Developer

last person joined: yesterday 

Back to discussions
Expand all | Collapse all

Powershell example

This thread has been viewed 15 times

  • 1.  Powershell example

    Posted Jan 28, 2019 07:35 AM

    Does anybody have an example of how to login to the APIGW from arubacentral?

    I can Login to the api, but when i try to authorize, it always tells me that the CSRF-token is missing or incorrect.

    My Code: (will be functionized if everything is working, but for testing, this is just quick and dirty)

    $URL = $BaseURI+"/oauth2/authorize/central/api/login"
$LoginBody = '{"username":"'+$User_Name+'","password":"'+$Pass_Word+'","client_id":"'+$Client_ID+'"}'
$Request = Invoke-WebRequest -Uri $URL -Method Post -Body $LoginBody -ContentType application/json -SessionVariable Cookies
$Cookies = $Cookies.Cookies.GetCookies($URL)
$URL = $BaseURI+"/oauth2/authorize/central/api"
ForEach ($Cookie in $Cookies)
{
    if ($Cookie.Name = "csrftoken")
    {
        $CSRFToken=$cookie.value
    }
    if ($Cookie.Name = "session")
    {
        $Session=$cookie.value
    }
}
$Headers = @{"X-CSRF-Token"=$CSRFToken;"session"=$Session}
$AuthenBody = '{"customer_id":"'+$CustomerID+'","client_id":"'+$ClientID+'","CSRF-Token":"'+$CSRFToken+'","session":"'+$Session+'"}'
$Request = Invoke-WebRequest -Uri $URL -Method Post -Body $AuthenBody -ContentType application/json -Headers $Headers


  • 2.  RE: Powershell example

    MVP GURU
    Posted Jan 28, 2019 07:52 AM

    Look good, do you have check if it is not sensible to the case ?

     

    Do you have compare with another implementation ? (if it is available...)

     



  • 3.  RE: Powershell example

    Posted Jan 28, 2019 08:30 AM

    It is not possible to compare with another implemenation because no other questions have been asked for the arubacentral apigw as far as i could search.



  • 4.  RE: Powershell example

    EMPLOYEE
    Posted Jan 29, 2019 03:33 AM

    Hi,

     

    Did you check this ?

    https://community.arubanetworks.com/t5/Cloud-Managed-Networks/Need-some-help-with-the-Central-API/td-p/403585

     

    It is for Python, but you should be able to see how it works.



  • 5.  RE: Powershell example

    Posted Mar 04, 2019 10:05 AM

    After working with this issue for a few days, I finally have a working one.  Thanks to an Aruba contact, I was able to pass the CSRF-Token.  The main problem seemed to be that you have to add the retrieved cookies back to the current session.

    # Aruba Central Information
$clientID = '[client_id]'
$clientSecret = '[client_secret]'
$username = '[username]'
$password = '[password]'

$BaseURL = '[Your Aruba URL]'
$APIURL = $baseURL + '/oauth2/authorize/central/api'
$LoginURL = $APIURL + '/login'
$contentType = 'application/json'

Write-Host "Requesting CSRF Token using $username ..." -ForegroundColor Yellow
$RequestURL = $LoginURL + "?client_id=$clientID"

$CSRFHeaders = New-Object 'System.Collections.Generic.Dictionary[[String],[String]]'
$CSRFHeaders.add('Content-Type',$contentType)

$CSRFBody = @{
    username = "$username"
    password = "$password"
} | ConvertTo-Json

$Response = Invoke-WebRequest -Method Post -Uri $RequestURL -Headers $CSRFHeaders -Body $CSRFBody  -SessionVariable CurrentSession

$Cookies = $CurrentSession.Cookies.GetCookies($RequestURL)
$CSRFToken = $Cookies[0].value
$SessionID = $Cookies[1].value
$CurrentSession.Cookies.Add($Cookies)

if($CSRFToken){
    Write-Host "CSRFToken Retrieved: $CSRFToken"
} else {
    Write-Host 'Did not receive a CSRFToken'
    exit
}

# Request Auth Token
Write-Host 'Requesting Authorization token...' -ForegroundColor Yellow
$responseType = 'code'
$scope = 'all'
$customerID = '[customer_id]'
$AuthURL = $APIURL + "?client_id=$clientID&response_type=$responseType&scope=$scope"
$AuthHeaders = New-Object 'System.Collections.Generic.Dictionary[[String],[String]]'
$AuthHeaders.add('X-CSRF-TOKEN',$CSRFToken)
$AuthHeaders.add('Cookie',$SessionID)
$AuthHeaders.add('Content-Type', $contentType)

$AuthBody = [ordered]@{
    customer_id = $customerID
} | ConvertTo-Json

try{
    $AuthResponse = Invoke-WebRequest -Method Post -Uri $AuthURL -Headers $AuthHeaders -Body $AuthBody -WebSession $CurrentSession -ErrorVariable RespErr
} catch {
    $_.Exception.Message
    $_.Exception.Response
    $RespErr
    exit
}

$auth_code = ($AuthResponse.Content | ConvertFrom-Json).auth_code

# Get access and refresh tokens from auth code
Write-Host 'Requesting access token...' -ForegroundColor Yellow
$grantType = 'authorization_code'
$TokenURL = $BaseURL + '/oauth2/token'
$TokenURL += "?client_id=$clientID&grant_type=$grantType&client_secret=$clientSecret&code=$auth_code"
$TokenResponse = Invoke-WebRequest -Method Post -Uri $TokenURL
$accessToken = ($TokenResponse.Content | ConvertFrom-Json).access_token
$accessToken 

     



  • 6.  RE: Powershell example

    Posted Apr 16, 2019 09:17 AM

    chhill i have tried your example powershell, but i always get an error 400 invalid request, no matter what i do to change the code....

    I currently have this that is working up until the last try/catch block .

    # Aruba Central Information
$clientID = '[clientID]'
$clientSecret = '[clientSecret]'
$username = '[username]'
$password = '[password]'
$BaseURL = '[BaseURL]'
$customerID = '[CustomerID]'

$APIURL = $baseURL + '/oauth2/authorize/central/api'
$LoginURL = $APIURL + '/login'
$contentType = 'application/json'

Write-Host "Requesting CSRF Token using $username ..." -ForegroundColor Yellow
$RequestURL = $LoginURL + "?client_id=$clientID"

$CSRFHeaders = New-Object 'System.Collections.Generic.Dictionary[[String],[String]]'
$CSRFHeaders.add('Content-Type',$contentType)

$CSRFBody = @{
    username = "$username"
    password = "$password"
} | ConvertTo-Json

$Response = Invoke-WebRequest -Method Post -Uri $RequestURL -Headers $CSRFHeaders -Body $CSRFBody  -SessionVariable CurrentSession

$Cookies = $CurrentSession.Cookies.GetCookies($RequestURL)
$CSRFToken = $Cookies[0].value
$SessionID = $Cookies[1].value
$CurrentSession.Cookies.Add($Cookies)

if(!$CSRFToken){
    Write-Host 'Did not receive a CSRFToken'
    exit
}

# Request Auth Token
Write-Host 'Requesting Authorization token...' -ForegroundColor Yellow
$responseType = 'code'
$scope = 'all'
$AuthURL = $APIURL + "?response_type=$responseType&scope=$scope"
$AuthHeaders = New-Object 'System.Collections.Generic.Dictionary[[String],[String]]'
$AuthHeaders.add('X-CSRF-TOKEN',$CSRFToken)
$AuthHeaders.add('Cookie',$SessionID)
$AuthHeaders.add('Content-Type', $contentType)

$AuthBody = [ordered]@{
    customer_id = $customerID;
    client_id = $clientID
} | ConvertTo-Json

try{
    $AuthResponse = Invoke-WebRequest -Method Post -Uri $AuthURL -Headers $AuthHeaders -Body $AuthBody -WebSession $CurrentSession -ErrorVariable RespErr
} catch {
    $_.Exception.Message
    $_.Exception.Response
    $RespErr
    exit
}

$auth_code = ($AuthResponse.Content | ConvertFrom-Json).auth_code

# Get access and refresh tokens from auth code
Write-Host 'Requesting access token...' -ForegroundColor Yellow
$grantType = 'authorization_code'
$TokenURL = $BaseURL + '/oauth2/token' #+ "?grant_type=$grantType&code=$auth_code&client_id=$clientID&client_secret=$clientSecret"
$AuthBody = [ordered]@{
    grant_type = $grantType;
    code = $auth_code;
    client_id = $clientID;
    client_secret = $clientSecret
} | ConvertTo-Json
try{
    $TokenResponse = Invoke-WebRequest -Method Post -Uri $TokenURL -Headers $AuthHeaders -Body $AuthBody -WebSession $CurrentSession -ErrorVariable RespErr
} catch {
    $_.Exception.Message
    $_.Exception.Response
    $RespErr
    $RespErr.Count
    exit
}
$accessToken = ($TokenResponse.Content | ConvertFrom-Json).access_token
$accessToken

    anybody got a clue what is going wrong????