In my Ruby app I'm trying to get all agent users from my service desk board. It means all users with status: 'ServiceDesk'. Is it possible using only base auth?
In curl I was trying something like:
curl -D -u USERNAME:PASSWORD -X GET -H "Content-Type: application/json" https://company_name.atlassian.net/rest/api/2/user/assignable/search?project=SERVICEDESK
But all what I get is an error:
Warning: The file name argument '-u' looks like a flag.
curl: (3) URL using bad/illegal format or missing URL
{"errorMessages":["Internal server error"],"errors":{}}%
Is there any way to get those data with basic auth?
I think there's an issue with the curl command, try this
curl -D- -u USERNAME:PASSWORD https://company_name.atlassian.net/rest/api/2/user/assignable/search?project=SERVICEDESK
Related
I am trying to connect kibana to an elasticsearch server, where the username is "elastic", which means I cannot use the user and password to connect to the server, I have to use a token.
I tried to run command curl -H "Authorization: Bearer dGhpcyBpcyBub3Qx5...F0YS4gZG8gbm90IHRyeSB0byByZWFkIHRva2VuIQ==" http://localhost:9200
However, this doesn't work, the error message says I did not provide enough credentials, which makes sense since this server is password protected.
And then I tried to run the command curl -H "Authorization: Bearer dGhpcyBpcyBub3Qx5...F0YS4gZG8gbm90IHRyeSB0byByZWFkIHRva2VuIQ==" http://localhost:9200 -u elastic:password, but it still doesn't work and tells me the command syntax is wrong.
What should I do?
I'm trying to automate github pull requests via bash script, specifically raising pull requests for forked branches. I've successfully done it for private repos, however it doesn't seem to work for public repos (see code below):
curl -H "Authorization: bearer <accesstoken>" -d '{"title":"SOMETITLE","base":"master","head":"'"someuser"':'"someForkedBranch"'","body":"some words to fill body."}' https://api.github.com/repos/<user-name>/<repo-name>/pulls
Any help would be appreciated.
If this is for creating a PR, you would need a -X POST somewhere in your curl command, in order to POST the query for a new PR:
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/octocat/hello-world/pulls \
-d '{"head":"head","base":"base"}'
Make sure also to use the right oauth/PAT or SAML SSO:
curl -v -H "Authorization: token TOKEN" -X POST ...
Those token have just seen a new format update (Apr. 2021) so you might need to regenerate one.
https://www.ibm.com/support/knowledgecenter/SSBS6K_2.1.0/apis/auth_manage_api.html
I try to use the API for common user integrated with OIDC, but the error msg shows:
{"error_description":"invalid_resource_owner_credential","error":"server_error"}
command as the following
curl -k -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -d "grant_type=password&username=abc\#test\.com&password=ChangeMe\!\#\#&scope=openid" https://<cluster_access_ip>:8443/idprovider/v1/auth/identitytoken --insecure
But it is working fine for the administrator: admin/admin, so strange.
Issue is with the special character "!" which is used for history expansions in command line prompt.
You can use below command which works...
curl -k -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -d "grant_type=password&username=abc#test.com&password=ChangeMe"'!'"##&scope=openid" https://<cluster_access_ip>:8443/idprovider/v1/auth/identitytoken --insecure
Have you configured the LDAP, created Teams and added users to the team? Did you check the logs on Master node /var/log/containers for platform-identity-manager, _platform-auth-service, *platform-identity-provider?
I am trying to do a script to get me access of advance scan option of nessus in localhost. So I want advance scan operation through shell script without GUI. I want all operations like login, advance scan and export report are performed through shell script without GUI access.
Why do you want to do it with bash script?
You can do this much easier with the nessus API.
Have a look at the link below
https://github.com/jfalken/nessus_enterprise_rest_client
the simplest way of doing automatisation in nessus is to use the nessus API.
its located at https://NessusServerIP:8834/ - if you visit it, you will be greeted by the API-Documentation.
There are various API-Implementations available - if you google 'Nessus API client' you'll get a glimpse.
If you, as you said, want to to run bash-skripts than the simplest way is probably using CURL for the API-Requests.
A typical workflow will look like this:
authorize yourself to the NessusAPI (either via TOKEN or API-Key)
launch or configure a scan (and wait until it finished)
export a report (and wait until it finished)
download the exported report
CURL #1 (authorize using token):
curl -X POST --data '{"username":"NessusUser","password":"YourPassword"}' -k "https://NessusServerIp:8834/session"
--header "Content-Type:application/json" | python -m json.tool
..which will yield you following JSON yielding an Token which you need for the other API-Calls:
{"token": "e411e443521adee4496d79823a510cc68c5bf05aeda6e6eb"}
CURL #2 (launch a scan):
curl -X POST -H 'X-Cookie: token=e411e443521adee4496d79823a510cc68c5bf05aeda6e6eb' -H 'Content-Type:application/json'
--data '{"scan_id":"21", "alt_targets":[127.0.0.1]}'
-k "https://NessusServerIp:8834/scans/21/launch" | python -m json.tool
...which will be answered with a JSON like this, containing the ID of the just startet scan:
{"scan_uuid":"c1c30d8f-5f79-2e4b-2d03-05b8b3c595f1e768e03195abdfa2"}
CURL #3 (exporting a scan):
curl -X POST -H 'X-Cookie: token=766ef7a2302780c189ba563b89c5eb3706140c0ef1e4de8b' -H
'Content-Type:application/json' --data '{"scan_id":"33", "format":"html"}' -k
"https://NessusServerIP:8834/scans/33/export" | python -m json.tool
...which will yield this JSON response, containing a token to the exported file and the file_id:
{"token":"3e13ab381c480caa1e377411c0b561970c46e5d78894c5a0cb2be0e7f00fefe0","file":1434780027}
...so now we are ready to download the report. in this case, since i have specified "format: html" in the last call, its a .html you will need to safe the outcome into.
Curl #4 (download exported report):
curl -X GET -H 'X-Cookie: token=7d155aef4359d02addea29d8d56bca4a5045ca61efeb38ee' -H 'Content-Type:application/json'
--data '{"scan_id":"21", "alt_targets":127.0.0.1}'
-k "https://NessusServerIP:8834/scans/17/export/945237343/download" > report.html
...which should leave you with a report.html in the folder you started your script.
Now... how do you automatize this? Well write a Bash-Skript, put in this calls, parse the answers to extract the information you need - and then enjoy! :)
ps: i use the python -m json.tool to beautify the otherwise not very beautiful output of CURL.
Hope i have helped,
Gewure
I'm trying to send a curl request from both Windows and Ubuntu system to a Rest API. following is the request
curl -k -X POST http://172.16.76.1:8080/test -d 'sample_param={"user_info":{"name":"abc","age":"20"}}'
When I read this from the server side, I get the following two different content data from each OS
Body for curl request from Ubuntu:
sample_param={"user_info":{"name":"abc","age":"20"}}
Body for curl request from Windows:
sample_param={user_info:{name:abc,age:20}}
(Note that double quotations are missing)
As a result I cannot get the json object from the request.
Can someone point out the mistake and give a solution for this.
Thanks in advance
Changing the curl command to following worked
curl -k -X POST http://172.16.76.1:8080/test -d "sample_param={\"user_info\":{\"name\":\"abc\",\"age\":\"20\"}}"