Unauthorized to get list of terminals - adyen

I'm getting a 401 Unauthorized error when trying to use the management API to get a list of terminals. I'm using PowerShell Invoke-RestMethod.
Here's what I'm trying to run:
$Key = [API Key]
$Headers = #{'Content-Type' = 'application/json'; 'X-API-Key' = $Key}
$Uri = "https://management-test.adyen.com/v1/terminals"
Invoke-RestMethod -Method GET -Uri $Uri -Headers $Headers
Result is this:
Invoke-RestMethod : The remote server returned an error: (401) Unauthorized.
At line:1 char:1
+ Invoke-RestMethod -Method GET -Uri $Uri -Headers $Headers
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
The API library states that the API Credential must have the 'POS Terminal Management API' and 'Management API—Terminal settings read' roles assigned, which it does.
I do get a success code when I try the API to get company account, so I know the API key works. Is there something else I'm missing?

I was able to access /v1/terminals after granting also the PSP Terminal Action Management API role.
Assign to the API credential that owns the API Key the following roles:
POS Terminal Management API
Management API—Terminal settings read
PSP Terminal Action Management API

Related

Can't create webhook through v2 api endpoint

I am trying to dispatch webhook create endpoint and getting 403 Forbidden response code with no error information in body. My request looks like:
POST /v2/apps/618ce23498488b00e1582723/integrations/618ce235a6ccf400e1a4b992/webhooks HTTP/1.1
Host: api.smooch.io
Content-Type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImtpZCI6ImFwcF82MThjZTIzNGZiYTk5MDAwZTFiZDgyYWMifQ.eyJzY29wZSI6ImFwcCJ9.hXigeREGoUQ8YtM_gPUXfgWEGumbnlbBNLk_*******
Content-Length: 120
{
"target": "https://example.com/inbound-smooch-request",
"triggers": [
"conversation:message"
]
}
Response I am getting:
{"errors":[{"code":"forbidden","title":"Forbidden"}]}
That's how I generate Bearer token:
$signer = new Sha256();
$a = (new Builder())
->withHeader('alg', 'HS256')
->withHeader('typ', 'JWT')
->withHeader('kid', 'app_618ce234fba99000e1bd8***')
->withClaim('scope', 'app')
->getToken($signer, new Key('4K5KoVqLixLOUrkJSebr4rFsvZAu66d2WD8WEhXDgAZnJaltEpnHWpF_PUwQUGuNlFnBXvr8mtGsvNKj******'));
echo $a . PHP_EOL;
die();
Webhook api documentation: https://docs.smooch.io/rest/#operation/createWebhook
There is a bearerAuth (integration, app) explanation but there is no information what does this means. Documentation says that there are only two scopes: account and app. So what is this?
Other endpoints work normally (app create, app keys create, integration create)
Tried Basic auth also but it did not help.
The *Webhook endpoints are used (in v2) to create/update/remove webhooks from an existing customIntegration (integration with type: custom).
This endpoint will allow you to create a new integration, and when you set type: custom, it will also accept a webhooks list: https://docs.smooch.io/rest/#operation/createIntegration

Executing a PATCH api call from powershell

I'm trying to run the following API 'Patch' command from powershell which I'm looking to execute a release in Azure DevOps ...
$deploy = Invoke-RestMethod -Uri $patchurl -Method Patch -Body $body -Headers $header -ContentType "application/json-patch+json"
The url example is below
https://vsrm.dev.azure.com/test/Fixed%20Income/_apis/Release/releases/567/environments/1072?api-version=6.0-preview.6
The body of the patch call is ...
"Status": "inProgress",
"scheduledDeploymentTime": null,
"comment": null,
"variables": {}
Running the invoke command from powershell returns the following response ...
Invoke-RestMethod : {"$id":"1","innerException":null,"message":"TF400898: An Internal Error Occurred. Activity Id:
759888ab-9828-4cb6-ba2f-e90cde1cd39a.","typeName":"System.Web.Http.HttpResponseException, System.Web.Http","typeKey":"HttpResponseException","errorCode":0,"eventId":0}
When I run the same url to run a 'patch' request from Postman I get the below response, which is what I'm expecting to get from Powershell.
"$id": "1",
"innerException": null,
"message": "TF400813: The user '' is not authorized to access this resource.",
"typeName": "Microsoft.TeamFoundation.Framework.Server.UnauthorizedRequestException, Microsoft.TeamFoundation.Framework.Server",
"typeKey": "UnauthorizedRequestException",
"errorCode": 0,
"eventId": 3000
Any ideas what I'm doing wrong?
According to your description, when you call this REST API from Postman, the response returns an error: "message": "TF400813: The user" is not authorized to access this resource." The cause of this problem is incorrect authorization.
Please create a new personal access token in the organization first, then select the type: Basic Auth in the Authorization tab, and type your PAT in the password input box on the right.
When you call this REST API from powershell, the response returns an error: "TF400898: An Internal Error Occurred. Activity Id: 759888ab-9828-4cb6-ba2f-e90cde1cd39a." The cause of this problem is Content- Type is incorrect.
Please use ContentType "application/json" instead of ContentType "application/json-patch+json" .
Script template:
$token = "PAT"
$token = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes(":$($token)"))
$url3="https://vsrm.dev.azure.com/{organization}/{project}/_apis/Release/releases/{releaseId}/environments/{environmentId}?api-version=6.0-preview.6"
$body = "{
`"status`": `"inProgress`",
`"scheduledDeploymentTime`": null,
`"comment`": null,
`"variables`": {}
}"
$response3 = Invoke-RestMethod -Uri $url3 -Headers #{Authorization = "Basic $token"} -Method Patch -Body $body -ContentType application/json
Please refer to the following steps to create a PAT:
From your home page, open your user settings, and then select Personal access tokens.
From your home page, open your user settings, and then select Personal access tokens. Name your token, select the organization where you want to use the token, and then choose a lifespan for your token. Select Create.
When you're done, make sure to copy the token. For your security, it won't be shown again. Use this token as your password.

Running WinRM quickconfig for remote servers

I am writing a PowerShell script that reads in a list of hosts from a file. I have tried two separate methods, having issues with both.
First Method:
$WinRM = Invoke-Command -Computer $server -ScriptBlock { WinRM quickconfig }
This gives the following error message on some of the hosts:
WSManFault
+ CategoryInfo : NotSpecified: (WSManFault:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
+ PSComputerName : svclebetapool01.lehi.micron.com
Message = Access is denied.
Error number: -2147024891 0x80070005
Access is denied.
Second Method:
$WinRM = C:\PSTools\PsExec.exe \\$server -s winrm.cmd quickconfig -q
This sets $WinRM to the exit code (1 on successful execution). If I redirect the output with > or >>, then it displays the PsExec copyright. I am looking for the exact message that is created by the WinRM quickconfig command so that I know how to handle it in different situations.
if your intention is to enable PowerShell remoting, then you can
C:\PSTools\PsExec.exe \\$server PowerShell.exe -c "Enable-PSRemoting -Force"
or
wmic /node:$Server process call create "PowerShell.exe -c 'Enable-PSRemoting -Force'"

Jenkins job adding new line only when run via jenkins pipeline not stand alone

I have a jenkins pipeline that builds a job that uses powershell to make json based requests. When I run the job through the pipeline my script adds various line breaks throughout the json. When I run the job by hitting 'rebuild' the script runs without issue.
Output of my request via jenkins pipeline:
Invoke-RestMethod -Uri http://api.newrelic.com/v2/applications/17303495/deployments.json -Method 'POST' -Headers System.Collections.Hashtable -ContentType 'application/json' -Body {
"deployment": {
"revision": "Deployment of e0ca4b7
",
"changelog": "See Release Email Notes",
"description": "Beginning Deployment of e0ca4b7
",
"user": "pcort"
}
}
Output of my request via 'rebuild' or manual:
Invoke-RestMethod -Uri http://api.newrelic.com/v2/applications/17303495/deployments.json -Method 'POST' -Headers System.Collections.Hashtable -ContentType 'application/json' -Body {
"deployment": {
"revision": "Deployment of e0ca4b7",
"changelog": "See Release Email Notes",
"description": "Beginning Deployment of e0ca4b7",
"user": "pcort"
}
}
Help! This is really weird and breaks my code :) Any ideas would be great!
Jenkins is running ver. 2.46.2 and all plugins are up to date.
The issue was with getting the build label. I'm not entirely sure how it works, maybe someone with more knowledge can inform me, but getting the short git commit git rev-parse --short HEAD was leaving a space or new line character at the end of the variable (I was returning this via powershell). By adding .trim() I cleared this up.

Querying Shopify JSON data via the API with PowerShell (Error 401 with Invoke-Webrequest)

I am trying to write a PowerShell script to use Shopify's API to access JSON data. I've created a private app, and confirmed this works when accessing a JSON feed via a browser. I've also actually gotten this working using System.Net.WebClient, but I'd prefer to work with Invoke-WebRequest but that doesn't authenticate correctly.
When trying:
$uri = "https://apikey:password#anewshop.myshopify.com/admin/products.json"
$json = Invoke-WebRequest -Uri $uri -contentType "application/json" -Method Get -Headers #{"Host"="anewshop.myshopify.com";"Authorization"="Basic"} | ConvertFrom-Json
I receive and error 401:
System.Net.WebException: The remote server returned an error: (401) Unauthorized.
at Microsoft.PowerShell.Commands.WebRequestPSCmdlet.GetResponse(WebRequest request)
at Microsoft.PowerShell.Commands.WebRequestPSCmdlet.ProcessRecord()
Authentication via PowerShell fails, but with a browser it does not. When making the request in Firefox, the request headers are as followed:
Host: "anewshop.myshopify.com"
User-Agent: "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:32.0) Gecko/20100101 Firefox/32.0"
Accept: "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
Accept-Language: "en-US,en;q=0.5"
Accept-Encoding: "gzip, deflate"
Cookie: "_secure_admin_session_id=35ce7a14ee4f510c2e20d57f66960503; request_method=GET"
Authorization: "Basic StrippedLongString="
Connection: "keep-alive"
Cache-Control: "max-age=0"
The working code with System.Net.WebClient is as followed:
$uri= "https://anewshop.myshopify.com/admin/products.json"
$apiKey = "apikey"
$password = "password"
$webclient = new-object System.Net.WebClient
$webclient.Credentials = new-object System.Net.NetworkCredential($apikey, $password)
$json = $webclient.DownloadString($fullurl) | ConvertFrom-Json
Can anyone explain why Invoke-Webrequest fails? What is it missing exactly? Additional headers?
Edit: This also raises an additional question, of how I would actually update data via the API. Usually I'd use Invoke-Webreqest with POST/PUT but I'm not sure how WebClient handles this scenario.
Thanks.
Solved by ensuring the apikey and password were base64 encoded in the headers:
$uri = "https://anewshop.myshopify.com/admin/products.json"
$apikey = "apikey"
$password = "password"
$headers = #{"Authorization" = "Basic "+[System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($apikey+":"+$password))}
$products = Invoke-WebRequest -Uri $uri -contentType "application/json" -Method Get -Headers $headers | ConvertFrom-Json