For the sake of closing this thread, I have solved this.
In the end it was not overly complex but there was just more to it than initially known.
tl;dr: the trick was not to follow the redirect after receiving the ticket (this invalidated the ticket already).
Thanks for your help bliako.
#!/usr/bin/env perl
###Modules
use WWW::Mechanize;
use HTTP::Cookies;
use HTTP::CookieJar::LWP ();
use IO::Socket::SSL qw();
use Data::Dumper;
use JSON;
###Variables & Declarations
my $creds = "$ENV{'HOME'}/.credentials";
my $uri ="https://xxx.employer.xxx/app/login?service=https://xxx.emplo
+yer.xxx/app/service";
my $cookie_jar = HTTP::Cookies->new();
my ($username,$password) = get_credentials($creds);
my $fields = {
username => $username,
password => $password,
};
my $m = WWW::Mechanize->new( cookie_jar => $cookie_jar, autocheck => 0
+, ssl_opts => { SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE,
+verify_hostname => 0 }, env_proxy => 1, keep_alive => 1, timeout => 1
+20, agent => 'Windows IE 6' );
$m->max_redirect(0);
############## Log in and get Ticket ##################
my $content = $m->post($uri);
$m->submit_form(
form_number => 1,
fields => $fields,
button => 'submit'
);
my $location = $m->response()->header('Location');
my $ticket_id = (split /ticket=/, $location)[1];
############## /Log in and get Ticket ##################
############## Create Session and get authorization id ###############
+###
$m->add_header('Content-Type' => 'text/plain');
$m->add_header('Accept' => ['text/plain', 'application/json']);
#$m->delete_header('Referer');
my $session_url = "https://xxx.employer.xxx:<port>/session";
my $contentp = $m->post($session_url, 'Content' => "$ticket_id");
my $resp = $contentp->decoded_content()."\n\n";
my $decoded_json = decode_json( $resp );
my $id = $decoded_json->{id};
############## /create session and get authorization id###############
+###
############## do authorized stuff #########################
$m->add_header('Authorization' => $id);
$m->post("whatever");
from here on I'm doing stuff inside the session...
|