我是PowerShell,Thycotic Secret Server和编写API的新手。我的任务是编写一个 API 来远程访问 Thycotic 秘密服务器并上传机密和附件。不幸的是,我还没有走出起跑线。我在这里遵循代码:
https://thycotic.force.com/support/s/article/REST-API-PowerShell-Scripts-Getting-Started
我已经复制了: 3 – 搜索秘密 4 – 创建密钥并
从这里获取令牌: https://thycotic.force.com/support/s/article/Secret-Server-Trial-Using-the-API
并为每个函数创建了函数。我所做的唯一更改是更改myurl,myusert和mypassword。
这是我的PowerShell脚本:
$myUrl = "mysecretserver/Login.aspx?ReturnUrl=%2f"
$application = "https://mysecretserver/Login.aspx?ReturnUrl=%2fsecretserver"
# Ask for user name
$userName = Read-Host -Prompt "Please enter user name"
$userPassword = Read-Host -AsSecureString "Password"
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
Get-Token
Search-Secrets $userName,$userPassword
Create-Secret $userName,$userPassword
当我运行 Get-Token 时(没有对下载的代码进行任何更改(
function Get-Token
{
[CmdletBinding()]
Param(
[Switch] $UseTwoFactor
)
$creds = @{
username = $userName
password = $userPassword
grant_type = "password"
};
$headers = $null
If ($UseTwoFactor) {
$headers = @{
"OTP" = (Read-Host -Prompt "Enter your OTP for 2FA (displayed in your 2FA app): ")
}
}
try
{
$response = Invoke-RestMethod "$application/oauth2/token" -Method Post -Body $creds -Headers $headers;
$token = $response.access_token;
return $token;
}
catch
{
$result = $_.Exception.Response.GetResponseStream();
$reader = New-Object System.IO.StreamReader($result);
$reader.BaseStream.Position = 0;
$reader.DiscardBufferedData();
$responseBody = $reader.ReadToEnd() | ConvertFrom-Json
Write-Host "ERROR: $($responseBody.error)"
return;
}
}
它似乎运行正常,但是当我显示$token时,它是空的。 我不是 100% 确定这是在做什么,并且查看了很多示例,但似乎缺少读取令牌并使用它来访问秘密服务器的基本步骤。任何帮助将不胜感激。
将机密服务器 URL 替换为服务器的 FQDN,而不是在浏览器中获取的 Web URL。您需要确保密钥服务器地址正确,否则它不会命中 API(并且可能会正常失败,这就是为什么您看不到Get-Token函数的任何错误的原因(。
例如,代替:
$application = "https://mysecretserver/Login.aspx?ReturnUrl=%2fsecretserver"
它可能是这样的:
$application = "https://mysecretserver.mydomain.com"