Skip to content

A Selenium-based Python program to automate the booking of campus library study rooms, thus enhancing the efficiency of booking campus study rooms.

License

Notifications You must be signed in to change notification settings

SalmanBurhan/csusm-studyroom-reserver-fall-2022

Repository files navigation

Contributors Forks Stargazers Issues MIT License LinkedIn


Logo

Fall 2022
Study Room Reserver

stability-shield

Automating the booking process for group study rooms.
Explore the docs »

View Demo · Report Bug · Request Feature

Table of Contents
  1. Obsoletion
  2. About The Project
  3. Getting Started
  4. Usage
  5. License
  6. Contact

Obsoletion

This project's lifespan extended through the 2022-2023 academic year at California State University San Marcos.

However in the summer prior to Fall 2023, CSUSM migrated their studyroom reservation management to LibCal, a product of SpringShare's LibApps suite of SaaS.

This migration ultimately rendered this iteration of the project obsolete along with exploitable vulnerabilities discovered in the original management system.

Moving forward, the next iteration of this project may be found here:

SalmanBurhan/csusm-studyroom-reserver-fall-2023

About The Project

This is a Selenium-based Python program to automate the booking of campus library study rooms, thus enhancing the efficiency of booking campus study rooms.

The project features:

  • Scheduled Automation: Implemented a scheduled frequency for room booking, ensuring availability at specific times.
  • Preference Logic: Prioritized preferred study rooms, amenities, and floors; seamlessly fell back to alternate choices if the first preference was unavailable.
  • Multi-Factor Authentication (MFA) Integration: Incorporated HOTP code generation, eliminating the need for manual authentication via push notifications.
  • Dynamic Booking Times: Modified booking times in 30-minute increments to find the optimal match for given parameters, maximizing the chances of securing desired study slots.

This project began as a personal project, however has since been aimed to showcase a blend of technical skills in web automation, security awareness, and problem-solving, resulting in a streamlined and intelligent solution for efficient campus study room booking.

Basic Log Output

2022-10-13 10:43:01 PM :: Kellog Library :: INFO :: Searching For Rooms From 2022-10-14 13:30:00 To 2022-10-14 16:30:00 On Floor 4
2022-10-13 10:43:07 PM :: Kellog Library :: INFO :: Parsing Web Page
2022-10-13 10:43:07 PM :: Kellog Library :: INFO :: Validating and Mapping Search Results
2022-10-13 10:43:07 PM :: Kellog Library :: INFO :: Search Returned 4 Results
2022-10-13 10:43:07 PM :: Auth Flow :: INFO :: Beginning Auth Flow
2022-10-13 10:43:07 PM :: Browser :: INFO :: Initializing ChromeDriver Service
2022-10-13 10:43:07 PM :: Browser :: INFO :: Initializing Chrome Instance with Options: ['--disable-gpu', '--headless', '--window-size=800,600']
2022-10-13 10:43:10 PM :: Auth Flow :: INFO :: Beginning CSUSM Portion of Auth Flow
2022-10-13 10:43:13 PM :: Auth Flow :: INFO :: Beginning DUO 2FA Portion of Auth Flow
2022-10-13 10:43:14 PM :: Auth Flow :: INFO :: Generating 2FA Code
2022-10-13 10:43:14 PM :: Auth Flow :: INFO :: 2FA Code ==> ******
2022-10-13 10:43:14 PM :: Auth Flow :: INFO :: Awaiting Redirect To CSUSM
2022-10-13 10:43:18 PM :: Auth Flow :: INFO :: Is Logged In ==> True
2022-10-13 10:43:18 PM :: Auth Flow :: INFO :: Auth Flow Successful
2022-10-13 10:43:18 PM :: Auth Flow :: INFO :: Is Logged In ==> True
2022-10-13 10:43:18 PM :: Kellog Library :: INFO :: Reserving Room 4001 on 2022-10-14 from 01:30:00 PM to 04:30:00 PM for 2 attendee(s)
2022-10-13 10:43:18 PM :: Kellog Library :: INFO :: Building Reservation Request
2022-10-13 10:43:19 PM :: Kellog Library :: INFO :: Parsing and Validating Server Response
2022-10-13 10:43:19 PM :: Kellog Library :: INFO :: Room 4001 Successfully Reserved

Vulnerability Disclosure

Description

During the development of this project, a vulnerability was discovered in the reservation system's JavaScript code. The system enforces a 24-hour window limitation for booking study rooms, but this limitation is solely implemented on the client side and not validated server-side.

Vulnerability Details

By manually generating query parameters, it is possible to bypass the client-side restrictions and schedule study rooms past the stated 24-hour time window. This poses a potential risk and undermines the intended functionality of the reservation system.

Vulnerability Patch

As the reservation system has since been migrated to LibCal, this vulnverability is no longer present, and may be deemed patched.

(back to top)

Built With

  • Requests
  • BeautifulSoup4
  • Selenium
  • PyOTP

(back to top)

Getting Started

This is an example of how you may give instructions on setting up your project locally. To get a local copy up and running follow these simple steps.

Library Dependencies

This is an example of how to list things you need to use the software and how to install them.

pip install -r requirements.txt

or if you prefer to virtualize your environment (preferred method)

python3 -m venv ./env
source ./env/bin/activate
pip install -r requirements.txt

Google Chrome

It is recommended to make a copy of your Google Chrome executable and keep it within the project as it reduces the frequency of Chrome auto-updating and breaking compatibility with the version of chromedriver installed.

For MacOS this executable can be found at:

/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome

Chrome Driver

Download a copy of chromedriver that matches your OS environment and Google Chrome installation.

Installation

  1. Clone the repo
    git clone https://github.com/SalmanBurhan/csusm-studyroom-reserver-fall-2022.git
    cd csusm-studyroom-reserver-fall-2022
  2. Setup Virtual Environment
    python3 -m venv ./env
    source ./env/bin/activate
  3. Install Dependencies
    pip install -r requirements.txt
  4. Enter your CSUSM Credentials in constants.py
    CSUSM_EMAIL = '[email protected]'
    CSUSM_PASSWORD = None
  5. Specify the paths to your DUO secret and Chrome/chromedriver installation
    DUO_SECRET_PATH = "duo/base32_secret.hotp"
    
    CHROMEDRIVER_PATH = 'browser/chromedriver'
    CHROMEAPP_PATH = 'browser/Google Chrome.app'

(back to top)

Usage

The main Implementation

The main.py file is setup to be run the day prior to the booking, best paired with a cronjob or launchctl scheduled service.

In this constants.py file...

The TARGET_TIMES variable is to be defined as follows:

'''
TARGET_TIMES: dict where
    k: int - day of the week, where Monday == 0 ... Sunday == 6.
    v: tuple[int, int] - ISO 8601 formatted hour and minute.
'''
TARGET_TIMES = {
    0: (17, 30),
    2: (13, 30),
    4: (17, 30)
}

The PREFERRED_ROOM and ATTENDEES_COUNT variables should be defined as well.

PREFERRED_ROOM = 4001
ATTENDEES_COUNT = 2

Run

python3 main.py

Since the program is designed to be run the day before the desired booking, the execution of main.py is intended to exit if run on any other day.

A cron job or launchd service should be created to run the script the day before the times specified in TARGET_TIMES.

Assuming the default TARGET_TIMES values, the launchd plist file should look like the following template:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>Label</key>
    <string>com.user.csusm-studyroom-reserver</string>

    <key>ProgramArguments</key>
    <array>
      <string>/path/to/your/venv/bin/python3</string>
      <string>/path/to/your/main.py</string>
    </array>

    <key>StartCalendarInterval</key>
    <array>
      <dict> <!-- 05:30 PM -->
        <key>Hour</key>
        <integer>17</integer>
        <key>Minute</key>
        <integer>30</integer>
        <key>Weekday</key>
        <integer>0</integer> <!-- Sunday -->
      </dict>
      <dict> <!-- 01:30 PM -->
        <key>Hour</key>
        <integer>13</integer>
        <key>Minute</key>
        <integer>30</integer>
        <key>Weekday</key>
        <integer>2</integer> <!-- Tuesday -->
      </dict>
      <dict>
        <key>Hour</key>  <!-- 05:30 PM -->
        <integer>17</integer>
        <key>Minute</key>
        <integer>30</integer>
        <key>Weekday</key>
        <integer>4</integer> <!-- Thursday -->
      </dict>
    </array>

    <key>WorkingDirectory</key>
    <string>/path/to/your/project/directory</string>

    <key>StandardOutPath</key>
    <string>/path/to/your/logfile.log</string>

    <key>StandardErrorPath</key>
    <string>/path/to/your/error-logfile.log</string>
  </dict>
</plist>

Upon saving the file to the customary path ~/Library/LaunchAgents/, load the scheduled job using:

launchctl load ~/Library/LaunchAgents/com.user.csusm-studyroom-reserver.plist

(back to top)

License

Distributed under the MIT License. See LICENSE.txt for more information.

(back to top)

Contact

Salman Burhan - [email protected]

Project Link: https://github.com/SalmanBurhan/csusm-studyroom-reserver-fall-2022

(back to top)

About

A Selenium-based Python program to automate the booking of campus library study rooms, thus enhancing the efficiency of booking campus study rooms.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages