From 973bb658673d81e65796888affdc26575800c16b Mon Sep 17 00:00:00 2001
From: Maximilian Bosch <maximilian@mbosch.me>
Date: Thu, 31 Dec 2020 10:59:28 +0100
Subject: [PATCH] Fix shibboleth login by passing a CSRF token (#4)

Credits go https://github.com/Garmelon/PFERD/commit/2714ac6be6881e7a49e59d6aa8c709700720e8e8
where I derived this fix from.
---
 src/main.rs | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/main.rs b/src/main.rs
index fa8eab2..e39794b 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -642,13 +642,18 @@ impl ILIAS {
 				"home_organization_selection": "Mit KIT-Account anmelden"
 			}))
 			.send().await?;
+		let url = session_establishment.url().clone();
+		let text = session_establishment.text().await?;
+		let dom_sso = Html::parse_document(text.as_str());
+		let csrf_token = dom_sso.select(&Selector::parse(r#"input[name="csrf_token"]"#).unwrap()).next().context("no csrf token")?;
 		println!("Logging into Shibboleth..");
 		let login_response = this.client
-			.post(session_establishment.url().clone())
+			.post(url)
 			.form(&json!({
 				"j_username": &this.user,
 				"j_password": &this.pass,
-				"_eventId_proceed": ""
+				"_eventId_proceed": "",
+				"csrf_token": csrf_token.value().attr("value").ok_or(anyhow!("no csrf token"))?,
 			}))
 			.send().await?.text().await?;
 		let dom = Html::parse_document(&login_response);