茫茫網海中的冷日
         
茫茫網海中的冷日
發生過的事,不可能遺忘,只是想不起來而已!
 恭喜您是本站第 1670499 位訪客!  登入  | 註冊
主選單

Google 自訂搜尋

Goole 廣告

隨機相片
PIMG_00020.jpg

授權條款

使用者登入
使用者名稱:

密碼:


忘了密碼?

現在就註冊!

微軟帝國 : [轉貼]在 PowerShell 中使用 curl ( Invoke-WebRequest )

討論區主頁 - 主題一覽 > 微軟帝國 > [轉貼]在 PowerShell 中使用 curl ( Invoke-WebRequest )
討論串 | 最新的先
前一個主題 | 下一個主題 | 頁尾
主題一覽的上方
發表者 討論內容
冷日
(冷日)		 發表時間:2018/10/26 14:46
Webmaster
  • 註冊日: 2008/2/19
  • 來自:
  • 發表數: 15771
[轉貼]在 PowerShell 中使用 curl ( Invoke-WebRequest )

在PowerShell中使用curl(Invoke-WebRequest)

前言

習慣了Windows的界面模式就很難轉去命令行,甚至以命令行發家的git也湧現出各種界面tool。然而命令行真的會比界面快的多,如果你是一個碼農。

situation:接到需求分析bug,需要訪問http。那臺機器屬於product,不允許裝postman。我只能手動命令行來發請求。發現了內置的PowerShell中有curl命令。歡喜試了半天,總是命令不對,Google發現這個curl是冒名頂替的,只是一個Invoke-WebRequest的alias。參考。


PS> Get-Alias -Definition Invoke-WebRequest | Format-Table -AutoSize
commandType Name                      version Source
----------- ----                      ------- ------
Alias       curl -> Invoke-WebRequest
Alias       iwr -> Invoke-WebRequest
Alias       wget -> Invoke-WebRequest




Invoke-WebRequest簡單用法

1.用途

Gets content from a web page on the Internet.

獲取http web請求訪問內容

2.語法Syntax


Parameter Set: Default
Invoke-WebRequest [-Uri]  [-Body  ] [-Certificate  ]
[-CertificateThumbprint  ] [-ContentType  ] [-Credential  ]
[-DisableKeepAlive] [-Headers  ] [-InFile  ] [-MaximumRedirection  ]
[-Method  {Default | Get | Head | Post | Put | Delete | Trace | Options | Merge | Patch} ]
[-OutFile  ] [-PassThru] [-Proxy  ] [-ProxyCredential  ]
[-ProxyUseDefaultCredentials] [-SessionVariable  ] [-TimeoutSec  ]
[-TransferEncoding  {chunked | compress | deflate | gzip | identity} ] [-UseBasicParsing]
[-UseDefaultCredentials] [-UserAgent  ] [-WebSession  ] [ ]

3.簡單的幾個用法
3.1 Get請求

PS C:\Users\rmiao> curl -URi https://www.google.com
StatusCode        : 200
StatusDescription : OK
Content           : 
RawContent        : HTTP/1.1 200 OK
                    X-XSS-Protection: 1; mode=block
                    X-Frame-Options: SAMEORIGIN
                    Alt-Svc: quic=":443"; ma=2592000; v="36,35,34,33,32"
                    Vary: Accept-Encoding
                    Transfer-Encoding: chunked

會發現content內容被截斷了。想要獲取完整的content:
ps> curl https://www.google.com | Select -ExpandProperty Content
3.2添加header
-Headers @{"accept"="application/json"}
3.3指定Method
-Method Get
3.4將獲取到的content輸出到文件
-OutFile 'c:\Users\rmiao\temp\content.txt'
3.5表單提交
For example:

$R = Invoke-WebRequest http://website.com/login.aspx
$R.Forms[0].Name = "MyName"
$R.Forms[0].Password = "MyPassword"
Invoke-RestMethod http://website.com/service.aspx -Body $R

or
Invoke-RestMethod http://website.com/service.aspx -Body $R.Forms[0]
3.6內容篩選

PS C:\Users\rmiao> $R = Invoke-WebRequest -URI http://www.bing.com?q=how+many+feet+in+a+mile
PS C:\Users\rmiao> $R.AllElements | where {$_.innerhtml -like "*=*"} | Sort { $_.InnerHtml.Length } | Select InnerText -
First 5
innerText
---------
=
1
Next
=

3.7一個登陸示例

#發送一個登陸請求,聲明一個sessionVariable 參數為fb, 將結果保存在$R
#這個變量FB就是header.cookie等集合
PS C:\Users\rmiao> $R=curl http://www.Facebook.com/login.php -SessionVariable fb
PS C:\Users\rmiao> $FB
Headers               : {}
Cookies               : system.Net.CookieContainer
UseDefaultCredentials : False
Credentials           :
Certificates          :
UserAgent             : Mozilla/5.0 (Windows NT; Windows NT 6.3; en-US) WindowsPowerShell/4.0
Proxy                 :
MaximumRedirection    : -1
#將response響應結果中的第一個form屬性賦值給變量Form
PS C:\Users\rmiao> $Form=$R.Forms[0]
PS C:\Users\rmiao> $Form.fields
Key                                                         Value
---                                                         -----
lsd                                                         AVqQqrLW
display
enable_profile_selector
isprivate
legacy_return                                               0
profile_selector_ids
return_session
skip_api_login
signed_next
trynum                                                      1
u_0_0
u_0_1
lgnrnd                                                      214945_qGeg
lgnjs                                                       n
email
pass
persistent
default_persistent                                          1
# 查看form
PS C:\Users\rmiao> $Form | Format-List
Id     : login_form
Method : post
Action : /login.php?login_attempt=1&lwv=100
Fields : {[lsd, AVqQqrLW], [display, ], [enable_profile_selector, ], [isprivate, ]...}
#查看屬性
$Form.fields
#設置賬號密碼
$Form.Fields["email"] = "[email protected]"
$Form.Fields["pass"] = "[email protected]"
#發送請求並保存結果為$R
$R=Invoke-WebRequest -Uri ("https://www.facebook.com" + $Form.Action) -WebSession $FB -Method POST -Body $Form.Fields
#查看結果
PS C:\Users\rmiao> $R.StatusDescription
OK

雖然沒有curl那麽主流,但一樣可以成為http訪問的一個選擇。
參考
https://technet.Microsoft.com/en-us/library/hh849901.aspx
原文出處:在PowerShell中使用curl(Invoke-WebRequest) - IT閱讀
回覆
冷日
(冷日)		 發表時間:2018/10/26 14:50
Webmaster
  • 註冊日: 2008/2/19
  • 來自:
  • 發表數: 15771
[轉貼]Use Invoke-WebRequest with a username and password for basic authentication on the GitHub API
Use Invoke-WebRequest with a username and password for basic authentication on the GitHub API

Initial Question
With cURL, we can pass a username with an HTTP web request as follows:
$ curl -u <your_username> https://api.github.com/user

The -u flag accepts a username for authentication, and then cURL will request the password. The cURL example is for Basic authentication with the GitHub Api.

How do we similarly pass a username and password along with Invoke-WebRequest? The ultimate goal is to user PowerShell with Basic authentication in the GitHub API.

Edit (This is What Worked)
Notes are from Wikipedia on Basic Auth from the Client Side.

Combine the username and password into a single string username:password
$user = "shaunluttin"
$pass = "super-strong-alpha-numeric-symbolic-long-password"
$pair = "${user}:${pass}"

Encode the string to the RFC2045-MIME variant of Base64, except not limited to 76 char/line.
$bytes = [System.Text.Encoding]::ASCII.GetBytes($pair)
$base64 = [System.Convert]::ToBase64String($bytes)

Create the Auth value as the method, a space, and then the encoded pair Method Base64String

$basicAuthValue = "Basic $base64"
Create the header Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

$headers = @{ Authorization = $basicAuthValue }
Invoke the web-request

Invoke-WebRequest -uri "https://api.github.com/user" -Headers $headers
Thank you to @briantist for the help!



I am assuming Basic authentication here.
$cred = Get-Credential
Invoke-WebRequest -Uri 'https://whatever' -Credential $cred

You can get your credential through other means (Import-Clixml, etc.), but it does have to be a [PSCredential] object.

Edit based on comments:

GitHub is breaking RFC as they explain in the link you provided:

The API supports Basic Authentication as defined in RFC2617 with a few slight differences. The main difference is that the RFC requires unauthenticated requests to be answered with 401 Unauthorized responses. In many places, this would disclose the existence of user data. Instead, the GitHub API responds with 404 Not Found. This may cause problems for HTTP libraries that assume a 401 Unauthorized response. The solution is to manually craft the Authorization header.

Powershell's Invoke-WebRequest does to my knowledge wait for a 401 response before sending the credentials, and since GitHub never provides one, your credentials will never be sent.

Manually build the headers
Instead you'll have to create the basic auth headers yourself.

Basic authentication takes a string that consists of the username and password separated by a colon user:pass and then sends the Base64 encoded result of that.

Code like this should work:
$user = 'user'
$pass = 'pass'

$pair = "$($user):$($pass)"

$encodedCreds = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes($pair))

$basicAuthValue = "Basic $encodedCreds"

$Headers = @{
    Authorization = $basicAuthValue
}

Invoke-WebRequest -Uri 'https://whatever' -Headers $Headers

You could combine some of the string concatenation but I wanted to break it out to make it clearer.



Use this:
$root = 'REST_SERVICE_URL'
$user = "user"
$pass= "password"
$secpasswd = ConvertTo-SecureString $pass -AsPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential($user, $secpasswd)

$result = Invoke-RestMethod $root -Credential $credential




Invoke-WebRequest follows the RFC2617 as @briantist noted, however there are some systems (e.g. JFrog Artifactory) that allow anonymous usage if the Authorization header is absent, but will respond with 401 Forbidden if the header contains invalid credentials.

This can be used to trigger the 401 Forbidden response and get -Credentials to work.
$login = Get-Credential -Message "Enter Credentials for Artifactory"

                              #Basic foo:bar
$headers = @{ Authorization = "Basic Zm9vOmJhcg==" }

Invoke-WebRequest -Credential $login -Headers $headers -Uri "..."

This will send the invalid header the first time, which will be replaced with the valid credentials in the second request since -Credentials overrides the Authorization header.

Tested with Powershell 5.1



I had to do this to get it to work:
$pair = "$($user):$($pass)"
$encodedCredentials = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes($Pair))
$headers = @{ Authorization = "Basic $encodedCredentials" }
Invoke-WebRequest -Uri $url -Method Get -Headers $headers -OutFile Config.html

原文出處:powershell - Use Invoke-WebRequest with a username and password for basic authentication on the GitHub API - Stack Overflow
回覆
主題一覽的下方
討論串
前一個主題 | 下一個主題 | 頁首 | | |

Powered by XOOPS 2.0 © 2001-2008 The XOOPS Project|