Developer Community

Reply
New Contributor

Powershell example

Does anybody have an example of how to login to the APIGW from arubacentral?

I can Login to the api, but when i try to authorize, it always tells me that the CSRF-token is missing or incorrect.

My Code: (will be functionized if everything is working, but for testing, this is just quick and dirty)

$URL = $BaseURI+"/oauth2/authorize/central/api/login"
$LoginBody = '{"username":"'+$User_Name+'","password":"'+$Pass_Word+'","client_id":"'+$Client_ID+'"}'
$Request = Invoke-WebRequest -Uri $URL -Method Post -Body $LoginBody -ContentType application/json -SessionVariable Cookies
$Cookies = $Cookies.Cookies.GetCookies($URL)
$URL = $BaseURI+"/oauth2/authorize/central/api"
ForEach ($Cookie in $Cookies)
{
    if ($Cookie.Name = "csrftoken")
    {
        $CSRFToken=$cookie.value
    }
    if ($Cookie.Name = "session")
    {
        $Session=$cookie.value
    }
}
$Headers = @{"X-CSRF-Token"=$CSRFToken;"session"=$Session}
$AuthenBody = '{"customer_id":"'+$CustomerID+'","client_id":"'+$ClientID+'","CSRF-Token":"'+$CSRFToken+'","session":"'+$Session+'"}'
$Request = Invoke-WebRequest -Uri $URL -Method Post -Body $AuthenBody -ContentType application/json -Headers $Headers
MVP Expert

Re: Powershell example

Look good, do you have check if it is not sensible to the case ?

 

Do you have compare with another implementation ? (if it is available...)

 



PowerArubaSW: Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP... More info

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...) More info

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)

PowerArubaIAP: Powershell Module to use Aruba Instant AP

PowerArubaMC: Powershell Module to use Mobility Controller / Master


ACMP 6.4 / ACMX #107 / ACCP 6.5 / ACSP
New Contributor

Re: Powershell example

It is not possible to compare with another implemenation because no other questions have been asked for the arubacentral apigw as far as i could search.

Re: Powershell example

Hi,

 

Did you check this ?

https://community.arubanetworks.com/t5/Cloud-Managed-Networks/Need-some-help-with-the-Central-API/td-p/403585

 

It is for Python, but you should be able to see how it works.

Highlighted
New Contributor

Re: Powershell example

After working with this issue for a few days, I finally have a working one.  Thanks to an Aruba contact, I was able to pass the CSRF-Token.  The main problem seemed to be that you have to add the retrieved cookies back to the current session.

# Aruba Central Information
$clientID = '[client_id]'
$clientSecret = '[client_secret]'
$username = '[username]'
$password = '[password]'

$BaseURL = '[Your Aruba URL]'
$APIURL = $baseURL + '/oauth2/authorize/central/api'
$LoginURL = $APIURL + '/login'
$contentType = 'application/json'

Write-Host "Requesting CSRF Token using $username ..." -ForegroundColor Yellow
$RequestURL = $LoginURL + "?client_id=$clientID"

$CSRFHeaders = New-Object 'System.Collections.Generic.Dictionary[[String],[String]]'
$CSRFHeaders.add('Content-Type',$contentType)

$CSRFBody = @{
    username = "$username"
    password = "$password"
} | ConvertTo-Json

$Response = Invoke-WebRequest -Method Post -Uri $RequestURL -Headers $CSRFHeaders -Body $CSRFBody  -SessionVariable CurrentSession

$Cookies = $CurrentSession.Cookies.GetCookies($RequestURL)
$CSRFToken = $Cookies[0].value
$SessionID = $Cookies[1].value
$CurrentSession.Cookies.Add($Cookies)

if($CSRFToken){
    Write-Host "CSRFToken Retrieved: $CSRFToken"
} else {
    Write-Host 'Did not receive a CSRFToken'
    exit
}

# Request Auth Token
Write-Host 'Requesting Authorization token...' -ForegroundColor Yellow
$responseType = 'code'
$scope = 'all'
$customerID = '[customer_id]'
$AuthURL = $APIURL + "?client_id=$clientID&response_type=$responseType&scope=$scope"
$AuthHeaders = New-Object 'System.Collections.Generic.Dictionary[[String],[String]]'
$AuthHeaders.add('X-CSRF-TOKEN',$CSRFToken)
$AuthHeaders.add('Cookie',$SessionID)
$AuthHeaders.add('Content-Type', $contentType)

$AuthBody = [ordered]@{
    customer_id = $customerID
} | ConvertTo-Json

try{
    $AuthResponse = Invoke-WebRequest -Method Post -Uri $AuthURL -Headers $AuthHeaders -Body $AuthBody -WebSession $CurrentSession -ErrorVariable RespErr
} catch {
    $_.Exception.Message
    $_.Exception.Response
    $RespErr
    exit
}

$auth_code = ($AuthResponse.Content | ConvertFrom-Json).auth_code

# Get access and refresh tokens from auth code
Write-Host 'Requesting access token...' -ForegroundColor Yellow
$grantType = 'authorization_code'
$TokenURL = $BaseURL + '/oauth2/token'
$TokenURL += "?client_id=$clientID&grant_type=$grantType&client_secret=$clientSecret&code=$auth_code"
$TokenResponse = Invoke-WebRequest -Method Post -Uri $TokenURL
$accessToken = ($TokenResponse.Content | ConvertFrom-Json).access_token
$accessToken 

 

New Contributor

Re: Powershell example

chhill i have tried your example powershell, but i always get an error 400 invalid request, no matter what i do to change the code....

I currently have this that is working up until the last try/catch block .

# Aruba Central Information
$clientID = '[clientID]'
$clientSecret = '[clientSecret]'
$username = '[username]'
$password = '[password]'
$BaseURL = '[BaseURL]'
$customerID = '[CustomerID]'

$APIURL = $baseURL + '/oauth2/authorize/central/api'
$LoginURL = $APIURL + '/login'
$contentType = 'application/json'

Write-Host "Requesting CSRF Token using $username ..." -ForegroundColor Yellow
$RequestURL = $LoginURL + "?client_id=$clientID"

$CSRFHeaders = New-Object 'System.Collections.Generic.Dictionary[[String],[String]]'
$CSRFHeaders.add('Content-Type',$contentType)

$CSRFBody = @{
    username = "$username"
    password = "$password"
} | ConvertTo-Json

$Response = Invoke-WebRequest -Method Post -Uri $RequestURL -Headers $CSRFHeaders -Body $CSRFBody  -SessionVariable CurrentSession

$Cookies = $CurrentSession.Cookies.GetCookies($RequestURL)
$CSRFToken = $Cookies[0].value
$SessionID = $Cookies[1].value
$CurrentSession.Cookies.Add($Cookies)

if(!$CSRFToken){
    Write-Host 'Did not receive a CSRFToken'
    exit
}

# Request Auth Token
Write-Host 'Requesting Authorization token...' -ForegroundColor Yellow
$responseType = 'code'
$scope = 'all'
$AuthURL = $APIURL + "?response_type=$responseType&scope=$scope"
$AuthHeaders = New-Object 'System.Collections.Generic.Dictionary[[String],[String]]'
$AuthHeaders.add('X-CSRF-TOKEN',$CSRFToken)
$AuthHeaders.add('Cookie',$SessionID)
$AuthHeaders.add('Content-Type', $contentType)

$AuthBody = [ordered]@{
    customer_id = $customerID;
    client_id = $clientID
} | ConvertTo-Json

try{
    $AuthResponse = Invoke-WebRequest -Method Post -Uri $AuthURL -Headers $AuthHeaders -Body $AuthBody -WebSession $CurrentSession -ErrorVariable RespErr
} catch {
    $_.Exception.Message
    $_.Exception.Response
    $RespErr
    exit
}

$auth_code = ($AuthResponse.Content | ConvertFrom-Json).auth_code

# Get access and refresh tokens from auth code
Write-Host 'Requesting access token...' -ForegroundColor Yellow
$grantType = 'authorization_code'
$TokenURL = $BaseURL + '/oauth2/token' #+ "?grant_type=$grantType&code=$auth_code&client_id=$clientID&client_secret=$clientSecret"
$AuthBody = [ordered]@{
    grant_type = $grantType;
    code = $auth_code;
    client_id = $clientID;
    client_secret = $clientSecret
} | ConvertTo-Json
try{
    $TokenResponse = Invoke-WebRequest -Method Post -Uri $TokenURL -Headers $AuthHeaders -Body $AuthBody -WebSession $CurrentSession -ErrorVariable RespErr
} catch {
    $_.Exception.Message
    $_.Exception.Response
    $RespErr
    $RespErr.Count
    exit
}
$accessToken = ($TokenResponse.Content | ConvertFrom-Json).access_token
$accessToken 

anybody got a clue what is going wrong????

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: