This script automatically logs into University of Cincinnati's Blackboard (aka Canopy) whenever your session expires.

When you first install it and visit any page on canopy.uc.edu, it will automatically pop-up a configuration screen where you can enter your username and password. Enter your credentials, click Save, and then refresh the page. It should then automatically login.

If your credentials ever fail to work, the configuration screen will automatically reappear for you to update them. If for some reason, you need to return to the configuration screen manually, simply go to any page on canopy.uc.edu, then append &autologin to the URL.

FAQ

How does this store my login credentials?

Your credentials are stored locally on your computer in an unencrypted format. If you share your computer with people you don't trust, don't use this script.

Please note that some user script managers may be configured to sync your scripts and their configurations via Google Drive/Dropbox/etc. I have no control over this; this is a feature only you can turn on/off. In Tampermonkey, cloud sync is disabled by default.

Can I trust you?

I promise not to be evil; I will never upload your credentials to anywhere besides UC's servers. The source code for this script is short and sweet; I welcome anyone to look through it and confirm there's nothing fishy going on.

I'm also publishing this under my real name, Hayden Schiff. You can look me up in the student directory. If I were stealing peoples' logins out here in broad daylight, there's a strong chance I'd get caught, and UC would probably expel me and call the cops. So even if I were evil, it wouldn't be worth the risk.

Don't you know UC is about to get rid of Canopy?

Yes, but I hate logging in all the time with such a burning passion that I made this anyway.

How does this extension work?

This extension runs every time you load any page on canopy.uc.edu. It first makes a request to an API endpoint on Canopy (specifically, the endpoint which returns info about when your password is going to expire) to determine if we are currently logged in. If the API reports that the current username is "guest", then that means we aren't logged in.

If we aren't logged in, then the script will attempt to login. It first downloads the login form page to find the nonce value, which is a random value that Blackboard requires be sent when you're logging in (they do this to prevent CSRF attacks). Once we have that, we send the username, password, and nonce to login endpoint, which should log us in!

After making the login request, the script will re-run the earlier check to see if we're logged in. If the server reports that we're still "guest", then the login must have failed. The most likely reason it would fail is that the username or password were wrong, so in this case, the extension will automatically show the config window so that the user can correct their credentials.

Changelog