REST API Login from Powershell

Volker_Wend · July 30, 2024, 8:24pm

Hi folks, I try to automate Token Creation from Powershell. Her is my code to login:

$authUrl = "$piServer/auth"
$authBody = @{
        username = $username
        password = $password
        realm    = $realm
    }

$response = Invoke-RestMethod -Uri $authUrl -Method Post -Body ($authBody | ConvertTo-Json ) -ContentType "application/json" -Verbose

The Response shows Status =True, but I do not get a authentification token value. What is wrong? Any Ideas?

id : 1
jsonrpc : 2.0
result : @{status=True; value=}
time : 1722369999,3013406
version : privacyIDEA 3.9.3
versionnumber : 3.9.3

nilsbehlen · July 31, 2024, 3:16pm

Hi,
have you checked with another tool what the response is?
There is another json object in value, so maybe it is just cut off with the code you have.

nilsbehlen · July 31, 2024, 3:16pm

you can for example check the dev tools in the browser when you log in to the webui.

Volker_Wend · August 1, 2024, 10:01am

My vault. I read the return value wrong. $response.result.value shows a token.

Volker_Wend · August 1, 2024, 9:25pm

Hi, now I can create a token and get an otp value back but the QR Code shown is not valid. The Documentation is not very specific about totp generation. Are there any special fields necessary?

Thanks,
Volker

    $tokenUrl = "$piServer/token/init"
    $tokenBody = @{
        genkey = 1
        type   = "totp"
        user   = $user
        realm  = $realm
    }

    $headers = @{
        "Authorization" = "$authToken"
    }

    $response = Invoke-RestMethod -Uri $tokenUrl -Method Post -Headers $headers -Body ($tokenBody | ConvertTo-Json) -ContentType "application/json"

description : OTP seed
img : data:image/png;base64,iVBORw0KGgoAA…=
value : seed://28fabe806c7c4e083c3a9ab041317a8b553a44fe
value_b32 : FD5L5ADMPRHAQPB2TKYECML2RNKTURH6

nilsbehlen · August 2, 2024, 11:45am

What do you mean it is not valid? How are you displaying it?
Do you want to use the QR Code or just the secret - which is in value_b32?

Volker_Wend · August 2, 2024, 12:02pm

I saved the png File and tried to import the Code into the app without success. The Privacyidea App does nothing, the Google Authenticator tells me, the QR Code is Invalid.

VW

Volker_Wend · August 2, 2024, 4:29pm

Please clarify: The generated QR Code shows only the seed value: 28fabe806c7c4e083c3a9ab041317a8b553a44fe

What needs to be done, so that the QR Code is complete?

VW

nilsbehlen · August 5, 2024, 2:28pm

which value are you using?
the value of ‘img’ is to be put in a html tag to show the qr if i am not mistaken, and should be equal to the one you get in the webui.

Volker_Wend · August 17, 2024, 4:38pm

Hi, to complete this thread: I had to use a different Variable from the result.

Correct: $response.detail.googleurl

Wrong: $response.detail.otpkey

Now the generation via API works.