Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # The site you want to log in to
- SITE_URL = nil
- # The username/password you want to log in with
- USERNAME = nil
- PASSWORD = nil
- # All of these details are visible when you do a "login" and
- # inspect the parameters POSTed when you click "login" on
- # the Lock Widget. You'll want to do this in your favorite
- # web browser while having the developer console open and
- # inspecting the network traffic.
- AUTH0_CLIENT_ID = nil
- AUTH0_ACCOUNT_URL = nil
- AUTH0_CONNECTION = nil
- AUTH0_TENANT = nil
- AUTH0_APP_LOGIN_REDIRECT_URL = nil
- # Make an initial call to the page that has the
- # state value that is used when POSTing to login
- response = RestClient.get(SITE_URL)
- state = /state: '([^']+)'/.match(response.body)[1]
- # POST the username/password and attempt to log in
- response = RestClient.post(
- "#{AUTH0_ACCOUNT_URL}/usernamepassword/login",
- payload={
- client_id: AUTH0_CLIENT_ID,
- connection: AUTH0_CONNECTION,
- redirect_uri: AUTH0_APP_LOGIN_REDIRECT_URL,
- response_type: "code",
- scope: "openid email crud:all",
- sso: true,
- state: state,
- tenant: AUTH0_TENANT,
- username: USERNAME,
- password: PASSWORD
- },
- headers={
- cookies: response.cookies
- }
- )
- # Extract the hidden form elements that we need to
- # POST to the callback
- form = Nokogiri::HTML(response.body)
- payload = {}
- form.css('input').each do |input|
- if input.attributes['type'].value == 'hidden'
- payload[input.attributes['name'].value] = input.attributes['value'].value
- end
- end
- # Call the callback, and then redirect to where the
- # callback says to go.
- begin
- RestClient.post(
- "#{AUTH0_ACCOUNT_URL}/login/callback",
- payload=payload,
- headers={
- cookies: response.cookies
- }
- )
- rescue RestClient::MovedPermanently,
- RestClient::Found,
- RestClient::TemporaryRedirect => err
- logged_in_response = RestClient.get(err.response.headers[:location], headers={cookies: err.response.cookies})
- end
- # The user is now logged in and logged_in_response now has all the
- # appropriate cookies that can be then used in subsequent call the
- # the site
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement