Logging on Json

Welcome Forums General PowerShell Q&A Logging on Json

Viewing 3 reply threads
  • Author
    Posts
    • #182010
      Participant
      Topics: 40
      Replies: 166
      Points: 560
      Helping Hand
      Rank: Major Contributor

      I've trying to logon to a Gemini website using PowerShell but so far I've not been able to figure out how to use the commands in the documentation .

      https://docs.countersoft.com/api-authentication-methods/

      I've tried changing this...

      
      
      var geminiUrl = "http://localhost/gemini/api/type/55";
      var geminiUsername = Base64("user:"+ Base64(md5("password"))); // user:password
      
      $.ajax({
          url: geminiUrl,
          type: "GET",
          headers: { "Authorization": "Basic " + geminiUsername },
          success: function (data) {
            alert('Success!');
          }
      });

      To this, see below, but not getting anywhere.

      $Url = "https://ops.ourweb.com/api/type/55"
      $user = "joebloggs"
      $pass = "Passw0rd1"
      $secpasswd = ConvertTo-SecureString $pass -AsPlainText -Force
      $cred = New-Object System.Management.Automation.PSCredential ($user, $secpasswd)
      Invoke-RestMethod -Uri $Url -Method "Get" -Credential $cred -ContentType "application/json"
      
      

       

       

       

       

       

    • #182079
      Participant
      Topics: 6
      Replies: 658
      Points: 47
      Rank: Member

      Your PowerShell does not match the JavaScript functionality.

      ConvertTo-SecureString is not the same thing as Base64("user:"+ Base64(md5("password")));

      And -Credential on the invoke-RestMethod is using windows authentication, which is not what the API is expected.  It is expecting the Base64 encoded username and MD5 password hash to be passed in the Authorization header value.  You would need to mimic this in PowerShell

      You could use the Get-StringHash function to generate the MD5 hash (https://gallery.technet.microsoft.com/scriptcenter/Get-StringHash-aa843f71)

      IE something like this to build the authentication string:

      #Get-StringHash function from https://gallery.technet.microsoft.com/scriptcenter/Get-StringHash-aa843f71#
      Function Get-StringHash([String] $String,$HashName = "MD5")
      {
      $StringBuilder = New-Object System.Text.StringBuilder
      [System.Security.Cryptography.HashAlgorithm]::Create($HashName).ComputeHash([System.Text.Encoding]::UTF8.GetBytes($String))|
      ForEach-Object {
      [Void]$StringBuilder.Append($_.ToString("x2"))
      }
      $StringBuilder.ToString()
      }
      
      $encodedpass = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes((Get-StringHash -String "[password goes here]")))
      $geminiUsername = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes(":$encodedpass"))
      

      Then when you do your Invoke-RestMethod call, you need to pass it as a header value using -header, not a credential using -credential

    • #182241
      Participant
      Topics: 40
      Replies: 166
      Points: 560
      Helping Hand
      Rank: Major Contributor

      Thanks Curtis.

      I gave that a try but got an error:

      Cannot bind parameter 'Headers'. Cannot convert the
      "ZWJzaVxpYmFybmV0c29uOk56WXdabVZrWlRWbE1HRTVZelUxTmpoa01tRTNaakJtTWpNNU5HUXdaakU9" value of type "System.String" to type "System.Collections.IDictionary"
      
      

      This is what I ran

      
      Function Get-StringHash([String] $String,$HashName = "MD5")
      
      {
      $StringBuilder = New-Object System.Text.StringBuilder
      
      [System.Security.Cryptography.HashAlgorithm]::Create($HashName).ComputeHash([System.Text.Encoding]::UTF8.GetBytes($String))|
      
      ForEach-Object {
      
      [Void]$StringBuilder.Append($_.ToString("x2"))
      
      }
      
      $StringBuilder.ToString()
      }
      
      $encodedpass = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes((Get-StringHash -String "Password!")))
      $geminiUsername = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("mydomain\myusername:$encodedpass"))
      
      $Url = "https://ops.domain.com/api/type/55"
      
      Invoke-RestMethod -Uri $Url -Method Post -Header $geminiUsername -ContentType "application/json"
      
      

      I also tried without the "mydomain\myusername", same error returned.

       

    • #182412
      Participant
      Topics: 6
      Replies: 658
      Points: 47
      Rank: Member

      You are not using -header correctly

      the value of header is expected to be a dictionary, not a string

Viewing 3 reply threads
  • You must be logged in to reply to this topic.