10-11-2017 07:50 AM - edited 03-01-2019 06:26 AM
Hello everybody,
at the moment I am trying to establish an authentication towards a FortiNet Firewall Appliance via the RESTAPI.
Therefore i need to send a HTTP POST Request.
I think thats working fine, but from the request I should get a authentication cookie, which I have to use for all further actions.
Sadly I don't know how to access this cookie.
I use the following libs:
importPackage(org.apache.commons.httpclient);
importPackage(org.apache.commons.httpclient.cookie);
importPackage(org.apache.commons.httpclient.methods);
importPackage(org.apache.commons.httpclient.auth);
importPackage(org.apache.commons.httpclient.protocol);
My Request looks like this:
//------------------------------ Get Token for the session---------------------------
var request = new httpRequest();
// SSL connection with Basic Auth
request.setup("1.2.3.4","https");
// POST request.
request.postRequest("/logincheck","username=apiuser&secretkey=123456");
var statusCode = request.execute();
var response = request.getResponse("asString");
logger.addInfo("Status Code: " + statusCode );
logger.addInfo("Response data: " + response );
request.disconnect();
//------------------------------ Get Token for the session---------------------------
Anyone does know how I can access the cookies out of the response here?
I tried some methods, but none of them seems to work.
Or am I maybe on the wrong track?
Thanks for your help!
kind regards
Manuel
10-11-2017 04:57 PM
Take a look at #419
https://communities.cisco.com/docs/DOC-75812
I get a ticket from DNA Center and use it in the next task to call the next API call.
10-12-2017 09:22 AM
Hi Orf,
tried a lot, but I think there is still something missing or other than in the example.
What I need at first is, to display the Cookie/Header which I get from my initial POST.
When I go i.e. with curl like: curl -X POST -k https://1.2.3.4/logincheck -d "username=apiuser&secretkey=123456" -vvv
I see following headers/cookies:
< Set-Cookie: APSCOOKIE_17428408139350898367="XYZ123"; path=/; HttpOnly
< Set-Cookie: ccsrftoken_17428408139350898367="blabla"; path=/
< Set-Cookie: ccsrftoken="blabla"; path=/
< Set-cookie: rl=;expires=Thu, 01 Jan 1970 00:00:01 GMT;path=/
< Transfer-Encoding: chunked
< Content-Type: text/html; charset=utf-8
Now I want to save two of the headers (APSCOOKIE.... and ccsrftoken) to two variables.
After saving them I will be able to use them in my further POSTs towards the API, because I need to send them, to be authenticated.
I tried to access the headers with things like the following:
var cookie = request.getResponse().headers['Set-Cookie'];
or
var cookie = request.getResponseHeader('Set-Cookie');
But nothing seems to work and I cant find any JavaScript doc, where its explained how to access just the header from a response...
Did I just misunderstood your examplescript, or do you (or someone) have any other idea how to achieve my goal?
10-13-2017 04:58 AM
I just realized I had pasted the wrong code into the example, but the task in the workflow had the right code…
(https://communities.cisco.com/docs/DOC-75812)
In my case my response looks like this (JSON):
{'response':{'serviceTicket':'ST-32-SWCclW9mch72oFRTiaED-cas','idleTimeout':1800,'sessionTimeout':21600},'version':'1.0'}
And my code gets the ticket with some string clean up (x.replace):
// Parse the response for the service ticket...
var parser = new JsonParser();
var jsonTree = parser.parse(response);
logger.addInfo("jsonTree - JSON Object: " + jsonTree.isJsonObject());
var jsonObj = jsonTree.getAsJsonObject();
var serviceTicketObj = jsonObj.get("response").get("serviceTicket");
logger.addInfo("Service Ticket: " + serviceTicketObj.toString());
var a=serviceTicketObj.toString();
logger.addInfo("a = " + a);
var b=a.replace(/["']/g, "");
logger.addInfo("b= "+b);
output.TICKET = b;
You response does not look like JSON.
10-13-2017 05:10 AM
Hi Orf,
thats right - my response is no JSON.
Here is the full response from CURL POV:
--------------------------------------------------------------------------------------------
root@FESVMDSMLMNG003:~# curl -X POST -k https://1.2.3.4/logincheck -d "username=apiuser&secretkey=blabla" -vvv
* About to connect() to 1.2.3.4 port 443 (#0)
* Trying 1.2.3.4... connected
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* subject: C=US; ST=California; L=Sunnyvale; O=Fortinet; OU=FortiGate; CN=FG1K2D3I16801618; emailAddress=support@fortinet.com
* start date: 2016-10-18 02:32:45 GMT
* expire date: 2038-01-19 03:14:07 GMT
* issuer: C=US; ST=California; L=Sunnyvale; O=Fortinet; OU=Certificate Authority; CN=support; emailAddress=support@fortinet.com
* SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
> POST /logincheck HTTP/1.1
> User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
> Host: 1.2.3.4
> Accept: */*
> Content-Length: 31
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 31out of 31 bytes
< HTTP/1.1 200 OK
< Date: Fri, 13 Oct 2017 11:26:31 GMT
< Server: xxxxxxxx-xxxxx
< Set-Cookie: APSCOOKIE_17428408139350898367="Era%3D0%26Payload%3DSfxRpm3acV2A59jeBJbIp+vrQL1JP%2FwMpf3ZRZokkQMhooRYe+D3SjBX5A235bVZ%0Aghi0bktyVCNgC8tA%2Fb%2F4UPIZ9kXhlXnLyN0rJbRggONPCLrJGR06b0eZ2AIrqbt1%0ATXNzl9ualb4v40O0CcJu0dfRSpgsxoq7%0A%26AuthHash%3DPgttgDSCqgy6DbExOjKTPKzv9H0A%0A"; path=/; HttpOnly
< Set-Cookie: ccsrftoken_17428408139350898367="AB1A4EAD17DD609C221B81227CF534AF"; path=/
< Set-Cookie: ccsrftoken="AB1A4EAD17DD609C221B81227CF534AF"; path=/
< Set-cookie: rl=;expires=Thu, 01 Jan 1970 00:00:01 GMT;path=/
< Transfer-Encoding: chunked
< Content-Type: text/html; charset=utf-8
< X-Frame-Options: SAMEORIGIN
< Content-Security-Policy: frame-ancestors 'self'
< X-UA-Compatible: IE=Edge
<
<script language="javascript">
document.location="/ng/prompt?viewOnly&redir=%2Fng%2F";
</script>
* Connection #0 to host 1.2.3.4 left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
--------------------------------------------------------------------------------------------
So I know now, that I need to extract the Headers and display them.
Then I tried to extend the function which are built up above in the script.
httpRequest.prototype.getHeaders = function(headname) {
return this.httpMethod.getResponseHeader(headname);
this.headers = this.httpMethod.getResponseHeaders();
return this.headers;
};
To display this i use:
var headers = request.getHeaders("Set-Cookie");
logger.addInfo("Headers: " + headers );
But I just get a "null" as result.
Otherwise when I try it with this code:
httpRequest.prototype.getHeaders = function() {
this.headers = this.httpMethod.getResponseHeaders();
return this.headers;
};
var headers = request.getHeaders();
logger.addInfo("Headers: " + headers );
But then I see something like: [Lorg.apache.commons.httpclient.Header;@1e5ea189
It seems that I have to add another function (as I did) but I am obviously doing there some mistake - but i don't know which mistake I face here.
10-13-2017 05:22 AM
I probably would use
var str = "Visit W3Schools!";
var n = str.search("W3Schools");
n=6
and get the position and then cut out the part you need
var res = str.substring(n, n+10);
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide