BasicAuth fails when authentication profiles are active on ServiceNow
Saadi6 opened this issue · 2 comments
Environment
Operating System: Windows Server 2019
ServiceNow module version: 4.0.0
PowerShell version: 5.1
Steps to reproduce
Create active authentication profile for API account in SNow that includes Basic and at least one another type (https://docs.servicenow.com/bundle/utah-platform-security/page/integrate/authentication/task/create-authentication-profile.html).
Establish a new session from ServiceNow-powershell module that uses Basic auth and send a test query to ServiceNow.
Expected behavior
User is authenticated by ServiceNow and requested information is returned.
Actual behavior
ServiceNow returns '401 unauthorized' message.
More Info
This issue occurs because ServiceNow does not understand how the user is trying to authenticate. The reason for that is because the authorization HTTP header is missing word Basic before the concatenated username and password's Base64 representation.
I believe if PS credential object is passed to Invoke-WebRequest (which is what this module appears to do) then PowerShell 5.1 does not prepend word Basic in the authorization portion of the headers. However, if this module would instead create authorization header itself when Basic auth is used, then it can use the correct format.
Although this bug is actually due to PowerShell's behaviour, it can be addressed with a minor change in this module. It looks like appropriate authorization headers are being created by the module to use with Invoke-WebRequest when OAuth is used but not for Basic.