#!/usr/bin/perl

#Blakes TD/Canadatrust get my acount information perl script.
#Use at your own risk, everything is done over SSL and cookies are only for this session (not saved to disk)
#This is pretty much taylored for my account summary page, so it may not work for you.
#Questions/comments: me@blakecrosby.com

#We are going to need some nice info from you so that we can get your account balance!
$accountnum = '4444444444';	#your access card number
$accountpass = 'password';	#your webbanking password

#load libwwwperl
use HTML::TokeParser;
use LWP::UserAgent;
use Crypt::SSLeay;

$ua = LWP::UserAgent->new;

$ua->agent('Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)'); 

#need cookie support;
use HTTP::Cookies;
$ua->cookie_jar(HTTP::Cookies->new(file => "lwpcookies.txt",
				     autosave => 1));


#send initial request for username/pass form (this is where we get the nice authtoken key)
$req = HTTP::Request->new(GET => 'https://easyweb45c.tdcanadatrust.com/servlet/ca.tdbank.banking.servlet.DefaultServlet');
$req->header('Accept' => 'text/html');
$res = $ua->request($req);

# check the outcome
if ($res->is_success) {
	#   print $res->content;
	$stream = HTML::TokeParser->new( \$res->content ) or die $!;

	#lets get that unique number :)
	while ( $tag = $stream->get_tag("input") ) {
		#make sure we get the right one!
		if ($tag->[1]{name} eq 'AuthToken') {
			$authtoken= $tag->[1]{value};
		}
	}

} 
else {
	print "Error: " . $res->status_line . "\n";
}


#sweeet we have that special magic number :) now lets do stuff wwith it. Log in!
$req = HTTP::Request->new(POST => 'https://easyweb45c.tdcanadatrust.com/servlet/ca.tdbank.banking.servlet.LoginServlet');
$req->header('Referrer' => 'https://easyweb45c.tdcanadatrust.com/servlet/ca.tdbank.banking.servlet.DefaultServlet');
$req->content_type('application/x-www-form-urlencoded');
$req->content("ConnectID=$accountnum&Password=$accountpass&Description=&NewPassword=&ChangePassword=false&Display=False&AddtoCookie=false&Language=E&AuthToken=$authtoken");
$res = $ua->request($req);

if ($res->is_success) {
        #   print $res->content;
        $stream = HTML::TokeParser->new( \$res->content ) or die $!;

        #yay for seucurity, need to get more magic numbers :) this time its a time based number!
        while ( $tag = $stream->get_tag("input") ) {
                #make sure we get the right one!
                if ($tag->[1]{name} eq 'TIME') {
                        $time= $tag->[1]{value};
                }
        }

}
else {
        print "Error: " . $res->status_line . "\n";
}

#ok, so now we have the other special magic number, can we finally log in? Nope, need to grab yet ANOTHER magic number!

$req = HTTP::Request->new(POST => 'https://easyweb45c.tdcanadatrust.com/servlet/ca.tdbank.banking.servlet.LoginInterceptServlet');
$req->content_type('application/x-www-form-urlencoded');
$req->content("ConnectID=$accountnum&TIME=$time");
$res = $ua->request($req);

if ($res->is_success) {
        #   print $res->content;
        $stream = HTML::TokeParser->new( \$res->content ) or die $!;

        #yay for seucurity, need to get more magic numbers :)
        while ( $tag = $stream->get_tag("input") ) {
                #make sure we get the right one!
                if ($tag->[1]{name} eq 'TIME') {
                        $time2= $tag->[1]{value};
                }
        }

}
else {
        print "Error: " . $res->status_line . "\n";
}

#yaay! final step, now post this with the last ($time2) magic number we got.
$req = HTTP::Request->new(POST => 'https://easyweb45c.tdcanadatrust.com/webbanking');
$req->content_type('application/x-www-form-urlencoded');
$req->content("ConnectID=$accountnum&TIME=$time");
$res = $ua->request($req);

if ($res->is_success) {
        #   print $res->content;
        $stream = HTML::TokeParser->new( \$res->content ) or die $!;

        #get the final url (stupid frames) :)
        while ( $tag = $stream->get_tag("frame") ) {
                #make sure we get the right one!
                if ($tag->[1]{name} eq 'tddetails') {
                        $finalurl= $tag->[1]{src};
                }
        }

}
else {
        print "Error: " . $res->status_line . "\n";
}

#ok, we finally have the last url! lets visit it!
$req = HTTP::Request->new(GET => "$finalurl");
$req->header('Accept' => 'text/html');
# send request
$res = $ua->request($req);


#parse the html, what this does is looks for the <td> that has "Banking in it", then skips down 4 tds, and grab
#the text inside it, in this case its my account balance. If anything is going to break because of a new website layout, html,
#this is the place.

$stream = HTML::TokeParser->new( \$res->content ) or die $!;
while ( $tag = $stream->get_tag("td")) {
	if ($stream->get_trimmed_text('/td') eq 'Banking') {
	$stream->get_tag("td");
	$stream->get_tag("td");
	$stream->get_tag("td");
	$stream->get_tag("td");
	$balance = $stream->get_trimmed_text('/td');
	}
}

print "Your Account Balance is: $balance\n";

#ok, lets log out nicely :)
$req = HTTP::Request->new(GET => 'https://easyweb45c.tdcanadatrust.com/servlet/ca.tdbank.banking.servlet.LogoffServlet');
$req->header('Accept' => 'text/html');
# send request
$res = $ua->request($req);