I'm trying to access a Swagger based API using powershell invoke-restmethod with websession to (hopefully) capture the cookies/session information I'd need to do a post method.
I start by requesting a CSRF
$CSRF = Invoke-RestMethod -Uri ($Uri+'csrf-token') -Method Get -Credential $Creds -ContentType 'application/json'-SessionVariable websession
and I can see the correct token value without any issues. Looking at the websession variable I do have some data, but I don't get any cookie values at all. Thus if I submit a second request using the session variable:
Invoke-RestMethod -Method Post -Uri ($Uri+'post') -Headers $Header -Body $Body -Credential $creds -WebSession $websession
it fails due to the missing cookie values. If I do a normal request via Firefox I see cookies with a jsessionid, etc but I don't know how to get these values somewhere where I can use them (please excuse me ignorance here- I'm relatively new to the invoke-restmethod in PS)
I've sussed it out (at last- very painful) - I had to build my own cookie:
$CSRF = Invoke-RestMethod -Uri ($Uri+'csrf-token') -Method Get -Credential $Creds -ContentType 'application/json' -SessionVariable websession -MaximumRedirection 0
$CSRFToken = $CSRF.tokenValue
# Capture cookie
$cookiejar = New-Object System.Net.CookieContainer
$cookieUrl = $uri +'csrf-token'
$cookieheader = ""
$webrequest = [System.Net.HTTPWebRequest]::Create($cookieUrl);
$webrequest.Credentials = $creds
$webrequest.CookieContainer = $cookiejar
$response = $webrequest.GetResponse()
$cookies = $cookiejar.GetCookies($cookieUrl)
# add cookie to websession
foreach ($cookie in $cookies) {$websession.Cookies.Add((Create-Cookie -name $($cookie.name) -value $($cookie.value) -domain $apiserverhost))}
# Finally, I can post:
Invoke-RestMethod -Method Post -Uri ($Uri+'versions/createVersionRequests') -Headers $Header -Body $Body -Credential $creds -WebSession $websession
Hope that helps someone else (I've spent hours pulling my hair out over this!)
Related
Trying to connect to a REST-API via Powershell client. When testing the endpoint in Postman, I have no problems at all. Here's the main part of the function (I have a [pscredential]$Creds parameter that I use to get the username and password):
[string]$username = $Creds.UserName
[string]$password = (New-Object System.Net.NetworkCredential($Creds.UserName, $Creds.Password, 'Null')).Password
[string]$authorizationInfo= ([Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(('{0}:{1}' -f $username, $password))))
Invoke-WebRequest -Uri "https://$($HostName)/api/" -Method Get -Headers #{Authorization = ('Basic {0}' -f $authorizationInfo)}
For some reason the Authorization header is different in my script than in Postman. I can even copy the Authorization header out of Postman and paste it into the -Headers parameter and everything works fine. I just don't see where I'm getting this wrong.
I can't tell you why that's not working, but I can suggest something that works for me all the time with APIs:
$auth = $username + ':' + $upassword
$Encoded = [System.Text.Encoding]::UTF8.GetBytes($auth)
$authorizationInfo = [System.Convert]::ToBase64String($Encoded)
$headers = #{"Authorization"="Basic $($authorizationInfo)"}
Invoke-WebRequest -Uri "https://$($HostName)/api/" -Method GET -Headers $headers
If that doesn't work, try this subtle difference with Invoke-Restmethod:
Invoke-RestMethod -Uri "https://$($HostName)/api/" -Method GET -Headers $headers
Working with APIs is always an adventure. Keep trying. :)
https://www.ibm.com/support/knowledgecenter/en/SS4GSP_6.2.7/com.ibm.udeploy.api.doc/topics/udclient_addversionstatus.html
How to make this PUT call using Powershell please?. I am using Powershell 5.
I came across this post while trying to do the same thing. The problem for me was in knowing what exactly the correct URL was (see Adam Parsons' answer):
$URL = "url-goes-here"
After a lot of searching (IBM's documentation was not worth much in this effort), I was able to identify the correct URL by way of watching traffic in Chrome developer tools (thanks to Darrell Schrag's blog post: https://drschrag.wordpress.com/2013/10/03/the-udeploy-rest-api).
For those searching for this, my PowerShell REST call sequence now looks like this (and executes successfully):
$tokenEncoded = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes( "PasswordIsAuthToken:{"token":"$authToken"}" ))
$headers = #{Authorization = "Basic "+$tokenEncoded}
# 1. Get component version ID
$uri = "$uDeployServer:8443/cli/version/getVersionId`?component=$componentName&version=$versionName"
$versionId=Invoke-RestMethod -Uri $uri -Method GET -Headers $headers
# 2. Add component version status
$uri = "$uDeployServer:8443/rest/deploy/version/$versionId/status/$versionStatus"
Invoke-RestMethod -Uri $uri -Method PUT -Headers $headers
Probably something like this...
$Hash = #{
Component="StringValue"
Version="StringValue"
Status="StringValue"
}
$Json = $Hash | ConvertTo-Json
$URL = "url-goes-here"
$Cred = Get-Credential
Invoke-RestMethod -Method "POST" -Uri $url -Credential $Cred -Body $Json
I have a very basic requirement to call a RESTful API. I am currently on a Windows 2012 R2 server using version 4 of PowerShell.
Here is my code:
$logon = #{
username = 'blah'
password='blah'
}
$body = $logon | ConvertTo-Json
$URI = 'https://URL/Logon'
Invoke-WebRequest -URI $URI -Method POST -Body $body -ContentType 'application/json' -Verbose
I get the following result:
{"LogonResult":"blahblahblah"}
How do I extract just the logon token to reuse as a variable? I've already put a variable at the beginning of the command:
$token = (Invoke-WebRequest -URI $URI -Method POST -Body $body -ContentType 'application/json' -Verbose).content
This returns the entire result, not just the token. How do I get just the token as a result?
You can get the value of the returned LogonResult property as follows:
$token = ((Invoke-WebRequest -URI $URI -Method POST -Body $body -ContentType 'application/json' -Verbose).content | ConvertFrom-JSON).LogonResult
Or you simplify this by using Invoke-RestMethod as this returns just the content and converts it to a PSObject automatically:
$token = (Invoke-RestMethod -URI $URI -Method POST -Body $body -ContentType 'application/json' -Verbose).LogonResult
I am trying to replicate a POST call that can be send from GUI using Invoke-RestMethod. I would like to automate it and have been trying to use powershell to do it.
It alwasy returns 202 code, have been trying it for a few hours now but can't progress. This is really the first time I am playing with invoke-restmedod and Rest so please be detailed what's wrong. Any help is highly appreciated.
So the successful call captured by Fiddler is this:
The powershell code is:
$WfManDirUserPass = "Password"
$secpasswd = ConvertTo-SecureString $WfManDirUserPass -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential ("admin", $secpasswd)
$active = #{
ipaddress="192.168.100.116"
Port="62805"
status="0"
}
$json = $active | ConvertTo-Json
try{
$response = invoke-restmethod -uri https://myhost/MAM/wfservice/workers/?ip="&"port="&"newStatus=Deactivating -Method POST -Body $json -Credential $cred -ContentType 'application/json'
} catch {
write-host("Sorry, it does not work")
}
This powershell code in Fiddler returns:
I can see that the JSON is not exactly the same on the attached images. However I stuck now and would really appreciate some help now.
This is a reply from 1RedOne (Reddit) user that helped me out:
For one, let's wrap your whole -URI in single quotes and remove the double quotes. Your URL is probably messed up, which isn't helping things.
$uri = 'https://myhost/MAM/wfservice/workers/?ip=&port=&newStatus=Deactivating'
$response = invoke-restmethod -uri $uri-Method POST -Body $json -Credential $cred -ContentType 'application/json'
2.
Furthermore, your call from fiddler uses basic authentication, and is probably incompatible with using a -Credential object. Try replacing your credentials with this format.
$user = "yourusername"
$pass = 'yourPassWord'
# Build auth header
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $user, $pass)))
# Set proper headers
$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add('Authorization',('Basic {0}' -f $base64AuthInfo))
Then, reference the $header object within your Invoke-RestMethod, like so.
$response = invoke-restmethod -uri $uri- Method POST `
-Body $json -Header $headers -ContentType 'application/json'
That's it. It worked like a charm!
I can't get the following code to work. It appears to log in but then returns the login page with $response. I am guessing it has something to do with the postbacks? Any way to get around that? Thanks!
$login = Invoke-WebRequest -Uri 'http://www.sqlpass.org/UserLogin.aspx' -SessionVariable sqlpass
$login.Forms[0].Fields["txtUsername_14615"] = 'myuser'
$login.Forms[0].Fields["txtPassword_14615"] = 'mypass'
$response = Invoke-WebRequest -Uri 'http://www.sqlpass.org/UserLogin.aspx' -WebSession $sqlpass -Method POST -Body $login
There is an event target field that also needs to be set, also the POST needs a different URL, i tested the solution below and it works:
$login = Invoke-WebRequest -Uri 'http://www.sqlpass.org/UserLogin.aspx' -SessionVariable sqlpass
$form = $login.Forms[0]
$form.Fields["__EVENTTARGET"] = "UserLogin"
$form.Fields["txtUsername_14615"] = 'myuser'
$form.Fields["txtPassword_14615"] = 'mypass'
Invoke-WebRequest -Uri 'http://www.sqlpass.org/UserLogin.aspx?returnurl=%2fdefault.aspx' -WebSession $sqlpass -Method POST -Body $form.Fields
Note: Just as a side note, you can use Web Debugging proxies like Fiddler to debug issues like this, which is exactly what i did.