powershell http post REST API basic authentication

22
votes

I have basic authentatication working with REST API using curl:

curl -X POST  -H 'Accept: application/json' -u user:password http://localhost/test/

But, when I try to do the same with powershell webRequest, I get 403(permission denied). This script works fine when I disable authentication check in REST code.

What is the best way in powershell to pass credentials on POST request similar to curl or what can I do to fix following script.

Would really appreciate some guidance on this. Thanks.

Here is my powershell script:

function Execute-HTTPPostCommand() {
    param(
        [string] $target = $null
    )

    $username = "user"
    $password = "pass"

    $webRequest = [System.Net.WebRequest]::Create($target)
    $webRequest.ContentType = "text/html"
    $PostStr = [System.Text.Encoding]::UTF8.GetBytes($Post)
    $webrequest.ContentLength = $PostStr.Length
    $webRequest.ServicePoint.Expect100Continue = $false
    $webRequest.Credentials = New-Object System.Net.NetworkCredential -ArgumentList $username, $password 

    $webRequest.PreAuthenticate = $true
    $webRequest.Method = "POST"

    $requestStream = $webRequest.GetRequestStream()
    $requestStream.Write($PostStr, 0,$PostStr.length)
    v$requestStream.Close()

    [System.Net.WebResponse] $resp = $webRequest.GetResponse();
    $rs = $resp.GetResponseStream();
    [System.IO.StreamReader] $sr = New-Object System.IO.StreamReader -argumentList $rs;
    [string] $results = $sr.ReadToEnd();

    return $results;

}


$post = "volume=6001F930010310000195000200000000&arrayendpoint=2000001F930010A4&hostendpoint=100000051ED4469C&lun=2"

$URL = "http://example.com/test/"

Execute-HTTPPostCommand $URL
4
restpowershell

4 Answers

18
votes

Your code looks good, I would try adding HTTP_AUTHORIZATION header for $webrequest like this:

$webRequest.Headers.Add("AUTHORIZATION", "Basic YTph");

Where YTph would be the base64encoded string for username : password.

19
votes

I know this is an old thread, but for those who might stumble across this the invoke-restmethod is a much better, and simpler, vehicle for making API calls with PowerShell.

Build a parameter list as a hash table:

$params = @{uri = 'https:/api.trello.com/1/TheRestOfYourURIpath';
                   Method = 'Get'; #(or POST, or whatever)
                   Headers = @{Authorization = 'Basic ' + [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes("$($acctname):$($password)"));
           } #end headers hash table
   } #end $params hash table

$var = invoke-restmethod @params

Your parameter hash table may differ slightly.

I actually haven't gotten this to work with Trello, but I have with GitHub, Serena Business Manager and Jira.

4
votes

Credentials property seems to be used for Windows authentication. Try using this function: Forcing Basic Authentication in WebRequest I would advise you in any case to use some web debugger, like Fiddler to see the difference between curl request and your request

0
votes

This is the code I use to download pages from Confluence as HTML files.

$pageid = "176398584" ;
$url = "http://wikiserver/wiki/pages/viewpage.action?pageId=$pageid" ;
write-host "Establish credentials" ;
$r = Invoke-WebRequest "http://wikiserver/wiki/pages/login.action" -SessionVariable my_session ;
# $r ;
$form = $r.Forms[1]; 
# $form ; 

# $c = $host.UI.PromptForCredential('Your Credentials', 'Enter Credentials', '', '') ;
# $form.fields['os_username'] = $c.UserName ;
# $form.fields['os_password'] = $c.GetNetworkCredential().Password ;
$form.fields['os_username'] = "mywikirobotlogonname" ;
$form.fields['os_password'] = "mywikirobotpassword"  ;
$form.fields['os_cookie']      = "true" ; 
$form.fields['os_destination'] = "%2Fpages%2Fviewpage.action%3FpageId%3D$pageid" ; 

$outputFile = "$pageid.html" ;
$content = Invoke-WebRequest -Uri ($url + $form.Action)  -WebSession $my_session -Method POST -Body $form.Fields ;
$content.ParsedHTML.getElementById("content").innerHTML | Add-Content $outputFile

The host UI Prompted can be used to ask the user to enter their logon information.

Uncomment a variable to display to the system output the contents of the form, the retrieved page, etc to troubleshoot- $r $form $content