3

I do not know much about APIs, but nothing I have seen seems to get me what I need.

This works in the cmd line:

curl -X POST --user user:password --data-raw "Request=GET%2C%2892837F755%29%2C%28" http://url.com

I cannot seem to convert this to anything working in PowerShell. I have tried this, and this, and this, and nothing seems to work.

Anyone got any suggestions?

Thanks to a comment, I tried this:

Invoke-WebRequest -Method Post -UseBasicParsing -Uri "http://example.com/foo?some=param&Request=GET%%2C%%2892837F‌​755%%29%%2C%%28" -Headers @{Authorization=[Convert]::ToBase64String([Text.Encoding]::A‌​SCII.GetBytes('usern‌​ame:password'))}

But it returned this:

Invoke-WebRequest :
401 Authorization Required
Authorization Required
This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.
Apache/2.2.3 (Red Hat) Server at rplus.intdata.com Port 80
At line:1 char:1
+ Invoke-WebRequest -Method Post -UseBasicParsing -Uri ""http://example ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

EDIT2:

I figured out how to see the outgoing request from curl, and it looks like this:

C:\windows\system32>curl -X POST --user user:password --data-raw "Request=GET%2C%2892837F755%29%2C%28" http://url.com

*   Trying 100.100.100.100...
* TCP_NODELAY set
* Connected to url.com (100.100.100.100) port 80 (#0)
* Server auth using Basic with user 'user'
> POST /url HTTP/1.1
> Host: url.com
> Authorization: Basic *****
> User-Agent: curl/7.52.1
> Accept: */*
> Content-Length: 87
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 87 out of 87 bytes
* HTTP 1.0, assume close after body
< HTTP/1.0 200 Script results follow
< Content-type: text/plain
<
"theResponseIExpected"
* Curl_http_done: called premature == 0
* Closing connection 0

(I changed a bunch of the actual strings in the text above...).

SO, it looks like there's this basic authentication in the header, followed by some 20-digit alphanumeric thing (***** in the text above). What is that? How does curl generate that? If it is some sort of encryption or translation, it looks as if it is only changing the password, and not the user. Not sure if that is the same as what this does - ToBase64String([Text.Encoding]::ASCII.GetBytes('user:password'))

Edit 3:

This seems to work, and seems to get a response, but PowerShell doesnt seem to like it:

$user = "user"
$pass = "password"
$pair = "${user}:${pass}"

$bytes = [System.Text.Encoding]::ASCII.GetBytes($pair)
$base64 = [System.Convert]::ToBase64String($bytes)

$basicAuthValue = "Basic $base64"

$headers = @{ Authorization = $basicAuthValue }
Invoke-WebRequest -Uri "url.com?Request=..." -Headers $headers

I am now getting the following:

Invoke-WebRequest : The server committed a protocol violation. Section=ResponseStatusLine
At line:13 char:1

I have found a few posts related to this, but they all want me to change a config file. I have tried that, but it does not seem to work. It seems the response is in HTTP1.0, and InvokeWebRequest wants 1.1. Is there a way within this script to let it allow 1.0 responses??

lukehawk
  • 1,423
  • 3
  • 22
  • 48
  • 2
    Try `Invoke-WebRequest -Method Post -UseBasicParsing -Uri "http://example.com/foo?some=param&Request=GET%%2C%%2892837F755%%29%%2C%%28" -Headers @{Authorization=[Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes('username:password'))}`. If it doesn't work please be more specific about how *exactly* it doesn't work. – Ansgar Wiechers Jul 27 '17 at 00:13
  • Thanks! I tried this, and it seemed to get farther than other attempts. BUT, it is telling me I have bad credentials (see edits...) – lukehawk Jul 27 '17 at 11:29
  • You did change `'username:password'` to your actual credentials, didn't you? – Ansgar Wiechers Jul 27 '17 at 11:35
  • Ha. Yes - and I changed the URL to the correct one. Trying to keep the actual strings on the DL. – lukehawk Jul 27 '17 at 11:42
  • 1
    Are you behind a company proxy? – kdh Jul 27 '17 at 11:43
  • I am not sure - how would I see that? But - if that were the case, the curl script would not work, corrrect? – lukehawk Jul 27 '17 at 11:54
  • Curl may default to using the machinewide proxy setup where invoke-webrequest doesn't. Try a simple Invoke-WebRequest "www.google.com", if that breaks as well you are probably looking at a proxy issue and should try Invoke-Webrequest "http://www.google.com" -ProxyUseDefaultCredentials -Proxy "http://yourproxy:yourproxyport" Also, use invoke-RestMethod instead if you are expecting xml or json to return :) – kdh Jul 27 '17 at 11:57
  • Thanks! I did the google web request and it worked fine. StatusCode 200 I added a bunch more information to the original post, too. – lukehawk Jul 27 '17 at 12:02
  • 1
    Try replcing to this in the invoke-webrequest maybe @{Authorization="Basic " + [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes('username:password'))} based on this https://stackoverflow.com/questions/27951561/use-invoke-webrequest-with-a-username-and-password-for-basic-authentication-on-t – kdh Jul 27 '17 at 12:21
  • This seems to work! ... but I have a new problem. See edits above... – lukehawk Jul 27 '17 at 14:05

0 Answers0