0

I am trying to login to one web page via my Windows Form application (VB 2010) and get some response, but I don't know how to do it.

The server service is described here: https://api.developer.betfair.com/services/webapps/docs/display/1smk3cen4v3lu3yomq5qye0ni/Interactive+Login+from+a+Desktop+Application

On beginning I tried to insert WebBrowser Control to my form, but I read many articles, also here, that using BeforeNavigate2 event is an old way.

I would like to do this:

  1. Send HTTP request to webserver including username and password
  2. Catch the post data sent to the redirect URL
  3. Read the POST request body an get loginStatus and productToken (SSOID)

This is my code:

Private Sub getPOST()
    ' Create a request for the URL
    Dim request As WebRequest = _
        WebRequest.Create("https://identitysso.betfair.com/view/login?product=82&url=https://www.betfair.com&username=abc&password=abc")
    request.Method = "POST"
    ' Get the response
    Dim response As HttpWebResponse = CType(request.GetResponse(), HttpWebResponse)
    ' Get the stream containing content returned by the server.
    Dim dataStream As Stream = response.GetResponseStream()
    ' Open the stream using a StreamReader for easy access.
    Dim reader As New StreamReader(dataStream)
    ' Read the content.
    Dim responseFromServer As String = reader.ReadToEnd()
    ' Display the content.
    RichTextBox1.Text = responseFromServer
    ' Cleanup the streams and the response.
    reader.Close()
    dataStream.Close()
    response.Close()
End Sub

But this code returns HTML code of page where are not loginStatus and SSOID.

skdan
  • 5
  • 1
  • 5
  • You have two (main) options: either emulating what an user would do or rely on the given site's functionalities (API for example); in this second case, you would have to follow the site's instructions. In case of choosing the first option, you would have to make sure that you account properly for the security of the given site, what might avoid to use certain methods (at least, in its default configuration). From your description it is not completely clear to me why you decided to not use the Webbrowser; in principle, it seems to be the easiest/programmer-friendly alternative... – varocarbas Nov 23 '13 at 10:11
  • ... just create a webbrowser navigating to the login page, within the completely-loaded document, look for the fields (e.g., "username" and "password") and for the button ("login"), just execute the given commands (change values and click on button) and see how the browser navigates to the given logged-in page (in case everything went fine). There are plently of webbrowser codes you can take a look at and, by bearing in mind that this is a pretty big site, you might even find implementations dealing with this specific issue. Not too much experience on what you did, but don't seem right. – varocarbas Nov 23 '13 at 10:15
  • I read the answer of this topic [link](http://stackoverflow.com/questions/141626/how-can-i-access-postdata-from-webbrowser-navigating-event-handler) and I also tried to use .NET WebBrowser to get POST data, or find some existing solution this way, but without success. – skdan Nov 23 '13 at 10:37
  • This post is not facing the problem as I proposed. There are plenty of codes doing it as I am saying. Example after a really quick search: http://stackoverflow.com/questions/11020808/vb-net-web-browser-login Firstly you have to build the browser and get the document (pretty easy; tons of resources too). Relying on POST is, basically, adapting web-related concepts (PHP ones) to .NET what is usually a bad approach. Better using the default objects in .NET (browsing via WebBrowser) than intending to emulate what is done somewhere else (.NET is able to do many things in many different ways). – varocarbas Nov 23 '13 at 10:41
  • I believe, that there is better to solve this problem via WebBrowser Componet. I will try it. Thanks. – skdan Nov 23 '13 at 12:16
  • After looking at the answer you got, want to clarify that I was expecting you to take the first aforementioned approach: emulating what the user does. If you rely on the API, you would have to follow the site's instructions. Unfortunately, most of the API instructions (at least, some time ago) were given in "pure" web languages (PHP, JavaScript, etc.) and, usually, intending to adapt this code to your .NET applications drives to an endless list of errors difficult or impossible to be fixed. That's why "don't rely in POST" suggestion (= generic idea, in case of being allowed to choose). – varocarbas Nov 23 '13 at 19:45
  • That API of that server is new and will soon replace the old one. I don't know the old API nor the new one. Now I am on beginning. On beginning I posted the link with official description, which points to more solutions, how to login. Now I would like only to login and get SSOID from my Windows Form application. Until now I understand, that there are 2 ways: embed WebBrowser or HttpWebReques. I really don't know, which is the officialy preffered way of that server. – skdan Nov 23 '13 at 20:16
  • And API will never tell you how to do access the page with the WebBrowser (APIs are via requests). Ideally, the given site would include valid .NET codes, relying on pure .NET. The WebBrowser is completely independent upon having an API or not; it is basically emulating what a person does when inputting data in the fields and clicking on the button. I didn't write an answer showing a sample because I am not sure if it works with this site and this kind of things have usually associated long periods of "it does not work" and I have had a really looong day with endless discussions :) – varocarbas Nov 23 '13 at 20:24
  • But getting a working code delivering something on these lines is pretty easy: take a look at some codes to know how to build the webbrowser (if you don't know), retrieve the elements in the document and use the link above to input data in the fields and click on the button. It might be worth trying. – varocarbas Nov 23 '13 at 20:26
  • I already tried something and I will continue tomorrow. Thank you for your time. – skdan Nov 23 '13 at 20:35
  • You are welcome (bis). – varocarbas Nov 23 '13 at 20:51

1 Answers1

0

I examined this page and discovered there are a few problems with your code: First you are posting to the wrong URL because the www.betfair.com/view/login form has action="/api/login", not "/view/login". Second, you are passing your username/password in the QueryString rather than in POSTDATA... this form uses method=post. Third, you are not passing all required fields. This code snippet should remedy these described problems, as well as answer your question about obtaining the redirect URL:

Sub TestWebClient()

    ' Create a request for the URL
    ' You were using the wrong URL & passing the values improperly
    ' I also changed this to HttpWebRequest, used to be WebRequest.
    Dim request As HttpWebRequest = WebRequest.Create("https://identitysso.betfair.com/api/login") '
    request.Method = "POST"

    ' New code added
    request.ContentType = "application/x-www-form-urlencoded"

    ' New code added, this prevents the following of the 302 redirect in the Location header
    request.AllowAutoRedirect = False

    ' New code added, this sends the values as POSTDATA, which is contained inside the HTTP POST request rather than in the URL
    Using writer As New StreamWriter(request.GetRequestStream)
        writer.Write("username=abc")
        writer.Write("&password=abc")
        writer.Write("&login=true")
        writer.Write("&redirectMethod=POST")
        writer.Write("&product=82")
        writer.Write("&url=https://www.betfair.com/")
        writer.Write("&ioBlackBox=")
    End Using

    ' Get the response
    ' This will print the Location header (aka "Redirect URL") on the screen for you
    ' Make decisions as needed.
    Dim response As HttpWebResponse = request.GetResponse()
    Console.WriteLine("HTTP RESPONSE HEADERS:")
    For Each item In response.Headers
        Console.WriteLine(item & "=" & response.Headers(item))
    Next
    Console.ReadLine()

End Sub
laylarenee
  • 3,276
  • 7
  • 32
  • 40
  • Your code looks very good, but I get answer from server (https://identitysso.betfair.com/view/login?redirectMethod=POST&errorCode=INPUT_VALIDATION_ERROR) and I should get INVALID_USERNAME_OR_PASSWORD. May be, we need some little change in your code. Thanks. – skdan Nov 23 '13 at 16:10
  • I cant officially test this because I don't have a log in on this site, but I can replicate most of the behavior locally. I altered the answer... Looks like you need to include an ampersand (&) when sending multiple POST values. – laylarenee Nov 23 '13 at 16:37
  • I get correct answer from server with ampersand, INVALID_USERNAME_OR_PASSWORD, but I get this message also when I put correct username and password. Anyway I am much closer to find the solution now. Thank you very much. – skdan Nov 23 '13 at 16:59
  • Can you log into the website manually using the same username & password? – laylarenee Nov 23 '13 at 19:24
  • Yes, I can login manually. I think, your code is OK, but the problem is may be the very short time for the request. I read something about asynchronous request, but this is little bit more complicated. May be this is the way to go. But I would like to try also WebBrowser component and get POST there. Now I am not sure, which way is better. – skdan Nov 23 '13 at 20:03