C# - HttpWebRequest POST (Login to Facebook)

Question

I'm trying to login to Facebook in my program and parse some information from there (like name, profile pic, etc).

I'm getting redirected back to Facebook's main page everytime I execute the code below.

string email = "email";
string pw = "pw";
string PostData = String.Format("email={0}&pass={1}", email, pw);

CookieContainer cookieContainer = new CookieContainer();

HttpWebRequest req = (HttpWebRequest)HttpWebRequest.Create("");
req.CookieContainer = cookieContainer;
req.Method = "POST";
req.ContentLength = PostData.Length;
req.ContentType = "application/x-www-form-urlencoded";
req.AllowAutoRedirect = true;
req.UserAgent = "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.121 Safari/535.2";

ASCIIEncoding encoding = new ASCIIEncoding();
byte[] loginDataBytes = encoding.GetBytes(PostData);
req.ContentLength = loginDataBytes.Length;
Stream stream = req.GetRequestStream();
stream.Write(loginDataBytes, 0, loginDataBytes.Length);

HttpWebResponse webResp = (HttpWebResponse)req.GetResponse();

Stream datastream = webResp.GetResponseStream();
StreamReader reader = new StreamReader(datastream);
webBrowser1.DocumentText = reader.ReadToEnd();

foreach (Cookie cookies in webResp.Cookies)
{
    MessageBox.Show(cookies.Name + "   " + cookies.Value);
}

What am I doing wrong here? Any help would be appreciated, many thanks! :)

edit: I found out how to do it shortly after I posted.

Facebook sends a cookie everytime you visit it to see if you have cookies enabled, what I did was send a request to the login page of Facebook to get the cookies, then send another with the POST data. It worked this way and I successfully logged in.

Thanks anyway! :)

Answer 1

I'm glad you found your answer, I could login facebook using HttpWebRequest too, just like you said.. Here's an acceptable workaround:

First request: Get the cookies.

 CookieCollection cookies = new CookieCollection();
 HttpWebRequest request = (HttpWebRequest)WebRequest.Create("https://www.facebook.com); 
 request.CookieContainer = new CookieContainer();
 request.CookieContainer.Add(cookies);
 //Get the response from the server and save the cookies from the first request..
 HttpWebResponse response = (HttpWebResponse)request.GetResponse();
 cookies = response.Cookies;

Second request: POST the form data and recover the cookies from the first request..

 string getUrl = "https://www.facebook.com/login.php?login_attempt=1";
 string postData = String.Format("email={0}&pass={1}", "value1", "value2");
 HttpWebRequest getRequest = (HttpWebRequest)WebRequest.Create(getUrl);
 getRequest.CookieContainer = new CookieContainer();
 getRequest.CookieContainer.Add(cookies); //recover cookies First request
 getRequest.Method = WebRequestMethods.Http.Post;
 getRequest.UserAgent = "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.121 Safari/535.2";
 getRequest.AllowWriteStreamBuffering = true;
 getRequest.ProtocolVersion = HttpVersion.Version11;
 getRequest.AllowAutoRedirect = true;
 getRequest.ContentType = "application/x-www-form-urlencoded";

 byte[] byteArray = Encoding.ASCII.GetBytes(postData);
 getRequest.ContentLength = byteArray.Length;   
 Stream newStream = getRequest.GetRequestStream(); //open connection
 newStream.Write(byteArray, 0, byteArray.Length); // Send the data.
 newStream.Close();

 HttpWebResponse getResponse = (HttpWebResponse)getRequest.GetResponse();
 using (StreamReader sr = new StreamReader(getResponse.GetResponseStream()))
 {
   string sourceCode = sr.ReadToEnd();               
 } 

This is one of lots ways that works with HttpWebRequest, also if you prefer using WebBrowser, it works acceptable using the following:

webBrowser1.Navigate("https://www.facebook.com/login.php?login_attempt=1", "",byteArray, "Content-Type: application/x-www-form-urlencoded");

What I just realized is that it doesn't work with the InternetSetCookie maybe the reason is because Cookies returned from Facebook have the "HttpOnly" attribute (true), and it can't be accessible by client-side script.

Answer 2

Sometimes it is easier to use web browser and you can run that browser hidden in the background. Later you can get the inner html or perhaps download an image. Whatever you need to do. Here is an example using windows forms.

Create a new win forms application, add a button and paste that code inside. do not add anything else it should work...

private void button1_Click(object sender, EventArgs e)
{
    string email = "Your email";
    string password = "your password";

    // create a new browser
    WebBrowser w = new WebBrowser();
    w.Dock = DockStyle.Fill;
    this.Controls.Add(w); // you may add the controll to your windows forms if  you want to see what is going on
    // latter you may not chose to add the browser or you can even set it to invisible... 


    // navigate to facebook
    w.Navigate(@"http://www.facebook.com/");

    // wait a little
    for (int i = 0; i < 100; i++)
    {
        System.Threading.Thread.Sleep(10);
        System.Windows.Forms.Application.DoEvents();
    }


    HtmlElement temp=null;

    // while we find an element by id named email
    while (temp == null)
    {
        temp = w.Document.GetElementById("email");
        System.Threading.Thread.Sleep(10);
        System.Windows.Forms.Application.DoEvents();
    }

    // once we find it place the value
    temp.SetAttribute("value", email);


    temp = null;
    // wiat till element with id pass exists
    while (temp == null)
    {
        temp = w.Document.GetElementById("pass");
        System.Threading.Thread.Sleep(10);
        System.Windows.Forms.Application.DoEvents();
    }
    // once it exist set it value equal to passowrd
    temp.SetAttribute("value", password);

    // if you already found the last fields the button should also be there...

    var inputs = w.Document.GetElementsByTagName("input");

    int counter = 0;
    bool enableClick = false;

    // iterate through all the inputs in the document
    foreach (HtmlElement btn in inputs)
    {

        try
        {
            var att = btn.GetAttribute("tabindex");
            var name = btn.GetAttribute("id");

            if (enableClick)// button to submit always has a differnt id. it should be after password textbox
            {
                btn.InvokeMember("click");
                counter++;
            }

            if (name.ToUpper().Contains("PASS") || att=="4") 
            {
                enableClick = true;  // button should be next to the password input                    
            }

            // try a max of 5 times
            if (counter > 5)
                break;
        }
        catch
        {

        }
    }
}