0

I'm trying to find a way to log into the Amazon SellerCentral account via PHP, I fund this script

https://github.com/mindevolution/amazonSellerCentralLogin

which in theory should work but I'm being redirected to the login page everytime I run it.

Also, I tried PhantomJS + CasperJS but without any luck, the first problem I had with that approach is that I need to disable 2-factor authentication and the second problem was that I'm getting captchas which I can't solve via code.

Here is the CasperJS code I tried:

var urlBeforeLoggedIn = "https://sellercentral.amazon.com/gp/homepage.html";
var urlAfterLoggedIn = "https://sellercentral.amazon.com/";


var casper = require('casper').create({
     pageSettings: {
         loadImages: false,
         loadPlugins: false,
         userAgent: 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36'
    }
 });


casper.start(urlBeforeLoggedIn);

casper.waitForSelector('form[name="signIn"]', function() {
    casper.fillSelectors('form[name="signIn"]', {
      'input[name="email"]': 'some_username',
      'input[name="password"]': 'some_password'
    }, true);

});


 casper.waitForUrl(urlAfterLoggedIn, function() {
    this.viewport(3000, 1080);
    this.capture('./testscreenshot.png', {top: 0,left: 0,width: 3000, height: 
1080});
});

  casper.run();
xcentric
  • 41
  • 5

1 Answers1

0

not an answer, but too long to post as a comment.

Do not parse html with regex., use a proper HTML parser instead, like DOMDocument & DOMXPath. i don't have an account to test with, but this should get you past the first login page, with a correct email & password,

<?php
declare(strict_types=1);
header("content-type: text/plain;charset=utf-8");
$email="em@ail.com";
$password="passw0rd";
$ch=curl_init();
curl_setopt_array($ch,array(
    CURLOPT_AUTOREFERER => true,
    CURLOPT_BINARYTRANSFER => true,
    CURLOPT_FOLLOWLOCATION => true,
    CURLOPT_SSL_VERIFYPEER => false,
    CURLOPT_CONNECTTIMEOUT => 4,
    CURLOPT_TIMEOUT => 8,
    CURLOPT_COOKIEFILE => "", // <<makes curl save/load cookies across requests..
    CURLOPT_ENCODING => "", // << makes curl post all supported encodings, gzip/deflate/etc, makes transfers faster
    CURLOPT_USERAGENT => 'whatever; curl/' . (curl_version() ['version']) . ' (' . (curl_version() ['host']) . '); php/' . PHP_VERSION,
    CURLOPT_RETURNTRANSFER=>1,
    CURLOPT_URL=>'https://sellercentral.amazon.com/gp/homepage.html',
));
$html=curl_exec($ch);
//var_dump($html) & die();
$domd=@DOMDocument::loadHTML($html);
$xp=new DOMXPath($domd);
$form=$xp->query("//form[@name='signIn']")->item(0);
$inputs=[];
foreach($form->getElementsByTagName("input") as $input){
    $name=$input->getAttribute("name");
    if(empty($name) && $name!=="0"){
        continue;
    }
    $inputs[$name]=$input->getAttribute("value");
}
assert(isset($inputs['email'],$inputs['password'],
$inputs['appActionToken'],$inputs['workflowState'],
$inputs['rememberMe']),"missing form inputs!");
$inputs["email"]=$email;
$inputs["password"]=$password;
$inputs["rememberMe"]="false";
$login_url=$form->getAttribute("action");
var_dump($inputs,$login_url);
curl_setopt_array($ch,array(
CURLOPT_URL=>$login_url,
CURLOPT_POST=>1,
CURLOPT_POSTFIELDS=>http_build_query($inputs)
));
$html=curl_exec($ch);
$domd=@DOMDocument::loadHTML($html);
$xp=new DOMXPath($domd);
$loginErrors=[];
// warning-message-box is also used for login *errors*, amazon web devs are just being stupid with the names.
foreach($xp->query("//*[contains(@id,'error-message-box')]|//*[contains(@id,'warning-message-box')]") as $loginError){
    $loginErrors[]=preg_replace("/\s+/"," ",trim($loginError->textContent));
}
if(!empty($loginErrors)){
    echo "login errors: ";
    var_dump($loginErrors);
    die();
}
//var_dump($html);
echo "login successful!";

the important takeaway here is

$domd=@DOMDocument::loadHTML($domd);
$xp=new DOMXPath($domd);
$form=$xp->query("//form[@name='signIn']")->item(0);
$inputs=[];
foreach($form->getElementsByTagName("input") as $input){
    $name=$input->getAttribute("name");
    if(empty($name) && $name!=="0"){
        continue;
    }
    $inputs[$name]=$input->getAttribute("value");
}

that's how most website login pages can be parsed for login info.

I'm getting captchas which I can't solve via code

deathbycaptcha api to the rescue: http://www.deathbycaptcha.com/user/api

hanshenrik
  • 19,904
  • 4
  • 43
  • 89
  • This seems to work, however, amazon requires two-step-auth to log in. I normally don't have to receive a text message because there's an option to not require it when accessing your account from this browser. It sets a cookie I guess, and knows I've authenticated already. This program doesn't seem to recognize that and sets off the 2-step auth. Any way to get past that? – CheeseFlavored Nov 17 '22 at 17:20