RestAPI authentication with PowerShell

Question

I am trying to access the API of OpenProvider using PowerShell and I can't seem to get past Authentication.

The documentation for the API is here : https://support.openprovider.eu/hc/en-us/articles/360025683173-Getting-started-with-Openprovider-API

And my code looks like this:

$EndPoint = "https://api.openprovider.eu/v1beta/auth/login"

function Get-ConfHeaders 
{
##Configure headers
$Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$Headers.Add("ip","0.0.0.0") 
$Headers.Add("username","myusername") 
$Headers.Add("hash","APIpasswordhashgoeshere") 

return $Headers

}

$header = Get-ConfHeaders

Invoke-RestMethod -Method Post -Uri $EndPoint -Headers $header 

The response get is :

Invoke-RestMethod : The remote server returned an error: (500) Internal Server Error.
At line:36 char:1
+ Invoke-RestMethod -Method Post -Uri $EndPoint -Headers $header
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

I am by no means an expert when it comes to API and any help would be appreciated.

Answer 1

Here is how I could get a valid failure from your uri:

function GetApiSession () {

    $username = "username"
    $userpass = "password"

    $auth = $username + ":" + $userpass
    $Encoded = [System.Text.Encoding]::UTF8.GetBytes($auth)
    $EncodedPassword = [System.Convert]::ToBase64String($Encoded)
    $Global:headers= @{"Authorization"="Basic $($EncodedPassword)"}

    try {
    add-type @"
        using System.Net;
        using System.Security.Cryptography.X509Certificates;
        public class TrustAllCertsPolicy : ICertificatePolicy {
            public bool CheckValidationResult(
                ServicePoint srvPoint, X509Certificate certificate,
                WebRequest request, int certificateProblem) {
                return true;
            }
        }
"@
    } catch {

    }

    [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
    $AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
    [System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
    
    $Invoke_RestMethod_param = @{
        Uri                  = "https://api.openprovider.eu/v1beta/auth/login"
        Method               = 'POST'
        ContentType          = 'application/json'
        Headers              = $headers
    }

    $Uri_Response = Invoke-RestMethod @Invoke_RestMethod_param


    return $Uri_Response
}

GetApiSession

APIs are not one-size-fits-all, but this the best way I have found to deal with them, or at least the best starting point. I've accumulated this from many solutions over time, and still I sometimes run into trouble.

When I run this, I can't get output because I obviously don't have real creds, but I do get a real response:

Invoke-RestMethod : The remote server returned an error: (500) Internal Server Error.

And I know it is because if I change the verb from POST to GET, I still get a legit response from the uri:

Invoke-RestMethod : {"desc":"Method is not implemented","code":81}

So this is the pattern I use when I start working with any new api.

Answer 2

Ok, I think the API documentation here leaves a lot to be desired.

You need to include the authentication in the body and it needs to be converted to JSON format. So the working code looks like this:-

$EndPoint = "https://api.openprovider.eu/v1beta/auth/login"

function Get-ConfHeaders
{
##Configure headers
$Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$Headers.Add("ip","0.0.0.0") 
$Headers.Add("username","username") 
$Headers.Add("password","passwordhere") 
return $Headers
}

$header = Get-ConfHeaders | ConvertTo-Json

Invoke-RestMethod -Method Post -Uri $EndPoint -body $header -ContentType 'application/json' 

Thanks for the help everyone.