ADFS Support in ConfluencePS

Question

ADFS Support in ConfluencePS

cwanized opened this issue 6 years ago · 15 comments

Description

As it seems, ConfluencePS doesn't support yet if the corporate Wiki is behind ADFS authentication.

Get-ConfluenceSpace -SpaceKey "space_id" raises exception:

ConvertFrom-Json : Invalid JSON primitive: .
At C:\Program Files\WindowsPowerShell\Modules\ConfluencePS\2.5.0\ConfluencePS.psm1:1048 char:37
+ ... $response = ConvertFrom-Json ([Text.Encoding]::UTF8.GetString($webRes ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   + CategoryInfo          : NotSpecified: (:) [ConvertFrom-Json], ArgumentException
   + FullyQualifiedErrorId : System.ArgumentException,Microsoft.PowerShell.Commands.ConvertFromJsonCommand

The actual issue appears in ConfluencePs.psm1 Line 982. The Invoke-Webrequest delivers in $webResponse.Content:

<html>
	<head>          
	</head>
        <body onload="document.forms[0].submit()">            
		<noscript><p>                
			<strong>Note:</strong> **Your browser does not support JavaScript,                
				Press Continue to proceed...** </p>            
		</noscript>            
		<form method="POST" action="https://sts.company.com/adfs/ls/?RedirectToIdentityProvider=http://sts.company.com/adfs/services/trust"> 
               		<div>                   
				<input type="hidden" name="SAMLRequest" value="PHNhbWxwOkF1dGhuUmVxdWVzdCB4bWx[...]1ZXN0Pg=="/>
			</div>
			<noscript>
				<div>
					<input type="submit" value="Continue"/>
				</div>
			</noscript>
		</form>
	</body>
</html>

^^
Your browser does not support JavaScript,
Press Continue to proceed...

This is because PowerShell doesn't run the JaveScript Code on the Server. Thats very likely the reason why the re-direction does not work.

Steps To Reproduce

Use ConfluenceWiki Server with ADFS Authentification

Run: Get-ConfluenceSpace
Exception: ConvertFrom-Json : Invalid JSON primitive: (see above or Picture)

Expected behavior

Detection if ADFS used and support the occuring re-direct

Screenshots

*: https://sts.company.com is the internet-facing ADFS proxy

Your Environment

ConfluencePS: 2.5.0
PSVersion: 5.1.14409.1018
Confluence Server: 6.13.4

Possible Solution

Thanks

Answer 1 · 2019-06-04T16:50:04.000Z

If you Need more Information or more detailed logs, please me know. I'd like to help where I can.

Answer 2 · 2019-06-04T16:55:02.000Z

Can you try with an API token?

https://atlassianps.org/docs/JiraPS/about/authentication.html#api-token

Answer 3 · 2019-06-04T17:04:27.000Z

Can you try with an API token?
https://atlassianps.org/docs/JiraPS/about/authentication.html#api-token

I already had this in mind, but I thought this is only available for Jira(PS). But I can give it a try.

Just for my understanding, is it requried to Install JiraPS in parallel to ConfluencePS to use API token? Or does ConfluencePS supports that by it self?

Answer 4 · 2019-06-04T18:22:24.000Z

You don't need to install both modules.
I just didn't write the help for confluencePS yet

Answer 5 · 2019-06-12T07:27:14.000Z

Did it work?
Please update this issue. If not, I will close it next week

Answer 6 · 2021-06-18T18:02:29.000Z

@cwanized -> did you manage to get it working? I unfortunately didn't

Answer 7 · 2021-11-24T16:48:40.000Z

I did not have any luck with e-mail address & personal access token. All Get-ConfluencePage operations return 404. I'm not sure where to change the module to send Authorization: Bearer .

Answer 8 · 2021-12-10T13:23:44.000Z

I did not have any luck with e-mail address & personal access token. All Get-ConfluencePage operations return 404. I'm not sure where to change the module to send Authorization: Bearer .

The same problem with me
I've tried and it didn't work but this worked:
curl -H "Authorization: Bearer <mytoken>" https://wiki.company.com/rest/api/content

so the issue on ConfluencePs side

Answer 9 · 2021-12-10T14:53:59.000Z

I've figured out how to fix it with PAT and Bearer auth usage (there's no support for that in ConfluencePS)
I'm gonna make PR this weekend

Answer 10 · 2022-02-02T08:26:03.000Z

@cwanized -> did you manage to get it working? I unfortunately didn't

Sorry no luck o far and sorry for the late reply

Answer 11 · 2022-02-02T10:33:18.000Z

I've figured out how to fix it with PAT and Bearer auth usage (there's no support for that in ConfluencePS) I'm gonna make PR this weekend

@esterity
I just tried your branch, but I still got the same behavior. Did you manage to resolve the issue? Do you proceed with your branch?

Thanks

Answer 12 · 2022-02-03T09:38:35.000Z

Hi, it appeared to be more complex than I thought at first so I gave up for a while

Answer 13 · 2022-02-09T10:27:14.000Z

Hi, it appeared to be more complex than I thought at first so I gave up for a while

Thanks for the reply

yeah, i'm stuck there too :)

Answer 14 · 2022-09-28T20:32:09.000Z

did you managed to get it to work ?

Answer 15 · 2022-09-29T04:59:06.000Z

Hi, have a look on commit esterity@7e84001