rest patch api failing

[wayne-jfl]

Hi Zach,

Would you have any insights on this?
Seems we have got further once more...

But now run into these errors...

ERROR: You cannot call a method on a null-valued expression.
At line:192 char:1
+ $cacheItem = $cache.ReadItems()
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

ERROR: Cannot index into a null array.
At line:193 char:1
+ $accessToken=($cacheItem | Where-Object { $_.Resource -eq "https://ma ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : NullArray

ERROR: Invoke-RestMethod : {"error":{"code":"AuthenticationFailedMissingToken","message":"Authentication failed. The 
'Authorization' header is missing the access token."}}
At line:199 char:1
+ Invoke-RestMethod -Uri $url -Headers $headerParams -Method Patch -Con ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], 
WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

Any help is always greatly appreciated!

Kind regards

[wayne-jfl]

Hi Zach,

I have it working! :)

I have some edits for the code, and would appreciate your feedback:

param(
    [string] $LEserver,
    [string] $domain,
    [string] $contact,
    [string] $dnsProvider,
    [string] $dnsApiId,
    [string] $dnsApiSecret,
    [string] $externalAccess,
    [string] $TenantID,
    [string] $ApplicationID,
    [string] $CertificateThumbprint,
    [string] $Thumbprint,
    [string] $ServicePrincipalID
)
# Pull from Automation variables if not passed through
If(-not $LEserver) {$LEserver = Get-AutomationVariable -Name 'LEserver'}
If(-not $domain) {$domain = Get-AutomationVariable -Name 'domain'}
If(-not $contact) {$contact = Get-AutomationVariable -Name 'contact'}
If(-not $dnsProvider) {$dnsProvider = Get-AutomationVariable -Name 'dnsProvider'}
If(-not $dnsApiId) {$dnsApiId = Get-AutomationVariable -Name 'dnsApiId'}
If(-not $dnsApiSecret) {$dnsApiSecret = Get-AutomationVariable -Name 'dnsApiSecret'}
If(-not $externalAccess) {$externalAccess = Get-AutomationVariable -Name 'externalAccess'}
If(-not $TenantID) {$TenantID = Get-AutomationVariable -Name 'TenantID'}
If(-not $ApplicationID) {$ApplicationID = Get-AutomationVariable -Name 'ApplicationID'}
If(-not $CertificateThumbprint) {$CertificateThumbprint = Get-AutomationVariable -Name 'CertificateThumbprint'}
If(-not $Thumbprint) {$Thumbprint = Get-AutomationVariable -Name 'Thumbprint'}
If(-not $ServicePrincipalID) {$ServicePrincipalID = Get-AutomationVariable -Name 'ServicePrincipalID'}

{
    $LogonAttempt++
    # Logging in to Azure...
$connectionResult = Connect-AzAccount -ServicePrincipal -Tenant $connection.TenantID -ApplicationID $connection.ApplicationID -CertificateThumbprint $connection.CertificateThumbprint
#
#    If($azModuleInstalled) {
#        $connectionResult = Connect-AzAccount -ServicePrincipal -Tenant $connection.TenantID -ApplicationID $connection.ApplicationID -CertificateThumbprint $connection.CertificateThumbprint
#    } else {
#        $connectionResult = Connect-AzureRmAccount -ServicePrincipal -Tenant $connection.TenantID -ApplicationID $connection.ApplicationID -CertificateThumbprint $connection.CertificateThumbprint
#    }
    Start-Sleep -Seconds 30
}

#{
#    $LogonAttempt++
#    # Logging in to Azure...
#    If($azModuleInstalled) {
#        #$connectionResult = Set-AzContext -Subscription "xxxxxx-xxxxx-xxxxx"
#        #$connectionResult = Connect-AzAccount -ServicePrincipal $connection.ServicePrincipalID -Tenant $connection.TenantID -ApplicationID $connection.ApplicationID -CertificateThumbprint $connection.CertificateThumbprint
#        $connectionResult = Connect-AzAccount -CertificateThumbprint $Thumbprint -ApplicationId $ApplicationId -Tenant $TenantId -ServicePrincipal
#    } else {
#        $connectionResult = Connect-AzureRmAccount -ServicePrincipal $connection.ServicePrincipalID -Tenant $connection.TenantID -ApplicationID $connection.ApplicationID -CertificateThumbprint $connection.CertificateThumbprint
#    }
#    Start-Sleep -Seconds 30
#}


Write-Output $json

# Get Azure context and bearer token.

 function getBearer([string]$TenantID, [string]$ClientID, [string]$ClientSecret)
{
  $TokenEndpoint = {https://login.windows.net/{0}/oauth2/token} -f $TenantID 
  $ARMResource = "https://management.core.windows.net/";

  $Body = @{
          'resource'= $ARMResource
          'client_id' = $ClientID
          'grant_type' = 'client_credentials'
          'client_secret' = $ClientSecret
  }

  $params = @{
      ContentType = 'application/x-www-form-urlencoded'
      Headers = @{'accept'='application/json'}
      Body = $Body
      Method = 'Post'
      URI = $TokenEndpoint
  }

  $accessToken = Invoke-RestMethod @params

  Return "Bearer " + ($accessToken.access_token).ToString()
}

$ClientID   = "xxxxxxxxxxxxxxx" 
$ClientSecret   = "xxxxxxxxx" 
$accessToken = getBearer "TENANTID or $TenantID" $ClientID $ClientSecret


If($azModuleInstalled) {
    $context = Get-AzContext
} else {
    $context = Get-AzureRMContext
}
#$cache = $context.TokenCache
#$cacheItem = $cache.ReadItems()
#$accessToken=($cacheItem | Where-Object { $_.Resource -eq "https://management.core.windows.net/" })[0].AccessToken



# Initiate REST PATCH with new certificate information
$url = "https://management.azure.com" + $aaddsResource.ResourceId + "?api-version=2020-01-01" #USE API APPLICABLE TO YOUR RESOURCES!
$headerParams = @{"Authorization" = "$accessToken"}
Invoke-RestMethod -Uri $url -Headers $headerParams -Method Patch -ContentType 'application/json' -Body $json

Kind Regards

[zchoate]

Thanks for the feedback. I'm happy to review any pull requests and merge into the main branch. Otherwise I'll take a look at this when I get a chance and make any changes needed. It will take some time as I've got some other competing priorities.