Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <# LoginTo-Spiceworks.ps1
- .SYNOPSIS
- Logs into Spiceworks and returns a session object to be used in further page or api calls
- .PARAMETER $url
- The root of the Spiceworks url without any trailing slashes
- .PARAMETER $username
- User login that has permission to login to /login
- .PARAMETER $password
- User password to /login
- .OUTPUTS
- Microsoft.PowerShell.Commands.WebRequestSession object containing cookies for further page or api calls using Invoke-WebRequest or Invoke-RestMethod
- .LINK
- http://community.spiceworks.com/topic/295123-fun-spiceworks-community-project
- .LINK
- http://community.spiceworks.com/topic/144808-spiceworks-api-question
- .LINK
- http://social.technet.microsoft.com/Forums/windowsserver/en-US/21e834e4-65a9-43df-8177-c4060dd66dc1/having-trouble-trying-to-get-json-info-from-spiceworks-website
- .LINK
- http://community.spiceworks.com/scripts/show/311-spiceworks-ticket-rss-atom-feed
- .NOTES
- Requires PowerShell 3.0 and .NET Framework 4.0
- Script is commented on sections I found interesting.
- .EXAMPLE
- $session = .\LoginTo-Spiceworks.ps1 "https://my.spiceworks.server" "user_login" "user_password"
- $jsonData = ConvertTo-Json(Invoke-RestMethod ($url + "/api/tickets.json") -WebSession $session)
- #>
- [CmdletBinding()]
- Param(
- [Parameter()][string] $url,
- [Parameter()][string] $username,
- [Parameter()][string] $password
- )
- add-type @"
- using System.Net;
- using System.Security.Cryptography.X509Certificates;
- public class TrustAllCertsPolicy : ICertificatePolicy {
- public bool CheckValidationResult(
- ServicePoint srvPoint, X509Certificate certificate,
- WebRequest request, int certificateProblem) {
- return true;
- }
- }
- "@
- [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
- # Constants
- $userAgent = "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36"
- $headers = @{"Accept"="text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8";
- "Accept-Encoding"="gzip,deflate,sdch";
- "Accept-Language"="en-US,en;q=0.8";}
- # First call - used to get "spiceworks_session" cookie and "authenticity_token" form entry
- # UserAgent and Headers not necessary here, but included to match fiddler capture of browser
- $r = Invoke-WebRequest ($url + "/pro_users/login") -SessionVariable session -UserAgent $userAgent -Headers $headers
- # There are 3 "Set-Cookie" in the response - the 2nd one is blank - fine for browsers, but powershell takes the first one and ignores the 2nd and 3rd - so we fix:
- $session.Cookies.SetCookies($url,$r.Headers['Set-Cookie'] -split ',' -match '.' -join ',')
- # Fill out form fields:
- # 1.) Can't use $r.Forms[0].Fields[*] because it returns the "id" on form inputs, but "name" inputs are passed to POST
- # 2.) Can't use a dictionary object as it sends data in incorrect order in the POST
- # 3.) Plain string works - pickaxe and both btn inputs are not necessary but there to match fiddler capture of browser
- $formFieldsText = "authenticity_token=" + [System.Net.WebUtility]::UrlEncode($r.Forms[0].Fields["authenticity_token"]) + `
- "&_pickaxe=%E2%B8%95" + ` # Go figure, it's an actual pickaxe in unicode
- "&pro_user%5Bemail%5D=" + [System.Net.WebUtility]::UrlEncode($username) + `
- "&pro_user%5Bpassword%5D=" + [System.Net.WebUtility]::UrlEncode($password) + `
- "&btn=login&btn=login"
- # Redirection not necessary - cookies get messed up between posts unless you manually fix, so we don't follow redirections
- $session.MaximumRedirection = 0
- # Second call - post login data, authenticity_token, and spiceworks_session cookie - Ignore Error output as we'll go over the MaximumRedirection setting here
- # This call returns a different spiceworks_cookie and 2 other cookies needed for all future calls (portal_user_email and user_id)
- # Have not tested excluding these other cookies to see if other url's work without them, easier to just include them all)
- # UserAgent and Headers not necessary here, but included to match fiddler capture of browser
- $r = Invoke-WebRequest ($url + "/login") -WebSession $session -Method POST -Body $formFieldsText -UserAgent $userAgent -Headers $headers -ErrorAction SilentlyContinue
- # Fix blank set-cookie header again
- $session.Cookies.SetCookies($url,$r.Headers['Set-Cookie'] -split ',' -match '.' -join ',')
- # Return the session object for future calls
- $session
- #An example of returning JSON data using the web session cached above:
- $Data = Invoke-WebRequest -uri "$url/api/devices.json" -WebSession $session -ContentType "application/x-www-form-urlencoded" | ConvertFrom-Json
- $Data
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement