Aufgabe
Username + Passwort per Basic Authentification an einen Web Service schicken, welcher allerdings kein gültiges Zertifkat besitzt und das Ergebnis samt einer Url an den Browser weiterleiten.
bash
token=$(curl --insecure --request GET \
--url "https://localhost:1234/Token" \
--header "$(echo Authorization: Basic $(echo -n 'username:password' | base64))")
# echo $token
# open browser
# xdg-open "https://localhost:1234/?token=" + $token
sensible-browser "https://localhost:1234/?token=" + $token
powershell
$user = 'username'
$pass = 'password'
$url = 'https://localhost:1234/Token'
$pair = "$($user):$($pass)"
$encodedCreds = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes($pair))
$Headers = @{
ContentType = "text/plain"
Authorization = "Basic $encodedCreds"
}
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
if (-not ([System.Management.Automation.PSTypeName]'ServerCertificateValidationCallback').Type)
{
$certCallback = @"
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
public class ServerCertificateValidationCallback
{
public static void Ignore()
{
if(ServicePointManager.ServerCertificateValidationCallback ==null)
{
ServicePointManager.ServerCertificateValidationCallback +=
delegate
(
Object obj,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors errors
)
{
return true;
};
}
}
}
"@
Add-Type $certCallback
}
[ServerCertificateValidationCallback]::Ignore()
$result = Invoke-WebRequest -Uri $url -Headers $Headers -Method Get
$result.Headers.'Content-Type text/plain; charset=utf-8'
$token = [System.Text.Encoding]::UTF8.GetString($result.Content)
# open browser
Start-Process ("https://localhost:1234/?token=" + $token)
and the winner is...
... sicherlich nicht powershell.
Ab powershell v6 gibts anscheinend einen einfacheren Weg ungültige Zertifikate einfach zu ignorieren - leider wird mit Windows 10 nur v5.7 ausgeliefert.