SpinningCone

Using Autoit to access a webservice that requires authentication

2 posts in this topic

I'm trying to build a script to call some functions of a web service. I have found this example for doing SOAP ?do=embed' frameborder='0' data-embedContent> so I assume I can manually read out the wsdl file and figure out how to hand build a payload to do what I want ( I think, honestly this is all new to me).

the problem I have is that the service requires authentication via client certificate. and I can't seem to find any example of how to use a webservice like that with autoit. I *might* have a basic auth option to access the service too but that's not 100% and even if I can I don't know how to do basic auth in autoit either.

is this possible with autoit it (with either auth)? can anyone point me to some code?

Share this post


Link to post
Share on other sites



Search the examples section for WinHttp. By far this is the UDF for the job and well documented.


_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 04/09/2015

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Similar Content

    • colombeen
      By colombeen
      Hi guys,
      I have a pretty advanced question...
       
      This is the issue i'm facing :
      On a regular basis we need to install pfx certificates (with password protection) on devices from external companies.
      To install the certificate we always have to contact the user, setup a really dull and long process to get an RDP session to that device, install the certificate.
       
      I'm looking for :
      a way to generate exe files on the fly, that will include the pfx file and password, and automatically install them without any interaction from the user, and the user not being able to retrieve the password to install the certificate.
       
      Question :
      Is this possible with AutoIT? And if so, does anyone have a working example for the certificate installation part or the auto generate with file include?
       
      Thx in advance
      colombeen
    • jandings
      By jandings
      Hello there,
      I'm trying to query a REST API of a webservice, SHOPWARE to be precise. The API is very well documented (https://developers.shopware.com/developers-guide/rest-api/#using-the-rest-api-in-your-own-a) but only using PHP. I tried some stuff but could not make it work.
      It should be very simple, because the following simply works in a Chrome-Browser:
      https://USERNAME:PASSPHRASE@www.SHOPWAREDOMAIN.com/api/orders/300
      queries me for username and passphrase and then dumps order number 300.
      Now I try to do the same in AutoIt (based on the wonderful work of many contributors here):
      #include-once #include "..\INCLUDE\winhttp.au3" #include "..\INCLUDE\OO_JSON.au3" ;Proxy Config Global $oJSON = _OO_JSON_Init() Global $obj = "" Global $sUserName = "USERNAME" Global $sPassword = "PASSPHRASE" Global $sDomain = "www.SHOPWAREDOMAIN.com/api/orders/300" Global $hOpen = _WinHttpOpen("Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) JOC/0.1") ; without ie proxy settings $hConnect = _WinHttpConnect($hOpen, "https://" & $sDomain) ConsoleWrite ($hConnect & "#") $sReturned = _WinHttpSimpleSSLRequest($hConnect, "GET", $sUserName & ":" & $sPassword & "@" & $sDomain, Default ) ;$sReturned = _WinHttpSimpleSSLRequest($hConnect, "GET", $sDomain, Default, $sUserName & ":" & $sPassword) ;$sReturned = _WinHttpSimpleSSLRequest($hConnect, "GET", $sDomain, Default, , $sUserName & ":" & $sPassword ) _WinHttpCloseHandle($hConnect) _WinHttpCloseHandle($hOpen) ; See what's returned ConsoleWrite ($sReturned & "#" & @error) Whatever version I use (I tried the commented ones and many others), I always get a reply from Shopware:
      {"success":false,"message":"Invalid or missing auth"}
      At least this comes from Shopware. But there must be some format of the credentials that I don't know or understand.
      Any help?
    • DavidLago
      By DavidLago
      Hello. 
      I have 5 DCs, and I need to create a scheduled task to run a script that will test the authentication time for each one of them, once every minute. (Then I'll use it within a log analyser to create graphics).
      I came up with a script using the great AD UDF (by water). First I tried using "for" and an array, but something was messing up the results, then I went for the dumb old fashioned way:
      #Include <ad.au3> #include <MsgBoxConstants.au3> Global $AdTestTime = "" Global $Timer1, $Timer2, $Timer3, $Timer4, $Timer5 = "" Global $sAD1 = "MYSERVER109" Global $sAD2 = "MYSERVER110" Global $sAD3 = "MYSERVER111" Global $sAD4 = "MYSERVER112" Global $sAD5 = "MYSERVER113" $Timer1 = Timerinit() _AD_Open("", "", $sAD1) _AD_Close() Local $fDiff1 = TimerDiff($Timer1) $Timer2 = Timerinit() _AD_Open("", "", $sAD2) _AD_Close() Local $fDiff2 = TimerDiff($Timer2) $Timer3 = Timerinit() _AD_Open("", "", $sAD3) _AD_Close() Local $fDiff3 = TimerDiff($Timer3) $Timer4 = Timerinit() _AD_Open("", "", $sAD4) _AD_Close() Local $fDiff4 = TimerDiff($Timer4) $Timer5 = Timerinit() _AD_Open("", "", $sAD5) _AD_Close() Local $fDiff5 = TimerDiff($Timer5) MsgBox(0,"", "MYSERVER109=" & $fDiff1) MsgBox(0,"", "MYSERVER110=" & $fDiff2) MsgBox(0,"", "MYSERVER111=" & $fDiff3) MsgBox(0,"", "MYSERVER112=" & $fDiff4) MsgBox(0,"", "MYSERVER113=" & $fDiff5) Still, something is off here. 
      The first AD to be tested is always the slowest one, by far, like 20 times slower. Then I started to suspect that the first one starts the "negotiation", and the following ones ride the gravy train.
      If I repeat the first code twice, All servers seem to have a similar result.
      $Timer1 = Timerinit() _AD_Open("", "", $sAD1) _AD_Close() Local $fDiff1 = TimerDiff($Timer1) $Timer1 = Timerinit() _AD_Open("", "", $sAD1) _AD_Close() Local $fDiff1 = TimerDiff($Timer1) $Timer2.... Am I right?
      Also, is there a better way to test the authentication time?
      Thanks for the help.
      - Dave
    • Jefrey
      By Jefrey
      Hi guys!
       
      I've created this UDF to work with Nitgen fingerprint readers that use NGenBio SDK. I'm working with Hamster DX for testing purposes:
       

      So, the UDF still needs a lot of functionalities but what is already written is enough to do most of the tasks you would want to do with a fingerprint scanner (registering, authentication of a user, identification of a person among many users etc.).
      I've put it on GitHub because it will be constantly updated. Also, if you want to help, feel free to clone and send pull requests
      Examples:
      #include 'NGenBio.au3' ; Enumerate devices $numberOfDevices = _NEnumerate() ; Enumerate all connected devices If Not $numberOfDevices Then Exit ; no device connected _NOpen() ; Open device (no argument = open latest connected device) ; ====================================================================== ; Example 1: just get a fingerprint and display the string associated to it MsgBox(0, "Your fingerprint means:", _NCapture()) ; ====================================================================== ; Example 2: verification (expecting for a specified person) ; Ask for name (to show how to work with payloads and store info on the fingerprint data) $sName = InputBox("Test", "Enter your name") $tmpData = _NEnroll($sName) ; Register a fingerprint (we will have a string to save in DB if we want; $sName will be saved together with the data) If Not $tmpData Then Exit ; User canceled $check = _NVerify($tmpData) ; Verify fingerprint (from the string that the registration gave us - it could have come from a database) If $check Then MsgBox(0, '', 'That''s you, ' & $check & "!") ; Correct fingerprint Else MsgBox(0, '', 'That''s not you!') ; Wrong fingerprint EndIf ; ====================================================================== ; Example 3: identification (expecting for anyone of a group of persons) ; Add the already saved FIR data from the previous example as ID #1 _NSearch_Add($tmpData, 1) MsgBox(0, "", "You are now user 1. Please call someone else to register (or use different fingers/hand) to test the registration of a second person.") $secondPersonName = InputBox("Test", "What's the name of the second person?") ; Get data $secondperson = _NEnroll($secondPersonName) _NSearch_Add($secondperson, 2) ; Let's ask for the fingerprint to search for $capture = _NCapture() $user = _NSearch_Identify($capture) If $user Then MsgBox(0, "", "User: " & $user) Else MsgBox(0, "", "User not found!") EndIf _NClose() ; Close device (no argument = close latest opened device) Note that you must install NGenBio SDK (although my system is x64, I only had success after installing the x86 version). More details, documentation and link to download the SDK on the readme file.
      Get it on Github
    • ur
      By ur
      I can check this though signtool.exe and it results in the text output though below command.
      signtool.exe verify /v /pa "C:\test\ftdiport.cat" And this result the output in verbose mode in command prompt or we can redirect it to a text file as below.
       
      Verifying: C:\test\ftdiport.cat Signing Certificate Chain: Issued to: Class 3 Public Primary Certification Authority Issued by: Class 3 Public Primary Certification Authority Expires: 8/2/2028 5:29:59 AM SHA1 hash: 742C3192E607E424EB4549542BE1BBC53E6174E2 Issued to: VeriSign Class 3 Code Signing 2004 CA Issued by: Class 3 Public Primary Certification Authority Expires: 7/16/2014 5:29:59 AM SHA1 hash: 197A4AEBDB25F0170079BB8C73CB2D655E0018A4 Issued to: Future Technology Devices International Ltd Issued by: VeriSign Class 3 Code Signing 2004 CA Expires: 9/30/2010 5:29:59 AM SHA1 hash: 029E8FF6146EE9AEDA68092AB030057165B73A20 The signature is timestamped: 3/31/2010 6:10:55 PM Timestamp Verified by: Issued to: Thawte Timestamping CA Issued by: Thawte Timestamping CA Expires: 1/1/2021 5:29:59 AM SHA1 hash: BE36A4562FB2EE05DBB3D32323ADF445084ED656 Issued to: VeriSign Time Stamping Services CA Issued by: Thawte Timestamping CA Expires: 12/4/2013 5:29:59 AM SHA1 hash: F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D Issued to: VeriSign Time Stamping Services Signer - G2 Issued by: VeriSign Time Stamping Services CA Expires: 6/15/2012 5:29:59 AM SHA1 hash: ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE Successfully verified: C:\Users\ur00361883\Desktop\ftdiport.cat Number of files successfully Verified: 1 Number of warnings: 0 Number of errors: 0  
       
      One option is to parse this file and I need to get below details.
      Catalog file is Signed/Unsigned and Certificate issued for it and its expiry date.
      Is there any option like some libraries instead of parsing this text file whether in c#,vbscript,autoit or powershell or any platform.
      If no option, please guide me on how to parse this output.