Invalid anti-forgery token
Closed this issue · 2 comments
Control: 2020.13
Automate: 2020.11
I have had this issue for a while now.
Even the current git version throws
Invoke-ControlAPIMaster : An error has been thrown.
at Invoke-ControlAPIMaster<Process>, C:\Program
Files\WindowsPowerShell\Modules\AutomateAPI-git\Public\Invoke-ControlAPIMaster.ps1: line 92
at Connect-ControlAPI<End>, C:\Program Files\WindowsPowerShell\Modules\AutomateAPI-git\Public\Connect-ControlAPI.ps1:
line 231
at Connect-APIs, C:\Lokal\FixAutomateAgentsViaControl.ps1: line 7
at <ScriptBlock>, C:\Lokal\FixAutomateAgentsViaControl.ps1: line 10
at <ScriptBlock>, <No file>: line 1
-->
--> {"errorType":"UnauthorizedAccessException","message":"Invalid anti-forgery token","detail":null}
-----> Use 'Connect-ControlAPI' to set new authentication.
At C:\Program Files\WindowsPowerShell\Modules\AutomateAPI-git\Public\Connect-ControlAPI.ps1:231 char:41
+ ... Extension = Invoke-ControlAPIMaster -Arguments @{'URI' = "ReplicaServ ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Invoke-ControlAPIMaster
ConvertFrom-Json : Cannot bind argument to parameter 'InputObject' because it is null.
At C:\Program Files\WindowsPowerShell\Modules\AutomateAPI-git\Public\Invoke-ControlAPIMaster.ps1:171 char:46
+ $SCData=$(Try {$Result.Content | ConvertFrom-Json} Catch ...
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [ConvertFrom-Json], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,Microsoft.PowerShell.Commands.ConvertFrom
JsonCommand
Without commenting the regex out there's also a parsing error:
parsing "https?://[a-z0-9][a-z0-9\.\-]*(:[1-9][0-9]*)?(\/[a-z0-9\.\_\-\/]*)?$" - Unrecognized escape sequence \_.
At C:\Program Files\WindowsPowerShell\Modules\AutomateAPI-git\Public\Connect-ControlAPI.ps1:93 char:13
+ If (!($Server -match 'https?://[a-z0-9][a-z0-9\.\-]*(:[1-9][0 ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], ArgumentException
+ FullyQualifiedErrorId : System.ArgumentException
I committed an update to master to fix the regex error, please test again. If it fails, can you share the output from Connect-ControlAPI and also the full URL you use to access Control, with your server address removed?
I saw a similar error that resulted in an "Invalid anti-forgery token" error after a successful connection. In my case the issue was caused by Get-AutomateControlInfo cmdlet failing on line 99 of Compare-AutomateControlStatus.ps1 resulting in a "Forbidden" HTTP status message being returned by the Automate API.
I worked around this by forcing use of the internal monitor, which required dropping the If condition a few lines up on line 91:
If (!($ObjectRebuild.Count -le 15))