evergreen icon indicating copy to clipboard operation
evergreen copied to clipboard

Published 20 hours ago verified publisher icon aaronparker

[Bug]: API request by Powershell returns 403

Open ricoroodenburg opened this issue 1 year ago • 3 comments

What happened?

Invoke-RestMethod -Uri "https://evergreen-api.stealthpuppy.com/app/omnissahorizonclient" -Method Get

Invoke-RestMethod : The remote server returned an error: (403) Forbidden. At line:1 char:1

  • Invoke-RestMethod -Uri "https://evergreen-api.stealthpuppy.com/app/om ...
  •   + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebExc
 eption
  + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

Version

API

What PowerShell edition/s are you running Evergreen on?

Windows PowerShell

Which operating system/s are you running Evergreen on?

Windows 10+, Windows Server 2016+

Have you reviewed the documentation?

  • [ ] Troubleshooting at: https://stealthpuppy.com/evergreen/troubleshoot/
  • [ ] Known issues at: https://stealthpuppy.com/evergreen/issues/

Verbose output

VERBOSE: GET with 0-byte payload
Invoke-RestMethod : The remote server returned an error: (403) Forbidden.
At line:1 char:1
+ Invoke-RestMethod -Uri "https://evergreen-api.stealthpuppy.com/app/om ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebExc
   eption
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

ricoroodenburg avatar Aug 02 '24 09:08 ricoroodenburg

I think this issue is releated to https://github.com/aaronparker/evergreen/issues/660

ricoroodenburg avatar Aug 02 '24 09:08 ricoroodenburg

The API is currently being abused (in the range of 300,000-400,000 requests per day) by some type of script, so I've blocked the default PowerShell user agent to prevent the requests from hitting the API.

You can use Get-EvergreenAppFromApi or specify a custom user agent in your call to the API. If you use a custom user agent, please ensure it's something unique so that I can identify in the logs if I need to add more filtering in the future.

#660 is a slightly different issue that seems to affect calls from within Azure only.

aaronparker avatar Aug 02 '24 23:08 aaronparker

The API is currently being abused (in the range of 300,000-400,000 requests per day) by some type of script, so I've blocked the default PowerShell user agent to prevent the requests from hitting the API.

You can use Get-EvergreenAppFromApi or specify a custom user agent in your call to the API. If you use a custom user agent, please ensure it's something unique so that I can identify in the logs if I need to add more filtering in the future.

#660 is a slightly different issue that seems to affect calls from within Azure only.

Ah that's terrible. I hope it wasn't me :). We only use it once a month for our lifecycle change.

I have changed the UserAgent to something unique with this Issue ID, it is working now. Please check your backend if you can see requests from my end. Thanks!!

ricoroodenburg avatar Aug 03 '24 12:08 ricoroodenburg