fun Application.configureRouting() {
val targetUrl = "https://oldmy.sdu.edu.kz/loginAuth.php"
val myFormData = FormDataContent(Parameters.build {
append("username", "200107106")
append("password", "asdfgh123") // here is fake password, my real is different
append("modstring", "")
append("LogIn", " Log in ")
})
routing {
get("/v1/auth") {
val client = HttpClient(CIO) {
followRedirects = true
}
val response: HttpResponse = client.post(targetUrl) {
body = myFormData
headers {
append(HttpHeaders.ContentType, ContentType.MultiPart.FormData)
}
}
call.respondText(response.bodyAsText())
client.close()
}
}
fun Application.configureSerialization() {
install(ContentNegotiation) {
json()
}
}
fun main() {
embeddedServer(
factory = Netty,
port = 8080,
module = Application::module,
).start(wait = true)
}
fun Application.module() {
configureSerialization()
configureRouting()
}
this was my code now when i try access target site directly, it successfully redirects and responses html
here is postman details
POST https://oldmy.sdu.edu.kz/loginAuth.php
302
POST / HTTP/1.1
User-Agent: PostmanRuntime/7.37.0
Accept: */*
Cache-Control: no-cache
Postman-Token: 95ee7c1a-c6fe-4eb9-934f-48fea756f903
Host: oldmy.sdu.edu.kz
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Content-Type: multipart/form-data; boundary=--------------------------121269782965064495844278
Cookie: PHPSESSID=ssbu49jagvpfl6tn7t426reh37; uname=200107106
Content-Length: 508
HTTP/1.1 302
Date: Mon, 25 Mar 2024 19:26:53 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: index.php
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: uname=200107106; expires=Wed, 24-Apr-2024 19:26:53 GMT; Max-Age=2592000
Via: 1.1 oldmy.sdu.edu.kz (Apache/2.4.52)
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
in this original targeturl postman for this post request i used same form data content now when i try navigate traffic through my client backend it says:
GET http://0.0.0.0:8080/v1/auth
500
970 ms
GET /v1/auth HTTP/1.1
User-Agent: PostmanRuntime/7.37.0
Accept: */*
Cache-Control: no-cache
Postman-Token: 9c878c77-ecab-4314-8782-e8fc6d898b7d
Host: 0.0.0.0:8080
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
HTTP/1.1 500 Internal Server Error
Content-Length: 0
Connection: keep-alive
and 500 code status
in my console it says:
2024-03-26 01:34:36.684 \[eventLoopGroupProxy-4-1\] TRACE i.ktor.client.plugins.HttpPlainText - Adding Accept-Charset=UTF-8 to https://oldmy.sdu.edu.kz/loginAuth.php
2024-03-26 01:34:36.687 \[eventLoopGroupProxy-4-1\] TRACE i.k.c.plugins.defaultTransformers - Transformed with default transformers request body for https://oldmy.sdu.edu.kz/loginAuth.php from class io.ktor.client.request.forms.FormDataContent
2024-03-26 01:34:36.828 \[eventLoopGroupProxy-4-1\] TRACE i.k.client.plugins.HttpCallValidator - Processing exception sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target for request https://oldmy.sdu.edu.kz/loginAuth.php
2024-03-26 01:34:36.830 \[eventLoopGroupProxy-4-1\] ERROR ktor.application - Unhandled: GET - /v1/auth
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:148)
at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:129)
at java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:434)
at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306)
at java.base/sun.security.validator.Validator.validate(Validator.java:264)
at java.base/sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:313)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:233)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:110)
at io.ktor.network.tls.TLSClientHandshake.handleCertificatesAndKeys(TLSClientHandshake.kt:235)
at io.ktor.network.tls.TLSClientHandshake.negotiate(TLSClientHandshake.kt:166)
at io.ktor.network.tls.TLSClientHandshake$negotiate$1.invokeSuspend(TLSClientHandshake.kt)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
at kotlinx.coroutines.internal.LimitedDispatcher$Worker.run(LimitedDispatcher.kt:115)
at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:100)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:584)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:793)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:697)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:684)
2024-03-26 01:34:36.835 \[eventLoopGroupProxy-4-1\] TRACE i.k.s.p.c.ContentNegotiation - Skipping response body transformation from HttpStatusCode to OutgoingContent for the GET /v1/auth request because the HttpStatusCode type is ignored. See \[ContentNegotiationConfig::ignoreType\].
2024-03-26 01:34:37.277 \[eventLoopGroupProxy-4-1\] INFO ktor.application - 500 Internal Server Error: GET - /v1/auth in 617ms
fact: i did not upload any ssl certificates when i successfully accessed original target site from postman. i just entered formdata content in body, and thats all! it successfully authorized and then redirected to index.html and returned that as html in postman.
it seems like i don't have problems with incorrect data, its problem with my client side trying access that target website
i tried apply different HttpClients: CIO, APACHE, OkHttp
i tried to body = myFormData.formData.formUrlEncode() and changed contentType to contentType(ContentType.Application.FormUrlEncoded)
i also uploaded that my code to https://sduhub-ktor.onrender.com/v1/auth (i thought its because of its local http)
it did not helped(