How to programmatically enter the site?
I have looked at several examples on stackoverflow and cannot get it to work.
This is the URL I need to enter the program: http://powerschool.fortschools.org/public/
I have tried many different ways with no success. Here's what I currently have:
Original URL before login: http://powerschool.fortschools.org/public/
Url after login: http://powerschool.fortschools.org/guardian/home.html
The form, I think, is submitted before login:
<form action="/guardian/home.html" method="post" name="LoginForm" target="_top" id="LoginForm" onsubmit="doPCASLogin(this);">
<input type="hidden" name="pstoken" value="308732667SkW2oaVnhxqIqM5PzqdGWrXW4jdQoB8W">
<input type="hidden" name="contextData" value="2AA011214C3F506D76216C5B459574636E2269F51AC438EB11081A7C735345A8">
<input type="hidden" name="dbpw" value="">
<input type="hidden" name="translator_username" value="">
<input type="hidden" name="translator_password" value="">
<input type="hidden" name="translator_ldappassword" value="">
<input type="hidden" name="returnUrl" value="">
<input type="hidden" name="serviceName" value="PS Parent Portal">
<input type="hidden" name="serviceTicket" value="">
<input type="hidden" name="pcasServerUrl" value="/">
<input type="hidden" name="credentialType" value="User Id and Password Credential">
<h2>Parent Sign In</h2>
<!--box content-->
<div id="noscript" class="feedback-alert" style="display: none;"> To sign in to PowerSchool, you must use a browser that supports and has JavaScript enabled. </div>
<fieldset id="login-inputs" class="group">
<div>
<label>Username</label>
<input type="text" id="fieldAccount" name="account" value="" size="39">
</div>
<div>
<label>Password</label>
<input type="password" name="pw" value="" size="39"><div id="login-help"><a href="/public/account_recovery_begin.html">Having trouble signing in?</a></div>
</div>
<div id="translatorInput" style="display: none;">
<label>Translator Sign In</label>
<input type="password" name="translatorpw" value="" size="39">
</div>
<div class="button-row">
<button type="submit" id="btn-enter" title="Sign In To PowerSchool Parent Access" value="Enter" border="0">Sign In</button>
</div>
</fieldset>
<!-- box content-->
</form>
After clicking the submit button, the form changes to it (only dbpw changes (these were two separate examples, so pstoken and contextData changed)):
This is after you are "fully logged in"
Here is my code (doesn't work):
public static final String POWERSCHOOLLOGINURL = "http://powerschool.fortschools.org/public/";
public static final String POWERSCHOOLLOGIN = "http://powerschool.fortschools.org/guardian/home.html";
public static void main(String[] args) throws IOException {
Map<String, String> nameToVal = new HashMap<String, String>();
nameToVal.put("pstoken", "308732667b2uBDHKHeNJc1XTXdgDSVwxzHfzldM9M");
nameToVal.put("contextData", "e1c94866f2ed77f3ae37bc1a2a477631");
nameToVal.put("dbpw", "29e3fdf45f7959a5e0c894ad01b34941");
nameToVal.put("translator_username", "");
nameToVal.put("translator_password", "");
nameToVal.put("translator_ldappassword", "");
nameToVal.put("returnUrl", "");
nameToVal.put("serviceName", "PS Parent Portal");
nameToVal.put("serviceTicket", "");
nameToVal.put("pcasServerUrl", "/");
nameToVal.put("credentialType", "User Id and Password Credential");
nameToVal.put("account", "horvste");
nameToVal.put("translatorpw", "");
nameToVal.put("returnUrl", "");
nameToVal.put("pcasServerUrl", "/");
nameToVal.put("credentialType", "User Id and Password Credential");
Map<String, String> cookies = new HashMap<String, String>();
cookies.put("JSESSIONID", "2C108FB2394FFE097E366BC3C34827B8");
cookies.put("lastHref",
"http%3A%2F%2Fpowerschool.fortschools.org%2Fguardian%2Fhome.html");
cookies.put("uiStateCont", "null");
cookies.put("uiStateNav", "null");
Document doc = Jsoup.connect(POWERSCHOOLLOGIN).cookies(cookies)
.data(nameToVal).method(Method.POST).post();
System.out.println(doc.toString());
}
note: HtmlUnit is not an acceptable answer (it slows down and doesn't work on Android).
source to share
You will need to simulate what md5.js (which can be found in the resources tab of the dev tools) does with the form on submit:
function doPCASLogin(form) {
var originalpw = form.pw.value;
var b64pw = b64_md5(originalpw);
var hmac_md5pw = hex_hmac_md5(pskey, b64pw)
form.pw.value = hmac_md5pw;
form.dbpw.value = hex_hmac_md5(pskey, originalpw.toLowerCase())
if (form.ldappassword!=null) {
// LDAP is enabled, so send the clear-text password
// Customers should have SSL enabled if they are using LDAP
form.ldappassword.value = originalpw; // Send the unmangled password
}
// Translator Login
var translatorpw = form.translatorpw.value;
var i = translatorpw.indexOf(";");
if (i < 0) {
form.translator_username.value = translatorpw;
form.translator_password.value = "";
}
else {
form.translator_username.value = translatorpw.substring(0,i);
translatorpw = translatorpw.substring(i+1); // Get the password
translatorpw2 = translatorpw;
translatorpw = b64_md5(translatorpw); // Added in move to pcas
form.translator_password.value = hex_hmac_md5(pskey, translatorpw);
if (form.translator_ldappassword!=null) {
// LDAP is enabled, so send the clear-text password
// Customers should have SSL enabled if they are using LDAP
form.translator_ldappassword.value = translatorpw2; // Send the pw for LDAP
}
}
return true;
}
source to share