how to query results from a command in a bash script - bash

I have the following bash script:
#!/bin/bash
echo "GET load test"
for i in $(seq 1 50) do
MY_RESULTS = "$(curl -i -H "Accept: application/json" -X GET http://localhost/test/store/widget/123)"
echo "$MY_RESULTS"
done
I'm not sure why but the results don't print out. When I change the code to the following, it works:
curl -i -H "Accept: application/json" -X GET http://localhost/test/store/widget/123)"
Then the results just display on the screen. Ultimately, I'd like to search the contents of the results for a particular string value like "200 OK"
I created another test script to test how to save, and echo values out to the screen and it works. It look like this:
MY_VAR="$(find -name loadtest.sh)"
echo "$MY_VAR"
The results it displays is:
./loadtest.sh
I can't see what's different about this variable called MY_VAR and the one in my load test

In bash, you can not have whitespace about the equals operator in an assignment statement. Remove the whitespace when assigning $MY_RESULT:
MY_RESULTS="$(curl -i -H "Accept: application/json" -X GET http://localhost/test/store/widget/123)"

Related

Using Bash to make a POST request

I have a 100 Jetpacks that I have to sign in to configure. I am trying to do it in a bash script but I am having no luck. I can connect to the wifi no problem but my POST request are not achieving anything. Any Advice? Here is link to my github. I have copies of what I captured on Burp suite https://github.com/Jdelgado89/post_Script
TYIA
#!/bin/bash
nmcli device wifi rescan
nmcli device wifi list
echo "What's they last four?"
read last4
echo "What's the Key?"
read key
nmcli device wifi connect Ellipsis\ \Jetpack\ $last4 password $key
echo "{"Command":"SignIn","Password":"$key"}" > sign_on.json
echo "{"CurrentPassword":"$key","NewPassword":"G1l4River4dm1n","SecurityQuestion":"NameOfStreet","SecurityAnswer":"Allison"}" > change_admin.json
echo "{"SSID":"GRTI Jetpack","WiFiPassword":"G1l4River3r","WiFiMode":0,"WiFiAuthentication":6,"WiFiEncription":4,"WiFiChannel":0,"MaxConnectedDevice":8,"PrivacySeparator":false,"WMM":true,"Command":"SetWifiSetting"}" > wifi.json
cat sign_on.json
cat change_admin.json
cat wifi.json
sleep 5
curl -X POST -H "Cookie: jetpack=6af5e293139d989bdcfd66257b4f5327" -H "Content-Type: application/json" -d #sign_on.json http://192.168.1.1/cgi-bin/sign_in.cgi
sleep 5
curl -X POST -H "Cookie: jetpack=6af5e293139d989bdcfd66257b4f5327" -H "Content-Type: application/json" -d #change_admin.json http://192.168.1.1/cgi-bin/settings_admin_password.cgi
sleep 5
curl -X POST -H "Cookie: jetpack=6af5e293139d989bdcfd66257b4f5327" -H "Content-Type: application/json" -d #wifi.json http://192.168.1.1/cgi-bin/settings_admin_password.cgi
This is not correct:
echo "{"Command":"SignIn","Password":"$key"}" > sign_on.json
The double quotes are not being put literally into the file, they're just terminating the shell string beginning with the previous double quote. So this is writing
{Command:SignIn,Password:keyvalue}
into the file, with no double quotes. You need to escape the nested double quotes.
echo "{\"Command\":\"SignIn\",\"Password\":\"$key\"}" > sign_on.json
However, it would be best if you used the jq utility instead of formatting JSON by hand. See Create JSON file using jq.
jq -nc --arg key "$key" '{"Command":"SignIn","Password":$key}' >sign_on.json

Escaping multiple layers of mixed quotes for a curl command executed inside a bash script

I have the following bash script that uses its arguments to hit a RESTful web service (via curl) and prints out both the curl request made as well as the response:
#! /bin/bash
# arguments:
# $1 - username
# $2 - password
#
# outputs:
# if the script exits with a non-zero status then something went wrong
# verify that we have all 6 required arguments and fail otherwise
if [ "$#" -ne 2 ]; then
echo "Required arguments not provided"
exit 1
fi
# set the script arguments to meaningful variable names
username=$1
password=$2
# login and fetch a valid auth token
req='curl -k -i -H "Content-Type: application/json" -X POST -d ''{"username":"$username","password":"$password"}'' https://somerepo.example.com/flimflam'
resp=$(curl -k -i -H "Content-Type: application/json" -X POST -d ''{"username":"$username","password":"$password"}'' https://somerepo.example.com/flimflam)
# echo the request for troubleshooting
echo "req = $req"
if [ -z "$resp" ]; then
echo "Login failed; unable to parse response"
exit 1
fi
echo "resp = $resp"
When I run this I get:
$ sh myscript.sh myUser 12345#45678
curl: (3) Port number ended with '"'
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0curl: (6) Could not resolve host: 12345#45678"
100 1107 100 1093 100 14 2849 36 --:--:-- --:--:-- --:--:-- 2849
req = curl -k -i -H "Content-Type: application/json" -X POST -d {"username":"$username","password":"$password"} https://somerepo.example.com/flimflam
resp = HTTP/1.1 400 Bad Request...(rest omitted for brevity)
Obviously, I'm not escaping the various layers of single- and double-quotes inside the curl statement correctly, as is indicated by outputs like:
curl: (6) Could not resolve host: 12345#45678"
and:
req = curl -k -i -H "Content-Type: application/json" -X POST -d {"username":"$username","password":"$password"} https://somerepo.example.com/flimflam
where the username/password variables are not parsing.
In reality my script takes a lot more than 2 arguments, which is why I'm changing them to have meaningful variable names (such as $username instead of $1) so its more understandable and readable.
Can anyone spot where I'm going awry? Thanks in advance!
Update
I tried the suggestion which turns the req into:
curl -k -i -H 'Content-Type: application/json' -X POST -d "{'username':'myUser','password':'12345#45678'}" https://somerepo.example.com/flimflam
However this is still an illegal curl command and instead needs to be:
curl -k -i -H 'Content-Type: application/json' -X POST -d '{"username":"myUser","password":"12345#45678"}' https://somerepo.example.com/flimflam
First, as I said in a comment, storing commands in variables just doesn't work right. Variables are for data, not executable code. Second, you have two levels of quoting here: quotes that're part of the shell syntax (which are parsed, applied, and removed by the shell before the arguments are passed to `curl), and quotes that're part of the JSON syntax.
But the second problem is actually worse than that, because simply embedding an arbitrary string into some JSON may result in JSON syntax errors if the string contains characters that're part of JSON syntax. Which passwords are likely to do. To get the password (and username for that matter) embedded correctly in your JSON, use a tool that understands JSON syntax, like jq:
userinfo=$(jq -n -c --arg u "$username" --arg p "$password" '{"username":$u,"password":$p}')
Explanation: this uses --arg to set the jq variables u and p to the shell variables $username and $password respectively (and the double-quotes around the shell variables will keep the shell from doing anything silly to the values), and creates a JSON snippet with them embedded. jq will automatically add appropriate quoting/escaping/whatever is needed.
Then, to use it with curl, use something like this:
resp=$(curl -k -i -H "Content-Type: application/json" -X POST -d "$userinfo" https://somerepo.example.com/flimflam)
Again, the double-quotes around $userinfo keep the shell from doing anything silly. You should almost always put double-quotes around variables references in the shell.
Note that I never used the req variable to store the command. If you need to print the command (or its equivalent), use something like this:
printf '%q ' curl -k -i -H "Content-Type: application/json" -X POST -d "$userinfo" https://somerepo.example.com/flimflam
echo
The %q format specifier tells the shell to add appropriate quoting/escaping so that you could run the result as a shell command, and it'd work properly. (And the echo is there because printf doesn't automatically add a newline at the end of its output.)
try changing this:
req='curl -k -i -H "Content-Type: application/json" -X POST -d ''{"username":"$username","password":"$password"}'' https://somerepo.example.com/flimflam'
to this
req="curl -k -i -H 'Content-Type: application/json' -X POST -d \"{'username':'$username','password':'$password'}\" https://somerepo.example.com/flimflam"
and similarly for the resp
ah those pesky "curly" thingies...
how 'bout...
req="curl -k -i -H 'Content-Type: application/json' -X POST -d '{\"username\":\"$username\",\"password\":\"$password\"}' https://somerepo.example.com/flimflam"
This needs even more escaping:
With:
resp=$(curl -k -i -H "Content-Type: application/json" -X POST -d "{\"username\":\"$username\",\"password\":\"$password\"}" https://somerepo.example.com/flimflam)
In bash, the variables are still expanded when they're inside single quotes that are inside double quotes.
And you'll need the \" double quotes in the payload as per the JSON definition.
EDIT: I rerun the curl through a HTTP proxy and corrected the script line (see above, removed the single quotes). Results (in raw HTTP) are now:
POST /flimflam HTTP/1.1
Host: somerepo.example.com
User-Agent: curl/7.68.0
Accept: */*
Content-Type: application/json
Content-Length: 44
Connection: close
{"username":"user","password":"12345#abcde"}
(which should be fine)

Discard modification content of variable in curl command

I want to create a script to test some web service.
Here the base of my script:
XAuthToken=$(curl -i -s -X POST -H "Content-Type: application/json" -d '{"login": "apitest","password": "apitest"}' http://url:8080/rest-api-web/api/admin | grep -i '^X-Auth-Token:' | sed 's/^[Xx]-Auth-Token: //g')
curl -X GET --header 'Accept: application/json' http://url:8080/rest-api-web/api/admin/delivery_companies?token=$XAuthToken
Result of the first command is:
eyJjdHkiOiJKV1QiLCJlbmMiOiJBMTI4R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.KmhGpDsor4I7VVPfN1gENzcQb8Yll-wewTRorFu6qfUeaIjKNIAm5lkTkPIpuuOuSpT2U4RgXz9NhwLrYIheW45Du6LnjsyUEjjWGKB4jIW0CMO-79f_-O80pQMq0P09uwmZaqUOmARPjs8UvQYQcuCHhcHd2dB-4WMnfUl-J6USI2LdI-CeOtWDDMw5YEKHGrgnHRzxgUePNWVs-Vc-BR-tXnpkEjIfKmrYy19QUfnwxcWLEWgKisrJw5d7sz7ihfzSueyrh188GiGHTeqqiNiSIkIH8UEyZfW-5BH1Y856IkXlyUaC3abHBRYHuz-O30KwvCKhtCKkaTPVR-uqNw.89jCGtawkkWuyRtq.pQmYHaWZN-XOlbvUthjK76ewqIGd1TBF0Pt7EbA2bDnxsTsXQXyot495-u4Rsvm8-y-rscAZUZFacebMvcvZ-LhUH-jHZH6L5PALY7uvGj_SGApg_Hu8D-adNDlI1rVxNcnHjpOLuOeBdUzKAznbOytquzQNODsjP877IbLTDkWTTj0IC0OWfDu-e4rYxpf2jzZBuEbnRcC8DuvbplNB2tnbRxMjpqnKjicLY9DpYdV1T-tKUt5-sI0Bhlk6tUJ0e28g1McQReUT-sB8pO3vQreEAEsVQlysVq9rC6LiW6RNRHAZP7d6PiuhLS_D_DKVmi85junbMVimYqbvszaJ.1b7PKcZfWmVmNBbTg54nFA
But the second curl in the script, this error occurs: curl: (3) Illegal characters found in URL
And after a check, the content of "XAuthToken" is changed.
Can you help me to escape the character modification?
Thanks you for your comment.
As you can see in the following output, both declare are egal. But the oupt of the command with set -x activate, the Authtoken is changed.
Here the result :
First delare -p :
eyJjdHkiOiJKV1QiLCJlbmMiOiJBMTI4R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.BTri-oCE-DHYx7UZo8Kib_RoO5bx9lv7BRhEYv2yizyX2n8cwzWWhMPPA-0rDHumaESgc0LmT71NLIJEyZkwN-pXH2MgYdo2vTQhnVdFOL7rZq1rHSJvUxPvhJTbAkabnTNz-s1-Vc7WNQXmWEkngaCISdnsFQU12YfJfzhgwGZi9OOf5gmHnNtXaAxTOrDcjl84s1QI0tY5HIQ_3MEB18V4UMfcR5SSk4v_5K2yVZk-AUys3bPDw1GEZkr3rypxytNZ6wCyrOEXtGh1s8w3fFQziNnnOcgwaSkpDOdhhJWUfgN3R1Cr5tnD77vG01SZw7k844LZxiK8HXhQUj3_sQ.KAhqX5YkZPXDtVlI.d-TxeoNsuemKRfDpQe9khaYym1KACAXS9MhYfGtoIwhPomZ85hKvILeT8jXxBgIw6r4XUpgSSVNtjUzA7A-_hpu0i7ffd-Ap-YDohbCfJfCYffVO557tCuIhVvybT4qQ5EgjsX8h1V5NqIyDVIPAiDIc6hnrxWsjbwE3dmfMLxqmDLXLiYTaCUMvsxtweo-fsdIymK-REuy4DdPk8YsaITpfYj57Ee5ZphZiNfvUPixkLAXj97ycEnXbP2d6q6Aw1rYVIrE3ijGYIgW618kMs5PBvjWe"yh-76mOq9_0QnKzblZWJytHsM6DM8kbkGRHhwFhQSvjq9HUQVNmmKCI.Q4rq7-uzPW3Yewc8Wyl01A
Resut of "set -x' :
eyJjdHkiOiJKV1QiLCJlbmMiOiJBMTI4R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.BTri-oCE-DHYx7UZo8Kib_RoO5bx9lv7BRhEYv2yizyX2n8cwzWWhMPPA-0rDHumaESgc0LmT71NLIJEyZkwN-pXH2MgYdo2vTQhnVdFOL7rZq1rHSJvUxPvhJTbAkabnTNz-s1-Vc7WNQXmWEkngaCISdnsFQU12YfJfzhgwGZi9OOf5gmHnNtXaAxTOrDcjl84s1QI0tY5HIQ_3MEB18V4UMfcR5SSk4v_5K2yVZk-AUys3bPDw1GEZkr3rypxytNZ6wCyrOEXtGh1s8w3fFQziNnnOcgwaSkpDOdhhJWUfgN3R1Cr5tnD77vG01SZw7k844LZxiK8HXhQUj3_sQ.KAhqX5YkZPXDtVlI.d-TxeoNsuemKRfDpQe9khaYym1KACAXS9MhYfGtoIwhPomZ85hKvILeT8jXxBgIw6r4XUpgSSVNtjUzA7A-_hpu0i7ffd-Ap-YDohbCfJfCYffVO557tCuIhVvybT4qQ5EgjsX8h1V5NqIyDVIPAiDIc6hnrxWsjbwE3dmfMLxqmDLXLiYTaCUMvsxtweo-fsdIymK-REuy4DdPk8YsaITpfYj57Ee5ZphZiNfvUPixkLAXj97ycEnXbP2d6q6Aw1rYVIrE3ijGYIgW618kMs5PBvjWeTyh-76mOq9_0QnKzblZWJyt'sM6DM8kbkGRHhwFhQSvjq9HUQVNmmKCI.Q4rq7-uzPW3Yewc8Wyl01A
Second declare :
eyJjdHkiOiJKV1QiLCJlbmMiOiJBMTI4R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.BTri-oCE-DHYx7UZo8Kib_RoO5bx9lv7BRhEYv2yizyX2n8cwzWWhMPPA-0rDHumaESgc0LmT71NLIJEyZkwN-pXH2MgYdo2vTQhnVdFOL7rZq1rHSJvUxPvhJTbAkabnTNz-s1-Vc7WNQXmWEkngaCISdnsFQU12YfJfzhgwGZi9OOf5gmHnNtXaAxTOrDcjl84s1QI0tY5HIQ_3MEB18V4UMfcR5SSk4v_5K2yVZk-AUys3bPDw1GEZkr3rypxytNZ6wCyrOEXtGh1s8w3fFQziNnnOcgwaSkpDOdhhJWUfgN3R1Cr5tnD77vG01SZw7k844LZxiK8HXhQUj3_sQ.KAhqX5YkZPXDtVlI.d-TxeoNsuemKRfDpQe9khaYym1KACAXS9MhYfGtoIwhPomZ85hKvILeT8jXxBgIw6r4XUpgSSVNtjUzA7A-_hpu0i7ffd-Ap-YDohbCfJfCYffVO557tCuIhVvybT4qQ5EgjsX8h1V5NqIyDVIPAiDIc6hnrxWsjbwE3dmfMLxqmDLXLiYTaCUMvsxtweo-fsdIymK-REuy4DdPk8YsaITpfYj57Ee5ZphZiNfvUPixkLAXj97ycEnXbP2d6q6Aw1rYVIrE3ijGYIgW618kMs5PBvjWe"yh-76mOq9_0QnKzblZWJytHsM6DM8kbkGRHhwFhQSvjq9HUQVNmmKCI.Q4rq7-uzPW3Yewc8Wyl01A

How to verify a curl request in bash script?

I have a curl request like this :
curl -s -u $user:$password -X GET -H "Content-Type: application/json" $url
Which returns a json as response. So I will parse the response using jq to get some specific data. Like this :
curl -s -u $user:$password -X GET -H "Content-Type: application/json" $url | jq '<expression>'
Now if the curl request fails then obviously the parsing operation throws ugly error. I want to avoid this. How to store the response first and then later parse it if the request is successful. I don't want to display the json whole response. Also if I add -w "%{http_code}" in my request it appends the status code with the JSON response which messes up the parsing. How to solve this ? I basically want to first check if the curl request is successful or not then get the JSON response and parse it.I also want to get the status code, so that if it fails I can display the status code. But status code is now messing up with json response.
You can combine the --write and --fail options:
# separating the (verbose) curl options into an array for readability
curl_args=(
--write "%{http_code}\n"
--fail
--silent
--user "$user:$password"
--request GET
--header "Content-Type: application/json"
)
if ! output=$(curl "${curl_args[#]}" "$url"); then
echo "Failure: code=$output"
else
# remove the "http_code" line from the end of the output, and parse it
sed '$d' <<<"$output" | jq '...'
fi
Also note: quote your variables!
I found glenn jackman's answer good, but a bit confusingly written, so I rewrote it, and altered it so I can use it as a safer alternative to curl | jq.
#!/bin/bash
# call this with normal curl arguments, especially url argument, e.g.
# safecurl.sh "http://example.com:8080/something/"
# separating the (verbose) curl options into an array for readability
curl_args=(
-H 'Accept:application/json'
-H 'Content-Type:application/json'
--write '\n%{http_code}\n'
--fail
--silent
)
echo "${curl_args[#]}"
# prepend some arguments, but pass on whatever arguments this script was called with
output=$(curl "${curl_args[#]}" "$#")
return_code=$?
if [ 0 -eq $return_code ]; then
# remove the "http_code" line from the end of the output, and parse it
echo "$output" | sed '$d' | jq .
else
# echo to stderr so further piping to jq will process empty output
>&2 echo "Failure: code=$output"
fi
Note: This code does not test for services that ignore the requested content type and respond with HTML. You'd need to test for grep -l '</html>' for that.

Running Curl in Run Shell Script with arguments in Automator

I'm trying to send a curl command in Automator via the 'Run Shell Script', with arguments, but having no luck. I'm using /bin/bash and passing info as arguments. Here is my script but keep getting Bad Request from IFTTT. I get it's to do with not using the args correctly (if I just put "value1":"test" it works fine), how should I format the $1?
for f
do
curl -X POST -H "Content-Type: application/json" -d '{"value1":$1}' https://maker.ifttt.com/trigger/Automator/with/key/heremykey
done
Thanks!
You should pass a valid JSON. There is no built-in JSON support in Bash, so you need to use external tools, such as PHP, or Node:
#!/bin/bash -
function json_encode {
printf "$1" | php -r 'echo json_encode(stream_get_contents(STDIN));'
}
for f
do
value=`json_encode "$f"`
curl -X POST -H "Content-Type: application/json" -d "{\"value1\":$value}" \
https://maker.ifttt.com/trigger/Automator/with/key/heremykey
done
The script is supposed to send {"value1": ...} string for each item in $#(because the short version of the for loop operates on $#).

Resources