c# - How to sign in to other websites using asp.net? - Stack Overflow

admin管理员组

文章数量:1315290

I am trying to make a website that can sign into other websites for the users, and grab certain information. For example: a web based game forum that automatically pulls your game statistics. My website would have to navigate to the game url, fill in the user name and password, sign in, then read the html once signed in (this is the easy part, for which I would simply use the HTML agility pack or something similar). Is this sign in process possible with asp?

I am trying to make a website that can sign into other websites for the users, and grab certain information. For example: a web based game forum that automatically pulls your game statistics. My website would have to navigate to the game url, fill in the user name and password, sign in, then read the html once signed in (this is the easy part, for which I would simply use the HTML agility pack or something similar). Is this sign in process possible with asp?

• c#
• javascript
• asp

Share Improve this question Follow edited Dec 19, 2020 at 9:41 peterh 1 asked Mar 15, 2011 at 16:55 RobRob 7,2261717 gold badges6969 silver badges9797 bronze badges

Add a ment  | 

6 Answers 6

Sorted by: Reset to default 4

Yes.

Don't think of it so much as going to the page and filling stuff in. You're going to need to create a web request that contains the proper HTTP headers and data, that will look to their server to be someone that filled everything in. You'll need to look at the site you're trying to do this with for specifics, but I'd assume they're sending over a set of POST data when you click sign in. Example, pulled from MSDN and modified to be closer what you need (first few lines):

WebRequest request = WebRequest.Create ("http:/www.site./loginPostback");
request.Method = "POST";
// Create POST data and convert it to a byte array.
string postData = "username=blah;password=blah";
byte[] byteArray = Encoding.UTF8.GetBytes (postData);
// Set the ContentType property of the WebRequest.
request.ContentType = "application/x-www-form-urlencoded";
// Set the ContentLength property of the WebRequest.
request.ContentLength = byteArray.Length;
// Get the request stream.
Stream dataStream = request.GetRequestStream ();
// Write the data to the request stream.
dataStream.Write (byteArray, 0, byteArray.Length);
// Close the Stream object.
dataStream.Close ();
// Get the response.
WebResponse response = request.GetResponse ();
// Display the status.
Console.WriteLine (((HttpWebResponse)response).StatusDescription);
// Get the stream containing content returned by the server.
dataStream = response.GetResponseStream ();
// Open the stream using a StreamReader for easy access.
StreamReader reader = new StreamReader (dataStream);
// Read the content.
string responseFromServer = reader.ReadToEnd ();
// Display the content.
Console.WriteLine (responseFromServer);
// Clean up the streams.
reader.Close ();
dataStream.Close ();
response.Close ();

You could then check the response stream for the HTML the server sent back after login for the information you need.

That being said, you might want to contact them and see if they have an API. If they change how their login form works you'll break. Or, if that site supports something like OAuth, go that route.

Login processes vary from site to site. Use Fiddler2 and log in normally to the site first to see what info you need. Then in your code use WebClient to set the correct parameters and log in. Then mind the cookies! WebClient will return cookies. If you grab several pages make sure you set the cookies again so you are still logged in.

In rare cases HTTP authentication is used. If so just set the Credentials in WebClient before the request is made.

This sounds like a job for OpenID.

Typically for things like this people use SSO (Single Sign On).

You can however perform a post injection against the site that you want to login using .Net. It takes a little work and you will need to know where the form posts and the values that get passed. Also you will have to add a different post injection per site that you try to login to (which will get pretty messy).

I remend the SSO if possible.

It depends a lot on how authentication is implemented on the destination website. But when it es right down to it, it's all HTML and HTTP [headers], so it's definitely doable.

Handling all the possible authentication schemes is going to be a nightmare though, so good luck. =)

Why not consider some other authentication mechanism through a popular site like OpenID, Facebook, or some openly available authorization store?

Brian

本文标签： cHow to sign in to other websites using aspnetStack Overflow