问题:
使用表单数据发布登录网站的请求返回400-错误请求
鲁靖
我正在尝试使用以下凭据登录此网站(不用担心,它是匿名的):
用户='MattieBailey@mailinator.com'密码='thx9jD3SkrssPKY'
当我手动登录时,我看到Chrome inspector视图中有一个POST请求和一个GET请求。
然而,当我试图用python模拟这些请求时,我得到了400个POST请求的坏请求。GET请求返回200-OK,并向我发送登录网页的内容。在Chrome检查器视图中,所有这2个请求返回302状态代码,其中一些响应头包含用于进一步请求的授权id_token。
当我试图将这两个请求导入Postman时,得到了相同的结果,因此问题可能不是我的代码。
我的最终目标是在get请求的响应头中获取id_令牌参数。
我感谢你的帮助!
curl 'https://auth.fiintrade.vn/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStoxPlus.FiinTrade.SPA%26redirect_uri%3Dhttps%253A%252F%252Ffiintrade.vn%252Fsignin-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520FiinTrade.Market%2520FiinTrade.Core%2520FiinTrade.Realtime%2520FiinTrade.Fundamental%26state%3D19e5bb5a7df14a2bab8ded1f265a7bda%26nonce%3D1547e70f8a2940b89dac75565e032046%26clientType%3DWEBCLIENT%26fp%3D54404ac5041ff5b042c29fb397bef44d%26type%3Dredirect' \
-H 'Connection: keep-alive' \
-H 'Cache-Control: max-age=0' \
-H 'sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Google Chrome";v="92"' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'Upgrade-Insecure-Requests: 1' \
-H 'Origin: null' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36' \
-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
-H 'Sec-Fetch-Site: same-origin' \
-H 'Sec-Fetch-Mode: navigate' \
-H 'Sec-Fetch-User: ?1' \
-H 'Sec-Fetch-Dest: document' \
-H 'Accept-Language: en-US,en;q=0.9,vi;q=0.8' \
-H 'Cookie: _ga=GA1.2...' \
--data-raw 'ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStoxPlus.FiinTrade.SPA%26redirect_uri%3Dhttps%253A%252F%252Ffiintrade.vn%252Fsignin-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520FiinTrade.Market%2520FiinTrade.Core%2520FiinTrade.Realtime%2520FiinTrade.Fundamental%26state%3D19e5bb5a7df14a2bab8ded1f265a7bda%26nonce%3D1547e70f8a2940b89dac75565e032046%26clientType%3DWEBCLIENT%26fp%3D54404ac5041ff5b042c29fb397bef44d%26type%3Dredirect&Username=MattieBailey%40mailinator.com&Password=thx9jD3SkrssPKY&button=login&__RequestVerificationToken=CfDJ8KNrfTjG6sBLmncBE9MMk0dDAX-OFwPXUy1uT0AqrEyhngGIImEM99JGxVKsssw62kRxLY2tHfTqfH8M8Mphqxh80YdwwHM6vpZIb-yVMnma4nS0QCkOf51FMFFu8pPwMM6FY52WEPSWy_ZWuaiAeCU' \
--compressed
curl 'https://auth.fiintrade.vn/connect/authorize/callback?client_id=StoxPlus.FiinTrade.SPA&redirect_uri=https%3A%2F%2Ffiintrade.vn%2Fsignin-callback&response_type=id_token%20token&scope=openid%20FiinTrade.Market%20FiinTrade.Core%20FiinTrade.Realtime%20FiinTrade.Fundamental&state=19e5bb5a7df14a2bab8ded1f265a7bda&nonce=1547e70f8a2940b89dac75565e032046&clientType=WEBCLIENT&fp=54404ac5041ff5b042c29fb397bef44d&type=redirect' \
-H 'Connection: keep-alive' \
-H 'Cache-Control: max-age=0' \
-H 'Upgrade-Insecure-Requests: 1' \
-H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36' \
-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
-H 'Sec-Fetch-Site: same-origin' \
-H 'Sec-Fetch-Mode: navigate' \
-H 'Sec-Fetch-User: ?1' \
-H 'Sec-Fetch-Dest: document' \
-H 'sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Google Chrome";v="92"' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'Accept-Language: en-US,en;q=0.9,vi;q=0.8' \
-H 'Cookie: _ga=GA1.2...' \
--compressed
Location: https://fiintrade.vn/signin-callback#id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IkY4MDA1REIxQkI0MzY4Q0Q3RkJFMUUxRTlEQjkwMTg2MUY5NEFGMTEiLCJ0eXAiOiJKV1QiLCJ4NXQiOiItQUJkc2J0RGFNMV92aDRlbmJrQmhoLVVyeEUifQ.eyJuYmYiOjE2MjkxOTM4MTgsImV4cCI6MTYyOTIyMjYxOCwiaXNzIjoiaHR0cHM6Ly9hdXRoLmZpaW50cmFkZS52biIsImF1ZCI6IlN0b3hQbHVzLkZpaW5UcmFkZS5TUEEiLCJub25jZSI6IjE1NDdlNzBmOGEyOTQwYjg5ZGFjNzU1NjVlMDMyMDQ2IiwiaWF0IjoxNjI5MTkzODE4LCJhdF9oYXNoIjoiOVJNNmdEOWFJZkprdGFCSENHRHpwQSIsInNpZCI6IjQ0MWVkZmM1YTc0MzhhOWNkYzYzYTkwYTM3NmQwOGI1Iiwic3ViIjoiMTcwMzU5IiwiYXV0aF90aW1lIjoxNjI5MTkzODE4LCJpZHAiOiJsb2NhbCIsInVzZXJfaWQiOiIxNzAzNTkiLCJ1c2VyX25hbWUiOiJNYXR0aWVCYWlsZXlAbWFpbGluYXRvci5jb20iLCJuYW1lIjoiIiwiZ2l2ZW5fbmFtZSI6Ik1hdHRpZSIsImZhbWlseV9uYW1lIjoiQmFpbGV5IiwibWlkZGxlX25hbWUiOiIiLCJlbWFpbCI6Ik1hdHRpZUJhaWxleUBtYWlsaW5hdG9yLmNvbSIsInNlcnZpY2VfdHlwZSI6IkZpaW5Hcm91cC5GaWluVHJhZGUiLCJsaXN0X3BhY2thZ2UiOiJGaWluVHJhZGUuVHJpYWwiLCJsaXN0X2ZlYXR1cmUiOiIiLCJsaXN0X2FwaSI6IiIsInJvbGUiOiJDVVNUT01FUiIsImdyb3VwX25hbWUiOiJJbmRpdmlkdWFsIiwic3RhcnRfZGF0ZSI6IjEyLzA4LzIwMjEiLCJlbmRfZGF0ZSI6IjI2LzA4LzIwMjEiLCJoaXRjb3VudF9wZXJtb250aCI6IjAiLCJjb21ncm91cF9saW1pdCI6IiIsInRpY2tlcl9saW1pdCI6IiIsInRpbWVyYW5nZV9saW1pdCI6IjAiLCJkYXRhcmFuZ2VfbGltaXQiOiIwIiwicGVyX21pbnV0ZSI6IjAiLCJwZXJfaG91ciI6IjAiLCJwZXJfZGF5IjoiMCIsInBlcl9tb250aCI6IjAiLCJlbmFibGVkIjoiVHJ1ZSIsImxhc3RfYXR0ZW1wdCI6IjgvMTIvMjAyMSAxMTo1ODoxNyBQTSIsImxhc3RfYXR0ZW1wdF9zdGF0dXMiOiJTVUNDRVNTIiwiZmluZ2VycHJpbnQiOiI1NDQwNGFjNTA0MWZmNWIwNDJjMjlmYjM5N2JlZjQ0ZCIsImNsaWVudHR5cGUiOiJXRUJDTElFTlQiLCJhbXIiOlsicHdkIl19.bObyB2sb-kkAxbxhhLc2hQsEtB6YAvzdtd2OwlLGKrzikqoGPwaQYlA41YK_v9OJLqUPRvKvkSZPBwfbguYXp8KnOAHxyPwM4lrbWc7u_OMIHarANxIsA50ckkj1gEszaGZtN6vtz4QYkxLMdbhHcpTnYd4XidFBVoyMQ3csLFaEifJEVsKfGStqgXW6etIhug5yuPnhjnZbCWdUPh0887auIuB_r7Nc7x6faHLtqr2in8c_TTKoI9YoM6LYBNkB7G7AtYkxlVImbyrdczHqsh6_ajLITuuSKYnwws2STwzPQMrZsIbHo_97ce3AVJcdUzVMXeY343FOYBDZeFteJg&access_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IkY4MDA1REIxQkI0MzY4Q0Q3RkJFMUUxRTlEQjkwMTg2MUY5NEFGMTEiLCJ0eXAiOiJKV1QiLCJ4NXQiOiItQUJkc2J0RGFNMV92aDRlbmJrQmhoLVVyeEUifQ.eyJuYmYiOjE2MjkxOTM4MTgsImV4cCI6MTYyOTIyMjQxOCwiaXNzIjoiaHR0cHM6Ly9hdXRoLmZpaW50cmFkZS52biIsImF1ZCI6WyJodHRwczovL2F1dGguZmlpbnRyYWRlLnZuL3Jlc291cmNlcyIsIkZpaW5UcmFkZS5NYXJrZXQiLCJGaWluVHJhZGUuQ29yZSIsIkZpaW5UcmFkZS5SZWFsdGltZSIsIkZpaW5UcmFkZS5GdW5kYW1lbnRhbCJdLCJjbGllbnRfaWQiOiJTdG94UGx1cy5GaWluVHJhZGUuU1BBIiwic3ViIjoiMTcwMzU5IiwiYXV0aF90aW1lIjoxNjI5MTkzODE4LCJpZHAiOiJsb2NhbCIsInVzZXJfaWQiOiIxNzAzNTkiLCJ1c2VyX25hbWUiOiJNYXR0aWVCYWlsZXlAbWFpbGluYXRvci5jb20iLCJuYW1lIjoiIiwiZ2l2ZW5fbmFtZSI6Ik1hdHRpZSIsImZhbWlseV9uYW1lIjoiQmFpbGV5IiwibWlkZGxlX25hbWUiOiIiLCJlbWFpbCI6Ik1hdHRpZUJhaWxleUBtYWlsaW5hdG9yLmNvbSIsInNlcnZpY2VfdHlwZSI6IkZpaW5Hcm91cC5GaWluVHJhZGUiLCJsaXN0X3BhY2thZ2UiOiJGaWluVHJhZGUuVHJpYWwiLCJsaXN0X2ZlYXR1cmUiOiIiLCJsaXN0X2FwaSI6IiIsInJvbGUiOiJDVVNUT01FUiIsImdyb3VwX25hbWUiOiJJbmRpdmlkdWFsIiwic3RhcnRfZGF0ZSI6IjEyLzA4LzIwMjEiLCJlbmRfZGF0ZSI6IjI2LzA4LzIwMjEiLCJoaXRjb3VudF9wZXJtb250aCI6IjAiLCJjb21ncm91cF9saW1pdCI6IiIsInRpY2tlcl9saW1pdCI6IiIsInRpbWVyYW5nZV9saW1pdCI6IjAiLCJkYXRhcmFuZ2VfbGltaXQiOiIwIiwicGVyX21pbnV0ZSI6IjAiLCJwZXJfaG91ciI6IjAiLCJwZXJfZGF5IjoiMCIsInBlcl9tb250aCI6IjAiLCJlbmFibGVkIjoiVHJ1ZSIsImxhc3RfYXR0ZW1wdCI6IjgvMTIvMjAyMSAxMTo1ODoxNyBQTSIsImxhc3RfYXR0ZW1wdF9zdGF0dXMiOiJTVUNDRVNTIiwiZmluZ2VycHJpbnQiOiI1NDQwNGFjNTA0MWZmNWIwNDJjMjlmYjM5N2JlZjQ0ZCIsImNsaWVudHR5cGUiOiJXRUJDTElFTlQiLCJzY29wZSI6WyJvcGVuaWQiLCJGaWluVHJhZGUuTWFya2V0IiwiRmlpblRyYWRlLkNvcmUiLCJGaWluVHJhZGUuUmVhbHRpbWUiLCJGaWluVHJhZGUuRnVuZGFtZW50YWwiXSwiYW1yIjpbInB3ZCJdfQ.RSMsirz2etpYNVx9Pq1W1qExw1ETwCt5XUxglHwreyQX0WDZV3nUDOf5mxgNKjQx_sPCBQuF6SBH8IdNGcuv9ajvd2XbKWdcsNljXidiRHNGogo-JKIZIqadzLAEAmdXoYP_w2ToqOYkWmtEzm2SMpgbVzklRftciQg4h-K_jYW4YpteX23Az78yT3_RIirfBfszaTp5v3BEOR_StHG16bHPauOlIGmch6o6cWUSX1RPnqyAUVaNGELPygNQcmoYVgyQhwoloXyuDY7LGjhK3EgMm9iCuDx5JasFi5A0PQrAfgs1g7UftC-B_7XvJG4pw4qbevj3PehvZ9Kp1RshXw&token_type=Bearer&expires_in=28600&scope=openid%20FiinTrade.Market%20FiinTrade.Core%20FiinTrade.Realtime%20FiinTrade.Fundamental&state=19e5bb5a7df14a2bab8ded1f265a7bda&session_state=dV3zKwxom21hMpGaoJweGLKUlj2rO2gGSFWbw6bIw4U.ab1d0e2f49d55710dba656b0c958891d
共有1个答案
唐永春
我终于用硒解决了这个问题。以下是代码:
from selenium.webdriver.common.by import By
from selenium.webdriver.chrome.options import Options
from selenium.webdriver.chrome.service import Service
from selenium import webdriver
LOGIN_URL = 'https://auth.fiintrade.vn/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStoxPlus.FiinTrade.SPA%26redirect_uri%3Dhttps%253A%252F%252Ffiintrade.vn%252Fsignin-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520FiinTrade.Market%2520FiinTrade.Core%2520FiinTrade.Realtime%2520FiinTrade.Fundamental%26state%3Dd454e517f7ff44709a797670cd357be7%26nonce%3D890d02d7b58f42e88197818b035ad6d9%26clientType%3DWEBCLIENT%26fp%3De292f9093f0b9abc9904b5fba1d948c6%26type%3Dredirect'
def generate_token() -> bool:
service = Service(cfg.CHROME_DRIVER_PATH)
options = Options()
options.headless = True # do not show new window
driver = webdriver.Chrome(service=service, options=options)
driver.get(LOGIN_URL)
username_textbox = driver.find_element(By.ID, "exampleInputEmail1")
username_textbox.send_keys(cfg.USERNAME)
password_textbox = driver.find_element(By.ID, "exampleInputPassword1")
password_textbox.send_keys(cfg.PASSWORD)
login_button = driver.find_element(By.NAME, "button")
login_button.click()
assert 'access_token=' in driver.current_url, 'Failed to get access token'
resp = driver.current_url
# get token from resp
resp = resp.split('access_token=')[1].split('&token_type=')
id_token = resp[0]
token_type = resp[1].split('&expires_in=')[0]
auth_token = token_type + ' ' + id_token
with open(cfg.AUTH_TOKEN_SAVE_PATH, 'w') as f:
f.write(auth_token)
return 0
类似资料:
-
我真的不知道我的java代码中的错误在哪里。我必须使用REST API登录Kofax Total Agility。为此,我尝试使用postman测试我的json是否正确构建。以下是我的登录JSON: 我得到了肯定的回答: 到目前为止,一切顺利。为此,我创建了模型: 对于响应: 这些类应该允许我构建 json。现在,我创建了一个方法,用于生成请求对象并期望响应对象。 当我调用这部分代码时,我注意到我
-
问题内容: 这工作正常: 这将返回400 Bad Request(只是使用.ajax来支持错误处理的上述jQuery的重新格式)。 问题答案: 我认为您只需要再添加2个选项(和):
-
我在调试模式下运行它,并附加了一个包含异常详细信息的图像。我怎么知道出了什么问题?我试图在表中插入数据。azure不能告诉我更多细节吗? Obs:存储在Windows Azure上,而不是我的机器上。表已创建,但我在插入数据时出现此错误 下面是插入代码:
-
我试图使用Gmail API将用户设置应用到Gmail帐户,但它不断返回错误400错误请求。 我可以看到错误代码在Gmail API控制台,它来自我的服务号,所以代码不可能是如此错误,但它让我发疯,只是不能找出什么是错误的。 如果有人能给我指出正确的方向,我会非常感激。
-
我试图对我写的rest api执行一个put请求,但它总是返回400-bug请求。 java.io.IO异常:服务器返回HTTP响应代码:400为URL:http://localhost:8000/api/v0/contacts/2sun.net.www.protocol.http.HttpURLConnection.getInputStream(未知来源) 我可以用firefox rest客户端
-
问题内容: 我有这个应用程序,它可以在本地运行,并且在部署时可以使用.mdf SQL Express数据库文件(通常用于测试目的)。但是,当我将其更改为可与我们的SQL Server 2008一起使用时,该应用程序可以运行,但该服务无法运行。 例如,如果在页面后面的代码中,我有一个按钮可以向表中添加数据,例如: 我的web.config设置为在该服务器上使用模拟,并且一切运行良好。但是,对于我的服