Java 如何以编程方式登录网站?
我看过多个关于stackoverflow的例子,但都无法让它发挥作用 这是我需要以编程方式登录的url:http://powerschool.fortschools.org/public/ 我尝试过许多不同的方法,但都没有成功。以下是我目前的情况: 登录前的原始Url: 登录后的Url: 我认为在登录前已提交表单:Java 如何以编程方式登录网站?,java,javascript,android,login,powerschool,Java,Javascript,Android,Login,Powerschool,我看过多个关于stackoverflow的例子,但都无法让它发挥作用 这是我需要以编程方式登录的url:http://powerschool.fortschools.org/public/ 我尝试过许多不同的方法,但都没有成功。以下是我目前的情况: 登录前的原始Url: 登录后的Url: 我认为在登录前已提交表单: <form action="/guardian/home.html" method="post" name="LoginForm" target="_top" id="Log
<form action="/guardian/home.html" method="post" name="LoginForm" target="_top" id="LoginForm" onsubmit="doPCASLogin(this);">
<input type="hidden" name="pstoken" value="308732667SkW2oaVnhxqIqM5PzqdGWrXW4jdQoB8W">
<input type="hidden" name="contextData" value="2AA011214C3F506D76216C5B459574636E2269F51AC438EB11081A7C735345A8">
<input type="hidden" name="dbpw" value="">
<input type="hidden" name="translator_username" value="">
<input type="hidden" name="translator_password" value="">
<input type="hidden" name="translator_ldappassword" value="">
<input type="hidden" name="returnUrl" value="">
<input type="hidden" name="serviceName" value="PS Parent Portal">
<input type="hidden" name="serviceTicket" value="">
<input type="hidden" name="pcasServerUrl" value="/">
<input type="hidden" name="credentialType" value="User Id and Password Credential">
<h2>Parent Sign In</h2>
<!--box content-->
<div id="noscript" class="feedback-alert" style="display: none;"> To sign in to PowerSchool, you must use a browser that supports and has JavaScript enabled. </div>
<fieldset id="login-inputs" class="group">
<div>
<label>Username</label>
<input type="text" id="fieldAccount" name="account" value="" size="39">
</div>
<div>
<label>Password</label>
<input type="password" name="pw" value="" size="39"><div id="login-help"><a href="/public/account_recovery_begin.html">Having trouble signing in?</a></div>
</div>
<div id="translatorInput" style="display: none;">
<label>Translator Sign In</label>
<input type="password" name="translatorpw" value="" size="39">
</div>
<div class="button-row">
<button type="submit" id="btn-enter" title="Sign In To PowerSchool Parent Access" value="Enter" border="0">Sign In</button>
</div>
</fieldset>
<!-- box content-->
</form>
按下submit按钮后,表单更改为仅dbpw更改,这是两个单独的示例,因此pstoken和contextData确实更改:
这是在您完全登录之后
以下是我的代码不起作用:
public static final String POWERSCHOOLLOGINURL = "http://powerschool.fortschools.org/public/";
public static final String POWERSCHOOLLOGIN = "http://powerschool.fortschools.org/guardian/home.html";
public static void main(String[] args) throws IOException {
Map<String, String> nameToVal = new HashMap<String, String>();
nameToVal.put("pstoken", "308732667b2uBDHKHeNJc1XTXdgDSVwxzHfzldM9M");
nameToVal.put("contextData", "e1c94866f2ed77f3ae37bc1a2a477631");
nameToVal.put("dbpw", "29e3fdf45f7959a5e0c894ad01b34941");
nameToVal.put("translator_username", "");
nameToVal.put("translator_password", "");
nameToVal.put("translator_ldappassword", "");
nameToVal.put("returnUrl", "");
nameToVal.put("serviceName", "PS Parent Portal");
nameToVal.put("serviceTicket", "");
nameToVal.put("pcasServerUrl", "/");
nameToVal.put("credentialType", "User Id and Password Credential");
nameToVal.put("account", "horvste");
nameToVal.put("translatorpw", "");
nameToVal.put("returnUrl", "");
nameToVal.put("pcasServerUrl", "/");
nameToVal.put("credentialType", "User Id and Password Credential");
Map<String, String> cookies = new HashMap<String, String>();
cookies.put("JSESSIONID", "2C108FB2394FFE097E366BC3C34827B8");
cookies.put("lastHref",
"http%3A%2F%2Fpowerschool.fortschools.org%2Fguardian%2Fhome.html");
cookies.put("uiStateCont", "null");
cookies.put("uiStateNav", "null");
Document doc = Jsoup.connect(POWERSCHOOLLOGIN).cookies(cookies)
.data(nameToVal).method(Method.POST).post();
System.out.println(doc.toString());
}
注意:HtmlUnit不是一个可接受的答案,它的速度太慢,在android上不起作用。您必须模拟md5.js在提交表单时对表单所做的操作,md5.js可以在开发工具的“资源”选项卡中找到:
function doPCASLogin(form) {
var originalpw = form.pw.value;
var b64pw = b64_md5(originalpw);
var hmac_md5pw = hex_hmac_md5(pskey, b64pw)
form.pw.value = hmac_md5pw;
form.dbpw.value = hex_hmac_md5(pskey, originalpw.toLowerCase())
if (form.ldappassword!=null) {
// LDAP is enabled, so send the clear-text password
// Customers should have SSL enabled if they are using LDAP
form.ldappassword.value = originalpw; // Send the unmangled password
}
// Translator Login
var translatorpw = form.translatorpw.value;
var i = translatorpw.indexOf(";");
if (i < 0) {
form.translator_username.value = translatorpw;
form.translator_password.value = "";
}
else {
form.translator_username.value = translatorpw.substring(0,i);
translatorpw = translatorpw.substring(i+1); // Get the password
translatorpw2 = translatorpw;
translatorpw = b64_md5(translatorpw); // Added in move to pcas
form.translator_password.value = hex_hmac_md5(pskey, translatorpw);
if (form.translator_ldappassword!=null) {
// LDAP is enabled, so send the clear-text password
// Customers should have SSL enabled if they are using LDAP
form.translator_ldappassword.value = translatorpw2; // Send the pw for LDAP
}
}
return true;
}
我有不同的方法。我知道我的代码是PHP,而不是Java,但它仍然可能激励人们将其改编成另一种语言。想法很简单:1-捕获整个登录网页,2-更改操作,3-向输入添加用户名和密码,4-以编程方式单击提交按钮。以下是PHP代码,其中包含OP想要的网站的4个特定步骤:
▬▬1▬▬
$page = file_get_contents( "http://powerschool.fortschools.org/public" );
▬▬2▬▬
$page = str_replace( 'action="/guardian/home.html"',
'action="https://powerschool.fortschools.org/guardian/home.html"',
$page );
▬▬3▬▬
$page = str_replace(
'<input type="text" id="fieldAccount" name="account" value="" size="39" />',
'<input type="text" id="fieldAccount" name="account" value="■█■█■" size="39" />',
$page );
$page = str_replace(
'<input type="password" id="fieldPassword" name="pw" value="" size="39" autocomplete="new-password" />',
'<input type="password" id="fieldPassword" name="pw" value="■█■█■" size="39" autocomplete="new-password" />',
$page );
▬▬4▬▬
echo "$page
<script>
document.getElementById('btn-enter-sign-in').click();
</script>";
■█■█■ 表示用户名和密码
我无法使用它登录,因为它不允许我创建一个帐户来测试它,它会询问该学校孩子的ID,但我使用此代码以编程方式进入其他网站
顺便说一句,必须更改操作才能在本地运行此代码是的,在本地主机上运行效果很好。具有跨站点脚本验证的站点将拒绝此登录。什么是跨站点脚本?找到了我该怎么走it@Dalorzo是否因为我正在复制和粘贴会话数据?即dbpw、contextdata、pstoken等进入我的代码?它们有更简单的方法吗?似乎有很多工作不是懒惰而是努力提高效率。我将如何模拟这个?每次登录时,我的密码都保持不变。我查看了提交的表单。我不确定您正在设置的cookies,但至少,您缺少键值映射中的pw键,您是否也尝试过使用该键进行发布?是的,我尝试过。我再试了一次,结果还是不行。问题中的代码是我最近的代码。在发布这个问题之前,我尝试了许多不同的方式登录,但仍然没有成功。我认为pstoken和contextData是用来散列用户密码的。果不其然,我遇到了这样一个问题:似乎过去有人试图以自动方式登录。您必须为pstoken和contextData清除登录页面,并执行类似于此用户在PHPI中所做的操作。我将为您留下此链接,以帮助您构建pw所需的md5 hmac字符串: