RuneScape.com Login Session_Cookie

Discussion in 'RuneScape Programming' started by doctapiss, Oct 25, 2023.

RuneScape.com Login Session_Cookie
  1. Unread #1 - Oct 25, 2023 at 8:35 PM
  2. doctapiss
    Joined:
    Aug 19, 2020
    Posts:
    829
    Referrals:
    0
    Sythe Gold:
    811
    Discord Unique ID:
    1072658178044612650

    doctapiss Apprentice

    RuneScape.com Login Session_Cookie

    I'm trying to write a php script that generates a runescape.com session cookie. I am trying to write some code that hits the runescape login api through a POST request:
    PHP:
        /**
         * Generate a new runescape.com session token
         * @return string - session token, login failed or simply false
         */
        
    private function get_session_token(){

            
    $fields_string "";

            
    $fields = array(
                
    'username' => urlencode($this->_pugLogin),
                
    'password' => urlencode($this->_pugPassword),
                
    'theme' => urlencode("dual"),
                
    'ssl' => urlencode("0"),
                
    'flow' => urlencode("web"),
                
    'mod' => urlencode("jpp"),
                
    'dest' => urlencode("community"),
                
    'rejectOnGoBackRequired' => urlencode("true"),
            );

            foreach(
    $fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
            
    $fields_string substr($fields_string0, -1);
            
    $url "https://secure.runescape.com/m=weblogin/login-submit";
            
    curl_setopt($this->curlCURLOPT_URL$url);
            
    curl_setopt($this->curlCURLOPT_HEADER1);
            
    curl_setopt($this->curlCURLOPT_POST1);
            
    curl_setopt($this->curlCURLOPT_RETURNTRANSFER1);
            
    curl_setopt($this->curlCURLOPT_SSL_VERIFYPEER0);
            
    curl_setopt($this->curlCURLOPT_POSTFIELDS$fields_string);
            
    curl_setopt($this->curlCURLOPT_REFERER"https://secure.runescape.com/m=weblogin/login-submit");
            
    curl_setopt($this->curlCURLOPT_HTTPHEADER, array(
                
    "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
            
    "Accept-Encoding: gzip, deflate, br",
            
    "Accept-Language: en-GB,en-US;q=0.8,en;q=0.6",
            
    "Cache-Control  max-age=0",
            
    "Connection:keep-alive",
            
    "Content-Type: application/x-www-form-urlencoded",
            
    "Origin: https://secure.runescape.com",
            
    "Upgrade-Insecure-Requests:n1",
            
    "User-Agent:nMozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87",
            ));
            
    $result curl_exec($this->curl);
            
    $responseCode curl_getinfo($this->curlCURLINFO_HTTP_CODE);
            if(
    $responseCode == 302 && $result){
                
    $session_index_start strpos($result'session=') + 8;
                
    $session_index_end strpos($result';'$session_index_start);
                
    $session_length $session_index_end $session_index_start;
                
    $session_token substr($result$session_index_start$session_length);
                return 
    $session_token;
            }elseif(
    $responseCode == 200){
                return 
    'login failed';
            }else{
                return 
    false;
            }
        }

    When I debug my code, I am actually receiving a 200 response. This is incorrect, as I am trying to get a 302 response. Does anyone know what exactly I am missing? I think it may be due to me missing some of the request payload fields. The payload from the network tab looks like this"


    1. Code:
      username: [email protected]
      password: testing123
      theme: dual
      flow: web
      rejectOnGoBackRequired: true
      goBackUrl: https://account.jagex.com/oauth2/auth?response_type=code&client_id=jpp-auth&scope=openid%20user.email.read&state=oOmpHKCisqfPEYCnjd9HlRx1ukxEXqDbdUrV7Bny6dY%3D&redirect_uri=https://auth.runescape.com/jpp-auth/login/oauth2/code/jpp&nonce=__c2lKfApFji8F2NGl2aN8loGu7_Hc2dkjXJe2PKslI&flow=web
      correlationId: 41a1877d-654a-4934-88b9-0b167ea63a64::1698280054901
      signature: 8B3EC0148A5C6DF53D42B3F3218ECD7C814B0FAA4BA52018056D9FFE9F84E4EBC981946F81035E760F9773A59AC33B1D1B7AECE6EE8B69119D98420C8B768EA1
      mod: jpp
      dest: 1hoIao2uAVai5BrXvhjicM

    I am not sure how to populate those additional fields in my code, as they appear to be generated.
     
    Last edited: Oct 25, 2023
< 1t prayer plugin in runelite style client | would anyone be willing to teach me how to code scripts for OSRS? >

Users viewing this thread
1 guest


 
 
Adblock breaks this site