-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathNew-HCASession.ps1
More file actions
116 lines (98 loc) · 5.73 KB
/
New-HCASession.ps1
File metadata and controls
116 lines (98 loc) · 5.73 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
function New-HCASession {
[CmdletBinding()]
[OutputType([PSCustomObject])]
param(
[Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true)]
[string] $LoginUrl,
[Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true)]
[string] $Username,
[Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true)]
[string] $Password
)
begin { }
process {
##
# First request gets the Action URL:
$FirstRequestParameters = @{
Uri = $LoginUrl
Method = 'Get'
Headers = @{
"Accept" = "text/xml"
"Sec-Fetch-Site" = "same-origin"
"Sec-Fetch-Mode" = "navigate"
"Sec-Fetch-Dest" = "document"
"User-Agent" = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"
}
}
$FirstRequest = Invoke-WebRequest @FirstRequestParameters -SessionVariable LoginSession -ErrorAction Stop -SkipCertificateCheck
$FormAction = [string](([regex]::Match($FirstRequest.Content,'<(form|FORM)[^>]*\s(action|ACTION)="(?<form_action>[^"]+)"')).groups["form_action"].value)
Write-Verbose "[New-HCASession] First request form action: $FormAction"
#
##
##
# Second request sends the username & password:
$LoginParameters = @{
Uri = $FormAction
Method = 'Post'
Body = "username=$Username&password=$Password&credentialId="
WebSession = $LoginSession
ContentType = 'application/x-www-form-urlencoded;charset=UTF-8'
Headers = @{
"Accept" = "text/xml"
"Sec-Fetch-Site" = "same-origin"
"Sec-Fetch-Mode" = "navigate"
"Sec-Fetch-Dest" = "document"
"User-Agent" = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"
"Origin" = "https://login.ista.com"
"Referer" = $FormAction
}
}
$SecondRequest = Invoke-WebRequest @LoginParameters -ErrorAction Stop -SkipCertificateCheck
$FormAction = [string](([regex]::Match($SecondRequest.Content,'<(form|FORM)[^>]*\s(action|ACTION)="(?<form_action>[^"]+)"')).groups["form_action"].value)
Write-Verbose "[New-HCASession] Second request form action: $FormAction"
#
##
## Login data:
$oidc_url = [string](([regex]::Match($SecondRequest.Content,'<FORM[^>]*\sACTION="(?<oidc_url>[^"]+)"', [System.Text.RegularExpressions.RegexOptions]::IgnoreCase)).groups["oidc_url"].value)
$oidc_code = [string](([regex]::Match($SecondRequest.Content,'<INPUT TYPE="HIDDEN" NAME="code" VALUE="(?<oidc_code>[^"]+)"', [System.Text.RegularExpressions.RegexOptions]::IgnoreCase)).groups["oidc_code"].value)
$oidc_iss = [string](([regex]::Match($SecondRequest.Content,'<INPUT TYPE="HIDDEN" NAME="iss" VALUE="(?<oidc_iss>[^"]+)"', [System.Text.RegularExpressions.RegexOptions]::IgnoreCase)).groups["oidc_iss"].value)
$oidc_state = [string](([regex]::Match($SecondRequest.Content,'<INPUT TYPE="HIDDEN" NAME="state" VALUE="(?<oidc_state>[^"]+)"', [System.Text.RegularExpressions.RegexOptions]::IgnoreCase)).groups["oidc_state"].value)
$oidc_session_state = [string](([regex]::Match($SecondRequest.Content,'<INPUT TYPE="HIDDEN" NAME="session_state" VALUE="(?<oidc_session_state>[^"]+)"', [System.Text.RegularExpressions.RegexOptions]::IgnoreCase)).groups["oidc_session_state"].value)
Write-Verbose "[New-HCASession] Third request oidc_url: $oidc_url"
Write-Verbose "[New-HCASession] Third request oidc_code: $oidc_code"
Write-Verbose "[New-HCASession] Third request oidc_iss: $oidc_iss"
Write-Verbose "[New-HCASession] Third request oidc_state: $oidc_state"
Write-Verbose "[New-HCASession] Third request oidc_session_state: $oidc_session_state"
#
##
##
# Fourth request follows the OIDC URL:
##
$LoginParameters = @{
Uri = $oidc_url
Method = 'Post'
WebSession = $LoginSession
Body = "code=$oidc_code&iss=$oidc_iss&state=$oidc_state&session_state=$oidc_session_state"
ContentType = 'application/x-www-form-urlencoded;charset=UTF-8'
Headers = @{
"Accept" = "text/xml"
"Sec-Fetch-Site" = "cross-site"
"Sec-Fetch-Mode" = "navigate"
"Sec-Fetch-Dest" = "document"
"User-Agent" = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"
"Origin" = "https://login.ista.com"
"Referer" = "https://login.ista.com/"
}
}
$FinalRequest = Invoke-WebRequest @LoginParameters -ErrorAction Stop -SkipCertificateCheck
## JWT token:
$jwt_token = [string](([regex]::Match($FinalRequest.Content,'<input type="hidden" name="__twj_" id="__twj_" value="(?<jwt_token>[^"]+)"', [System.Text.RegularExpressions.RegexOptions]::IgnoreCase)).groups["jwt_token"].value)
# Output object:
$ReturnObject = New-Object System.Object
$ReturnObject | Add-Member -Type NoteProperty -Name LoginUrl -Value ($FinalRequest.BaseResponse.ResponseUri.AbsoluteUri ?? $FinalRequest.BaseResponse.RequestMessage.RequestUri.AbsoluteUri)
$ReturnObject | Add-Member -Type NoteProperty -Name WebSession -Value $LoginSession
$ReturnObject | Add-Member -Type NoteProperty -Name JWTToken -Value $jwt_token
$ReturnObject
}
end { }
}