How can I login to ASP.Net Forms Authenticated site using C#?

Question

I am trying to Screen Scrape a WebSite that uses ASP.Net Forms Authentication . I have the following code which makes a Get request to get the cookies and then I want to post the Login info with the cookies I just got to the login.aspx page.

When I watch what is submitted to the login.aspx page with Fiddler I see the Posted data but for the submitted cookies I see the message " but it says "This request did not send any cookie data."

If I login into the app using Internet Explorer I can see that the cookies and the posted data are submitted to the login.aspx page and everything is working fine.

But if I loop through I can print out the cookies that I am assuming should be sent along with the request using this block

   foreach (System.Net.Cookie cook in getCookies.CookieContainer.GetCookies(new Uri("https://app.example.com")))
   {
        Console.WriteLine(cook.Name + ": " + cook.Value);
    }

What is is that I am doing wrong that is resulting in the cookies not being sent with my request?

    public void Login()
    {
        HttpWebRequest getCookies = (HttpWebRequest)WebRequest.Create("https://app.example.com");

        CookieContainer cookieJar = new CookieContainer();
        getCookies.Accept = "image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/vnd.ms-xpsdocument, application/x-ms-application, application/x-ms-xbap, application/xaml+xml, */*";
        getCookies.UserAgent = "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0E; .NET4.0C)";
        getCookies.Headers.Add("Accept-Encoding", "gzip, deflate");
        getCookies.AllowAutoRedirect = true;

        getCookies.CookieContainer = cookieJar;
        using (HttpWebResponse cookieResponse = getCookies.GetResponse() as HttpWebResponse)
        {
            StreamReader responseReader = new StreamReader(cookieResponse.GetResponseStream());
            string responseData = responseReader.ReadToEnd();

            string ViewState = this.GetViewStateFromHtml(responseData);

            getCookies = (HttpWebRequest)WebRequest.Create("https://app.example.com/Membership/Login.aspx?ReturnUrl=%2fHome%2fHomeSummary.aspx");
            getCookies.Method = "Post";
            getCookies.ContentType = "application/x-www-form-urlencoded";
            getCookies.Accept = "text/html, application/xhtml+xml. */*";
            getCookies.UserAgent = "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0E; .NET4.0C)";
            getCookies.Headers.Add("Accept-Encoding", "gzip, deflate");
            getCookies.AllowAutoRedirect = true;

            ASCIIEncoding encoding = new ASCIIEncoding();
            byte[] byte1 = encoding.GetBytes(this.GetPostData(Username, Password));

            getCookies.ContentLength = byte1.Length;

            StreamWriter requestWriter = new StreamWriter(getCookies.GetRequestStream());
            requestWriter.Write(this.GetPostData(Username, Password));
            requestWriter.Close();
            getCookies.CookieContainer = cookieJar;

            foreach (System.Net.Cookie cook in getCookies.CookieContainer.GetCookies(new Uri("https://app.example.com")))
            {
                Console.WriteLine(cook.Name + ": " + cook.Value);
            }

            using (HttpWebResponse postResponse = (HttpWebResponse)getCookies.GetResponse())
            {
                StreamReader postLoginResponseReader = new StreamReader(postResponse.GetResponseStream());
                string postLoginResponseData = postLoginResponseReader.ReadToEnd();
                File.WriteAllText(@"C:\postLoginResponse.txt", postLoginResponseData);
            }
            Console.WriteLine(@"Check C:\postLoginResponse.txt");
            Console.ReadLine();
        }

Answer 1

This is a portion of a larger code snippet, so please let me know if you need more of it. Essentially, you can code directly against the MembershipProvider and the FormsAuthentication classes to simulate the login:

bool validated = Membership.ValidateUser(uname, pwd);
if (validated)
{
    if (Request.QueryString["ReturnUrl"] != null)
    {
        FormsAuthentication.RedirectFromLoginPage(uname, false);
    }
    else
    {
        FormsAuthentication.SetAuthCookie(uname, false);
    }
    return;
}
//Response.Write("Failed to authenticate, invalid credentials.");

Hope this helps.

Answer 2

I don't see where you are adding your forms auth cookie to the HttpWebRequest cookie container.

In the past I have done this

var request = (HttpWebRequest) WebRequest.Create(remoteFilename);
request.CookieContainer = new CookieContainer();
request.CookieContainer.Add(new Cookie(".ASPXAUTH", "71AE9C8F6CFDC86BD7FD3AD7B214C4E1", "/", "build.mercaridirect.com.au"));

minor point You should change the name of your variable getCookies to webRequest or similar, improves readibility.