search

AtlassianPS / ConfluencePS

Confluence REST API (including Cloud) via PowerShell
https://AtlassianPS.org/module/ConfluencePS
MIT License
152 stars 41 forks source link

ADFS Support in ConfluencePS #171

Open cwanized opened 5 years ago

cwanized commented 5 years ago

Description

As it seems, ConfluencePS doesn't support yet if the corporate Wiki is behind ADFS authentication.

Get-ConfluenceSpace -SpaceKey "space_id" raises exception:

ConvertFrom-Json : Invalid JSON primitive: .
At C:\Program Files\WindowsPowerShell\Modules\ConfluencePS\2.5.0\ConfluencePS.psm1:1048 char:37
+ ... $response = ConvertFrom-Json ([Text.Encoding]::UTF8.GetString($webRes ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   + CategoryInfo          : NotSpecified: (:) [ConvertFrom-Json], ArgumentException
   + FullyQualifiedErrorId : System.ArgumentException,Microsoft.PowerShell.Commands.ConvertFromJsonCommand

The actual issue appears in ConfluencePs.psm1 Line 982. The Invoke-Webrequest delivers in $webResponse.Content:

<html>
    <head>          
    </head>
        <body onload="document.forms[0].submit()">            
        <noscript><p>                
            <strong>Note:</strong> **Your browser does not support JavaScript,                
                Press Continue to proceed...** </p>            
        </noscript>            
        <form method="POST" action="https://sts.company.com/adfs/ls/?RedirectToIdentityProvider=http://sts.company.com/adfs/services/trust"> 
                    <div>                   
                <input type="hidden" name="SAMLRequest" value="PHNhbWxwOkF1dGhuUmVxdWVzdCB4bWx[...]1ZXN0Pg=="/>
            </div>
            <noscript>
                <div>
                    <input type="submit" value="Continue"/>
                </div>
            </noscript>
        </form>
    </body>
</html>

^^ Your browser does not support JavaScript,
Press Continue to proceed...

This is because PowerShell doesn't run the JaveScript Code on the Server. Thats very likely the reason why the re-direction does not work.

Steps To Reproduce

Use ConfluenceWiki Server with ADFS Authentification

  1. Run: Get-ConfluenceSpace
  2. Exception: ConvertFrom-Json : Invalid JSON primitive: (see above or Picture)

Expected behavior

Detection if ADFS used and support the occuring re-direct

Screenshots

image *: https://sts.company.com is the internet-facing ADFS proxy

Your Environment

ConfluencePS: 2.5.0 PSVersion: 5.1.14409.1018 Confluence Server: 6.13.4

Possible Solution

-

Thanks

cwanized commented 5 years ago

If you Need more Information or more detailed logs, please me know. I'd like to help where I can.

lipkau commented 5 years ago

Can you try with an API token?

https://atlassianps.org/docs/JiraPS/about/authentication.html#api-token

cwanized commented 5 years ago

Can you try with an API token? https://atlassianps.org/docs/JiraPS/about/authentication.html#api-token

I already had this in mind, but I thought this is only available for Jira(PS). But I can give it a try.

Just for my understanding, is it requried to Install JiraPS in parallel to ConfluencePS to use API token? Or does ConfluencePS supports that by it self?

lipkau commented 5 years ago

You don't need to install both modules. I just didn't write the help for confluencePS yet

lipkau commented 5 years ago

Did it work? Please update this issue. If not, I will close it next week

NPetersenDK commented 3 years ago

@cwanized -> did you manage to get it working? I unfortunately didn't

John91407342 commented 2 years ago

I did not have any luck with e-mail address & personal access token. All Get-ConfluencePage operations return 404. I'm not sure where to change the module to send Authorization: Bearer .

esterity commented 2 years ago

I did not have any luck with e-mail address & personal access token. All Get-ConfluencePage operations return 404. I'm not sure where to change the module to send Authorization: Bearer .

The same problem with me I've tried and it didn't work but this worked: curl -H "Authorization: Bearer <mytoken>" https://wiki.company.com/rest/api/content

so the issue on ConfluencePs side

esterity commented 2 years ago

I've figured out how to fix it with PAT and Bearer auth usage (there's no support for that in ConfluencePS) I'm gonna make PR this weekend

cwanized commented 2 years ago

@cwanized -> did you manage to get it working? I unfortunately didn't

Sorry no luck o far and sorry for the late reply

cwanized commented 2 years ago

I've figured out how to fix it with PAT and Bearer auth usage (there's no support for that in ConfluencePS) I'm gonna make PR this weekend

@esterity I just tried your branch, but I still got the same behavior. Did you manage to resolve the issue? Do you proceed with your branch?

Thanks

esterity commented 2 years ago

Hi, it appeared to be more complex than I thought at first so I gave up for a while

cwanized commented 2 years ago

Hi, it appeared to be more complex than I thought at first so I gave up for a while

Thanks for the reply

yeah, i'm stuck there too :)

christensenjohn commented 2 years ago

did you managed to get it to work ?

esterity commented 2 years ago

Hi, have a look on commit https://github.com/esterity/ConfluencePS/commit/7e840011d24fb448d75f946041634825c94feb5c