.Length);
}
try
{
resp = Request.GetResponse();
using (StreamReader sr = new StreamReader(resp.GetResponseStream()))
{
String TestResponse = sr.ReadToEnd();
}
}
catch (WebException WE)
{
DebugConsole.AppendText("HTTP Error:" + WE.Message + Environment.NewLine);
String HTML = new StreamReader(WE.Response.GetResponseStream()).ReadToEnd();
DebugConsole.AppendText(HTML);
return null;
}
String cookieHeader = resp.Headers["Set-cookie"];
if (String.IsNullOrEmpty(cookieHeader))
return null;
else
return cookieHeader;
}
This is actually because the web method requires anti csrf (cross site request forgery, more info here: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)) validation parameter. What you can do, is to append the csrf value to the request header:
postHeaders.Add("X-CSRFToken", CSRF);
Maybe you can paste your source code here if you need any help with that, so we can look after it
OK! Solution found!
After getting the response of the Log-In site, search in the "Set-cookie" Header for _xsrf. This is the Token you have to put in the header of the next POST request.
I want to get a csv file from mint.com and manipulate it in C#. I have to log in to do this. I have followed the suggestions of another post on Stack Overflow and have come up with the following code. Unfortunately, the result I get is not the intended CSV but instead an error page. Any insight into what I am doing wrong or how I could do this another way?
string cookieHeader = CookieHeaderFromMintLogin("myusername","mypassword");
string csvURL = "https://wwws.mint.com/transactionDownload.event?queryNew=&offset=0&filterType=cash&comparableType=8";
string csv = getResponseWithCookies(csvURL, cookieHeader);
string CookieHeaderFromMintLogin(string username, string password)
{
string formUrl = "https://wwws.mint.com/loginJumper.event"; // NOTE: This is the URL the form POSTs to, not the URL of the form (you can find this in the "action" attribute of the HTML's form tag
string formBuilId = HttpUtility.UrlEncode("form-NAjKdtCT8Z5SuyDHTsmRREioaCMXVEJZpt8-9oaSMEY");
string formId = HttpUtility.UrlEncode("mint_auth_mint_com_login_form");
username = HttpUtility.UrlEncode(username);
password = HttpUtility.UrlEncode(password);
string formParams = string.Format("username={0}&password={1}&form_build_id={2}&form_id={3}", username, password, formBuilId,formId);
WebRequest req = WebRequest.Create(formUrl);
req.ContentType = "application/x-www-form-urlencoded";
req.Method = "POST";
byte[] bytes = Encoding.ASCII.GetBytes(formParams);
req.ContentLength = bytes.Length;
using (Stream os = req.GetRequestStream())
{
os.Write(bytes, 0, bytes.Length);
}
WebResponse resp = req.GetResponse();
return resp.Headers["Set-cookie"];
}
string getResponseWithCookies(string getUrl, string cookieHeader)
{
string pageSource;
WebRequest getRequest = WebRequest.Create(getUrl);
getRequest.Headers.Add("Cookie", cookieHeader);
WebResponse getResponse = getRequest.GetResponse();
using (StreamReader sr = new StreamReader(getResponse.GetResponseStream()))
{
pageSource = sr.ReadToEnd();
}
return pageSource;
}
i used following code to get the access token from code as below
String code = HttpContext.Current.Request["code"];
string redirecturl = HttpContext.Current.Request["url"];
string Url = "https://accounts.google.com/o/oauth2/token";
string grant_type = "authorization_code";
string redirect_uri_encode = UrlEncodeForGoogle(url);
string data = "code={0}&client_id={1}&client_secret={2}&redirect_uri={3}&grant_type={4}&access_type={5}";
HttpWebRequest request = HttpWebRequest.Create(Url) as HttpWebRequest;
string result = null;
request.Method = "POST";
request.KeepAlive = true;
request.ContentType = "application/x-www-form-urlencoded";
string param = string.Format(data, code,configurationInfo.oauthclientid , configurationInfo.oauthclientsecretid, redirect_uri_encode, grant_type, "offline");
var bs = Encoding.UTF8.GetBytes(param);
using (Stream reqStream = request.GetRequestStream())
{
reqStream.Write(bs, 0, bs.Length);
}
using (WebResponse response = request.GetResponse())
{
var sr = new StreamReader(response.GetResponseStream());
result = sr.ReadToEnd();
sr.Close();
}
i am getting response as
The remote server returned an error: (400) Bad Request.
i do not know where i went wrong
waiting for your valuable comments
Google also provides a higher level library for accessing its services. I find it makes it much easier to work with its APIs.
http://code.google.com/p/google-api-dotnet-client/
I have figured out(by inspecting both the website its-self and the response form the website when using my C# application) that the website in question does not use the form's nor cookies to do the secure connections so I am wondering if anyone knows of a way to potentially use the SSL certificate or the website headers(which by all accounts I think do have a cookie in them), to allow the log-in and then download of a certain file.
Could I get code examples or links to ways to use the headers to log-in to a site is what I am asking, I have all the necessary credentials just not the extensive knowledge to use them.
Thanks a bunch.
public void downloadStuff()
{
string formUrl = "https://secure.website.co.nz/extension/Login.aspx";
string formParams = string.Format("ctl00_main_Login1_UserName={0}&ctl00_main_Login1_Password={1}", "*********", "************");
string cookieHeader;
WebRequest req = WebRequest.Create(formUrl);
req.ContentType = "application/x-www-form-urlencoded";
req.Method = "POST";
byte[] bytes = Encoding.ASCII.GetBytes(formParams);
req.ContentLength = bytes.Length;
using (Stream os = req.GetRequestStream())
{
os.Write(bytes, 0, bytes.Length);
}
WebResponse resp = req.GetResponse();
cookieHeader = resp.Headers["Set-cookie"];
string pageSource;
string getUrl = "https://secure.website.co.nz/extension/Downloader.axd?x=stock-all";
WebRequest getRequest = WebRequest.Create(getUrl);
getRequest.Headers.Add("Cookie", cookieHeader);
WebResponse getResponse = getRequest.GetResponse();
using (StreamReader sr = new StreamReader(getResponse.GetResponseStream()))
{
WebClient exeed = new WebClient();
exeed.DownloadFileAsync(new Uri(#"https://secure.website.co.nz/extension/Downloader.axd?x=stock-all"), "test.txt");
pageSource = sr.ReadToEnd();
}
}
Note: This question was also put up because if what I have done is correct, I would not know how to use a cookie to download a file. Potentially example code of how to capture and use a cookie and or a header would be the best option.
Thanks, This was an edit!
I need to login to a website a download the source code from various pages when logged in. I am able to do this quite easily when using the Windows Forms WebBrowser class, however this is not appropiate and I need to be able to do this with WebRequest or one of the others. Unfortunately it doesn't like how I am handling the cookies.
I am using the following code and get the following response: {"w_id":"LoginForm2_6","message":"Please enable cookies in your browser so you can log in.","success":0,"showLink":false}
string url2 = "%2Fapp%2Futils%2Flogin_form%2Fredirect%2Fhome";
string login = "username";
string password = "password";
string w_id = "LoginForm2_6";
string loginurl = "http://loginurl.com";
string cookieHeader;
WebRequest req = WebRequest.Create(loginurl);
req.Proxy = WebRequest.DefaultWebProxy;
req.Credentials = System.Net.CredentialCache.DefaultNetworkCredentials;
req.Proxy.Credentials = System.Net.CredentialCache.DefaultNetworkCredentials;
req.ContentType = "application/x-www-form-urlencoded; charset=UTF-8";
req.Method = "POST";
string postData = string.Format("w_id={2}&login={0}&password={1}&url2={3}", login, password, w_id, url2);
byte[] bytes = Encoding.ASCII.GetBytes(postData);
req.ContentLength = bytes.Length;
using (Stream os = req.GetRequestStream())
{
os.Write(bytes, 0, bytes.Length);
}
WebResponse resp = req.GetResponse();
cookieHeader = resp.Headers["Set-cookie"];
string pageSource = "";
using (StreamReader sr = new StreamReader(resp.GetResponseStream()))
{
pageSource = sr.ReadToEnd();
}
richTextBox1.Text = pageSource;
If anyone could tell me where I'm going wrong, it would be greatly appreciated.
Also, to let you know, if I use the following with the webbrowser class, it works in fine:
b.Navigate(fullurl, "", enc.GetBytes(postData), "Content-Type: application/x-www-form-urlencoded\r\n");
I know this is old to reply, but the user Matthew Brindley answered similar question with a completely working example. The question is about accessing to the
source code of a website that requires user login previously. All done from a C# application using WebRequest and WebResponse