accept a cookie while using Invoke-WebRequest

This topic contains 9 replies, has 2 voices, and was last updated by Profile photo of Dave Wyatt Dave Wyatt 3 years, 9 months ago.

  • Author
    Posts
  • #10259
    Profile photo of Vern Anderson
    Vern Anderson
    Participant

    Hello,

    I'm trying to write a PowerShell script that will maintain a session with a secure web page using Invoke-WebRequest. I'm running into a problem. The 2012 server I will have to run the script from sends a pup-up to the powershell host screen. This script will normally run with no logged on user when it goes into production.

    I need to either A: Change the Windows settings that's causing the cookie popup or B: have a way to handle it from within the script.

    Is the -Force parameter going to force it to accept the cookie. Or is there any paramter that is used to handle this? I have no idea what Windows setting is causing that pop-up.

    -VERN

  • #10268
    Profile photo of Dave Wyatt
    Dave Wyatt
    Moderator

    Well, you can accept session cookies and use them in future calls to Invoke-WebRequest via the -SessionVariable and -WebSession parameters, but I'm not sure that's what you need. I haven't seen a pop-up box related to cookies when using Invoke-WebRequest before.

    # Set up a session variable on the first call to Invoke-WebRequest
    
    Invoke-WebRequest @otherParams -SessionVariable myWebSession
    
    # Use the session in future calls
    
    Invoke-WebRequest @otherParams -WebSession $myWebSession
    
  • #10270
    Profile photo of Vern Anderson
    Vern Anderson
    Participant

    Thank you Dave!

    Do you know of a way to have it accept a self signed certificate of the site from within PowerShell?
    The page also uses a session cookie and I keep getting this error. . .

    RawContent : HTTP/1.1 200 OK
    Content-Length: 2613
    Cache-Control: no-store,no-cache,must-revalidate
    Content-Type: text/html; charset=UTF-8
    Date: Thu, 19 Sep 2013 21:16:52 GMT
    Expires: -1
    Last-Modified: Thu, 1...

    -VERN

    $corelogin = Invoke-WebRequest -URI https://staging.core.mydomain.com/py/core_login_page.pt -SessionVariable coresession
    $forms = $corelogin.Forms[0]
    $form.Fields["core_userid"]="userid"
    $form.Fields["core_password"]="P@ssw0rd"
    $corelogin = Invoke-RestMethod -Uri ("https://staging.core.mydomain.com/py/core/#/account/930791/ccontacts" + $form.Action) -WebSession $coresession -Method POST -Body $form.Fields

  • #10271
    Profile photo of Dave Wyatt
    Dave Wyatt
    Moderator

    Sorry, that's not something I've tried to do before. There are a couple of workarounds over at http://connect.microsoft.com/PowerShell/feedback/details/419466/new-webserviceproxy-needs-force-parameter-to-ignore-ssl-errors which look like they might help.

  • #10386
    Profile photo of Vern Anderson
    Vern Anderson
    Participant

    OK so I still need help with this. I have a web page that basically looks like this. . .

    [form box for user ID ]
    [form box for password]
    [button "login"]

    I want to use the post method to put the user id and password in the 2 form boxes and I need to figure out how to tell PowerShell to click the button to submit the login credentials. If I capture the HtmlWebResponseObject objects returned from a web request...

    Inputfields
    innerHTML :
    innerText :
    outerHTML :
    outerText :
    tagName : INPUT
    style : WIDTH: 150px
    name : core_userid

    innerHTML :
    innerText :
    outerHTML :
    outerText :
    tagName : INPUT
    style : WIDTH: 150px
    value :
    type : password
    name : core_password

    innerHTML :
    innerText :
    outerHTML :
    outerText :
    tagName : INPUT
    value : fXEBKFUMY3VycmVudF9wYWdlcQJVDS9weS9zcGxhc2gucHRxA1UIcG9zdHZhcnNxBH1xBShVC2Nv cmVfdXNlcmlkcQZjY29weV9yZWcKX3JlY29uc3RydWN0b3IKcQcoY3BzZS5mb3JtClBTRXN0cgpx CGNfX2J1aWx0aW5fXwpzdHIKcQlVD
    XZlcm4uYW5kZXJzb250UnEKVQR0eXBlcQtoByhoCGgJVQZz dWJtaXR0UnEMVQ1jb3JlX3Bhc3N3b3JkcQ1oByhoCGgJVQZxd2VydHl0UnEOdXUu
    type : hidden
    name : core_post_vars

    innerHTML :
    innerText :
    outerHTML :
    outerText :
    tagName : INPUT
    style : PADDING-LEFT: 2ex; PADDING-RIGHT: 2ex
    class : form_button
    value : LOGIN
    type : submit

    Forms
    Id : login
    Method : post
    Action : /py/core_login_handler.pt
    Fields : {[core_userid, ], [core_password, ], [core_post_vars, fXEBKFUMY3VycmVudF9wYWdlcQJVDS9weS9zcGxhc2gucHRxA1UIcG9zdHZhcnNxBH1xBShVC2Nv
    cmVfdXNlcmlkcQZjY29weV9yZWcKX3JlY29uc3RydWN0b3IKcQcoY3BzZS5mb3JtClBTRXN0cgpx
    CGNfX2J1aWx0aW5fXwpzdHIKcQlVDXZlcm4uYW5kZXJzb250UnEKVQR0eXBlcQtoByhoCGgJVQZz
    dWJtaXR0UnEMVQ1jb3JlX3Bhc3N3b3JkcQ1oByhoCGgJVQZxd2VydHl0UnEOdXUu]}

    What is the best way to login to such a page and store the session cookie for use with future Invoke-WebRequest gets and queries?

    -VERN

  • #10387
    Profile photo of Dave Wyatt
    Dave Wyatt
    Moderator

    There's example code for just such a scenario in the Invoke-WebRequest help file:

    # Sends a sign-in request by running the Invoke-WebRequest cmdlet. The command specifies a value of "fb" for the SessionVariable parameter, and saves the results in the $r variable.
    
    $r=Invoke-WebRequest http://www.facebook.com/login.php -SessionVariable fb
    
    # Use the session variable that you created in Example 1. Output displays values for Headers, Cookies, Credentials, etc. 
    
    $fb
    
    # Gets the first form in the Forms property of the HTTP response object in the $r variable, and saves it in the $form variable. 
    
    $form = $r.Forms[0]
    
    # Pipes the form properties that are stored in the $forms variable into the Format-List cmdlet, to display those properties in a list. 
    
    $form | Format-List
    
    # Displays the keys and values in the hash table (dictionary) object in the Fields property of the form.
    
    $form.fields
    
    # The next two commands populate the values of the "email" and "pass" keys of the hash table in the Fields property of the form. Of course, you can replace the email and password with values that you want to use. 
    
    $form.Fields["email"] = "User01@Fabrikam.com"
    $form.Fields["pass"] = "P@ssw0rd"
    
    # The final command uses the Invoke-WebRequest cmdlet to sign in to the Facebook web service. 
    
    $r=Invoke-WebRequest -Uri ("https://www.facebook.com" + $form.Action) -WebSession $fb -Method POST -Body $form.Fields
    

    You'll need to modify it slightly to match your webpage, but it should hopefully get the job done.

  • #10395
    Profile photo of Vern Anderson
    Vern Anderson
    Participant

    Yep I tried using that example exactly and changed the URI value to mydomain but the login fields are different from facebook. I had already tried that I was hoping some one with experience getting it working could look at the output I posted and help me discover how to use it to login to my app.

    Don Jones for example wrote this. . .
    http://gallery.technet.microsoft.com/scriptcenter/PowerShellorg-People-8ba6701f

    His is example is on a PHP page this page is heavy on JAVA and JSON. I know PowerShell can handle JSON but I am having trouble ramping up on making this work.

    -VERN

  • #10396
    Profile photo of Dave Wyatt
    Dave Wyatt
    Moderator

    It's hard to give you exact code without being able to connect to the website myself. If it's just the field names that are giving you trouble, try changing these lines in the example:

    $form.Fields["email"] = "User01@Fabrikam.com"
    $form.Fields["pass"] = "P@ssw0rd"
    
    # Try changing them to this:
    
    $form.Fields["core_userid"] = "User01@Fabrikam.com"
    $form.Fields["core_password"] = "P@ssw0rd"
    
    
    
  • #10397
    Profile photo of Vern Anderson
    Vern Anderson
    Participant

    Yep that is exactly what I did. But I need a way to tell PowerShell to then submit the login button input.

  • #10398
    Profile photo of Dave Wyatt
    Dave Wyatt
    Moderator

    The second call to Invoke-WebRequest is what posts the form (the same thing that a web browser would do when you clicked the Submit button):

    $r=Invoke-WebRequest -Uri ("https://www.facebook.com" + $form.Action) -WebSession $fb -Method POST -Body $form.Fields
    

You must be logged in to reply to this topic.