curl and bash script, doing a post request with a bearer token - bash

Please educate me!
My script is:
#!/usr/bin/env bash
username="zDISABLEDc"
rand="Z01c20a936f474b"
single_quote="'"
curl_string_part1_="-X PUT https://api.secretkgbwebsite.com/api/v4.1/user/$username "
curl_string_part2_='-H "Authorization: bearer 00000000-4cd9-4bc6-90da-5d43a155f30e" -H "Cache-Control: no-cache" -H "Content-Type: application/json" -H "Postman-Token: 351e4bf1-04a2-4c99-8a21-21a05f51244a" -d '
curl_string_part3_='{"password": "'
curl_string_part4_='"}'
curl_string_complete="$curl_string_part1_$curl_string_part2_$single_quote$curl_string_part3_$rand$curl_string_part4_$single_quote"
echo $curl_string_complete
echo " "
success=0
curl $curl_string_complete && success=1
if ((success)); then
echo "SUCCESS. password has been reset to : "
echo $rand
else
echo "problem sending and resetting password."
fi
The errors I get are:
{"error":"unauthorized","error_description":"An Authentication object was not found in the SecurityContext"}curl: (6) Could not resolve host: bearer
curl: (6) Could not resolve host: 00000000-4cd9-4bc6-90da-5d43a155f30e"
curl: (6) Could not resolve host: no-cache"
curl: (6) Could not resolve host: application
curl: (6) Could not resolve host: 351e4bf1-04a2-4c99-8a21-21a05f51244a"
curl: (3) [globbing] unmatched close brace/bracket in column 18
Now the annoying thing is that if I run the line that my program echoes out (this line: echo $curl_string_complete) with curl, curl is happy and runs the line without a problem.

you have issue with shell expansion process, see bash manual and posix shell manuals for more details. the syntactical quotes are processed before variable expansion so the quote inside variables are literal. In the case of echo the variables are split but because echo joins by space this couldn't be seen.
change echo $curl_string_complete by printf "<%s>\n" $curl_string_complete to see how arguments are split.
to solve the issue you may use arrays, something like :
curl_string_part1_=( -X PUT https://api.secretkgbwebsite.com/api/v4.1/user/$username )
curl_string_part2_=(-H "Authorization: bearer 00000000-4cd9-4bc6-90da-5d43a155f30e" -H "Cache-Control: no-cache" -H "Content-Type: application/json" -H "Postman-Token: 351e4bf1-04a2-4c99-8a21-21a05f51244a" -d )
curl_string_part3_='{"password": "'
curl_string_part4_='"}'
curl_string_complete=( "${curl_string_part1_[#]}" "${curl_string_part2_[#]}" "$curl_string_part3_$rand$curl_string_part4_" )
curl "${curl_string_complete[#]}"

Related

Github API Create a Pull Request always 422 Error

i wrote a script to create a github pull request by an api. This is part of a gitflow action to merge a hotfix automatically into the develop. Anyway,..
i always got the error 422 Validation failed, or the endpoint has been spammed.
Github API Docu
i cant handle why and what could be wrong.
You can see my code below. May some of you can see my problem.
function create_pr()
{
TITLE="hotfix auto merged by $(jq -r ".pull_request.head.user.login" "$GITHUB_EVENT_PATH" | head -1)."
REPO_FULLNAME=$(jq -r ".repository.full_name" "$GITHUB_EVENT_PATH")
RESPONSE_CODE=$(curl -o $OUTPUT_PATH -s -w "%{http_code}\n" \
--data "{\"title\":\"$TITLE\", \"head\": \"$BASE_BRANCH\", \"base\": \"$TARGET_BRANCH\"}" \
-X POST \
-H "Authorization: Bearer $GITHUB_TOKEN" \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
"https://api.github.com/repos/$REPO_FULLNAME/pulls")
echo "head: $SOURCE_BRANCH, base: $TARGET_BRANCH"
echo "Create PR Response:"
echo "Code : $RESPONSE_CODE"
if [[ "$RESPONSE_CODE" -ne "201" ]];
then
echo "Could not create PR";
exit 1;
else echo "Created PR";
fi
}

What is wrong with the shell script for curl post command

i need help in understanding what is wrong with the below shell script,all its doing is executing a curl script using shell scripting and searching for a string domain_id in the output of curl command ,once it finds the search all it does it simply displays valid url
Here is the full code for shell script below
#!/bin/sh
# Black Box Tester!
url=”https://api.platform.abc.com/auth/oauth/token“
content=”$(curl --location --request POST “$url” --header 'Content-Type:
application/x-www-form-urlencoded' --header 'Authorization: Basic
V0pSWURISA==' --data-raw 'grant_type=password&username=event-
player1#abc.com&password=********' | grep domain_id”
if [ ! -z $content ] && [ $content -eq domain_id ]
then
echo “valid url”
else
echo “invalid url”
fi
Below is the error i get in console after i try executing the script
WS-126691A:loginimagedocker carolyn$ ./login.sh
./login.sh: line 4: unexpected EOF while looking for matching `)'
./login.sh: line 11: syntax error: unexpected end of file
You are trying to pass parameter in multiple line without mentioning end of line.
use \ to pass multi line argument
#!/bin/sh
# Black Box Tester!
url=”http://api.platform.abc.com/auth/oauth/token“
content=”$(curl --location --request POST “$url” --header 'Content-Type: \
application/x-www-form-urlencoded' --header 'Authorization: Basic \
V0pSWURISA==' --data-raw 'grant_type=password&username=event- \
player1#abc.com&password=********' | grep domain_id” )
if [ ! -z $content ] && [ $content -eq domain_id ]
then
echo “valid url”
else
echo “invalid url”
fi

Bash - How to get http response body and status code?

I am trying below code to get response body and status:
read -ra result <<< $(curl -i --insecure \
-H "Accept: application/json" \
-H "Content-Type:application/json" \
-X POST --data "$configData" $openingNode"/voice/v1/updateWithPh")
status=${result[1]}
response=${result[#]}
echo $status
Problem here is -
I get both status code and response Body correctly.
But when I create a bash function and send it as an argument, the response body changes to "HTTP/1.1" in the function as shown below.
echo $(validateUpdate $configData $response)
Code for the function -
function validateUpdate(){
echo $1
echo $2
}
$2 prints as "HTTP/1.1"
What is the reason? How to rectify this issue?
You need to enclose your variables in double quotes to prevent bash splitting it into separate tokens.
Try
echo $(validateUpdate "$configData" "$response")
or even better (echo is useless as #tripleee points out; furthermore curly braces improves readability):
validateUpdate "${configData}" "${response}"
use same thing inside of your function
echo "$2"

How to deal with HTTP 102 in bash?

From bash/curl I am consuming an API that receives a POST, perform heavy long tasks and returns a 200 on success. As we were facing some timeouts in WAF, API has been improved to accept header:
--header "Expect:102-Processing"
If API receives that header it sends a HTTP 102 every 20 secs until process finishes and sends a HTTP 200. This should be enough to prevent timeouts.
What I have to do to deal with those HTTP 102?
I added that header to my curl command but as soon as it receives first 102, curl command finishes.
I was thinking that maybe there is a parameter in curl to wait until 200 or error.
Another option I have in mind is waiting in a loop querying for status but I don't know how to instruct curl to monitor that connection
This is a test version of my bash script.
#!/bin/bash
clear
function_triggerFooAdapter()
{
pFooUrl=$1
pPayload=$2
pCURLConnectTimeout=$3
pWaitForFooResponse=$4
pAddExpect102Header=$5
rm ./tmpResult.html 2>/dev/null
rm ./tmpResult.txt 2>/dev/null
echo "Triggering internal Foo adapter $pFooAdapterName"
echo "Full URL=$pFooUrl"
echo "Payload to send=$pPayload"
echo "Curl connect-timeout=$pCURLConnectTimeout"
echo "WaitForFooResponse=$pWaitForFooResponse"
echo "AddExpect102Header=$pAddExpect102Header"
if [[ "$pAddExpect102Header" = true ]]; then
text102Header="Expect:102-Processing"
else
text102Header="NoExpect;" # send innofensive custom header
fi
if [[ "$pWaitForFooResponse" = true ]]; then
echo "So DO wait..."
Response=$(curl -k --write-out %{http_code} --header "$text102Header" --header "Content-Type:application/json" --silent --connect-timeout $pCURLConnectTimeout --output ./tmpResult.html -X POST --data "$pPayload" "$pFooUrl" 2>&1 | tee ./tmpResult.txt)
echo "HTTP Response=$Response"
echo "$(cat ./tmpResult.txt)"
if [ "${Response:0:1}" -eq "1" ] || [ "${Response:0:1}" -eq "2" ]; then #if HTTP Response start by 1 or 2 (10x - 20x)...
echo "Adapter sucessfully triggered."
return 0
else
# cat ./tmpResult.html 2>/dev/null
#cat ./tmpResult.txt 2>/dev/null
echo
echo "HTTP error trying to trigger adapter."
return 1
fi
else
echo "So DO NOT wait..."
curl -k --write-out %{http_code} --header "$text102Header" --header "Content-Type:application/json" --silent --connect-timeout $pCURLConnectTimeout --output ./tmpResult.html -X POST --data "$pPayload" "$pFooUrl" > /dev/null 2>&1 &
echo "Adapter sucessfully (hopefully) triggered. NOT reading HTTP response until Foo code is upgraded to respond directly a HTTP 200 Successfully queued or similar."
return 0
fi
}
clear
export http_proxy="http://1.1.1.256:3128/"
export https_proxy="http://1.1.1.256:3128/"
export no_proxy="foo.com"
# Main
clear
echo "STEP 09- Triggering Foo Internal Adapters."
echo "Proxy settings:"
env | grep proxy
function_triggerFooAdapter "http://foo.com/lookups/trigger_foo" "" 600 true true
Run it manually and CHECK what curl -v is sending as the headers; I would expect to see something like
> POST /the/url HTTP/1.1
> Host: thehost.com:80
> User-Agent: curl/7.51.0
> Accept: */*
> Expect: 102-Processing
... some stuff skipped.
If you're not sending the Expect header; then curl is in fact doing the right thing..

Building command strings using variables with various quote levels and spaces

I have a script that runs curl. I want to be able to optionally add a -H parameter, if a string isn't empty. What's complex is the levels of quoting and spaces.
caption="Test Caption"
if [ "${caption}" != "" ]; then
CAPT=-H "X-Caption: ${caption}"
fi
curl -A "$UA" -H "Content-MD5: $MD5" -H "X-SessionID: $SID" -H "X-Version: 1" $CAPT http://upload.example.com/$FN
The idea is that the CAPT variable is either empty, or contains the desired -H header in the same form as the others, e.g., -H "X-Caption: Test Caption"
The problem is when run, it interprets the assignment as a command to be executed:
$bash -x -v test.sh
+ '[' 'Test caption' '!=' '' ']'
+ CAPT=-H
+ 'X-Caption: Test caption'
./test.sh: line 273: X-Caption: Test caption: command not found
I've tried resetting IFS before the code, but it didn't make a difference.
The key to making this work is to use an array.
caption="Test Caption"
if [[ $caption ]]; then
CAPT=(-H "X-Caption: $caption")
fi
curl -A "$UA" -H "Content-MD5: $MD5" -H "X-SessionID: $SID" -H "X-Version: 1" "${CAPT[#]}" "http://upload.example.com/$FN"
If you only need to know whether or not the caption is there, you can interpolate it when it needs to be there.
caption="Test Caption"
NOCAPT="yeah, sort of, that would be nice"
if [ "${caption}" != "" ]; then
unset NOCAPT
fi
curl ${NOCAPT--H "X-Caption: ${caption}"} -A "$UA" ...
To recap, the syntax ${var-value} produces value if var is unset.
I finally did get it to work. Part of the problem is specific to curl, in that when using the -H option to set custom headers, it seems to work best when everything after the -H (that is, both the custom header name and value) are protected by single quotes. Then, I needed to pass the constructed string through eval to get it to work.
To make this easier to read, I store a single quote in a variable named TICK.
Example:
TICK=\'
#
HDRS=""
HDRS+=" -H ${TICK}Content-MD5: ${MD5}${TICK}"
HDRS+=" -H ${TICK}X-SessionID: ${SID}${TICK}"
HDRS+=" -H ${TICK}X-Version: 1.1.1${TICK}"
HDRS+=" -H ${TICK}X-ResponseType: REST${TICK}"
HDRS+=" -H ${TICK}X-ID: ${ID}${TICK}"
if [ "${IPTC[1]}" != "" ]; then
HDRS+=" -H ${TICK}X-Caption: ${IPTC[1]}${TICK}"
fi
if [ "${IPTC[2]}" != "" ]; then
HDRS+=" -H ${TICK}X-Keywords: ${IPTC[2]}${TICK}"
fi
#
# Set curl flags
#
CURLFLAGS=""
CURLFLAGS+=" --cookie $COOKIES --cookie-jar $COOKIES"
CURLFLAGS+=" -A \"$UA\" -T ${TICK}${the_file}${TICK} "
eval curl $CURLFLAGS $HDRS -o $OUT http://upload.example.com/$FN

Resources