curl download with username and password in varible - linux

Hi I am writing a auto script in test.sh , attempting to download a file. It works fine when I use all hard code string. But it does not work with variables. Belong are my code example:
#!/bin/bash
USER="admin"
PWD="adminpass"
curl -v -k -u ${USER}:${PWD} ${NEXUS_URL}/${SP1}/60/${SP1}-60.zip --output ${SP1}-60.zip
Above code not working not able to download my file, but if I put it as :
curl -v -k -u "admin":"adminpass" ${NEXUS_URL}/${SP1}/60/${SP1}-60.zip
--output ${SP1}-60.zip
Then it works. So how do I get the variable credential working with this curl command?
Thanks

Option 1
The parameter expansion will not include the double quotes. You can use:
#!/bin/bash
USER='"'admin'"' #single quote, double quote, single quote
PASS='"'adminpass'"'
curl -v -k -u ${USER}:${PASS} ${NEXUS_URL}/${SP1}/60/${SP1}-60.zip
Option 2
Alternatively, you can create a .netrc file and use curl -n as follows:
Documentation from https://ec.haxx.se/usingcurl-netrc.html
Create .netrc containing the following and place it in your home directory.
machine http://something.com
login admin
password adminpass
Run the command
curl -n -k --output ${SP1}-60.zip
curl will automatically look for the .netrc file. You can also specify the file path with curl --netrc-file <netrc_file_path>

Related

wget alternative in curl

I am using wget on linux system like :
wget -r -nH --cut-dirs=3 --user="username" --password="password" --no-parent https://artifactory.company.com/nestetedlink1/nested_link2/directory_to_download -P home/user
Using this I get only files saved in the path no unwanted directory component from url: home/user/file_1, file_2
Is this possible to do the same functionality using curl command?
if I have to stick with WGET how to pass the api key I tried the below with --header='X-Auth-Token:, am I doing something wrong :
wget -r -nH --cut-dirs=3 --header='X-Auth-Token: <api_key>' --no-parent https://artifactory.company.com/nestetedlink1/nested_link2/directory_to_download -P home/user
How to insert api Key instead of username and password in wget?
wget --header='X-JFrog-Art-Api:api-key' https://artifactoryurl/filename.gz

Encrypting credentials

I am using curl - u user:password -X post method in shell script to trigger my Jenkins jobs externally. While using this method I am providing my credentials to access Jenkins.
Is there any way to hide or encrypt credentials.?
Curl with -u does not support encrypt username and password but you can do it in different way to hide username and password
Create an environment variable Use that on your curl command like below :
export USERNAME=""
export PASSWORD=""
after that
curl -u $USERNAME:$PASSWORD -X POST ...
Make use of .netrc file with curl command.
curl command option for .netrc file
-n, --netrc Must read .netrc for user name and password
--netrc-file <filename> Specify FILE for netrc
Steps to use .netrc
Create a .netrc file on your home directory (~) with content
machine jenkins.url
login username
password jenkinsTokenOrPassword
invoke curl command
curl -n -X POST ....
Note. If you don't want to keep your .netrc file on your home directory ~ , than place it somewhere else but make sure let curl know about the location like curl --netrc-file /path/to/.netrc -X POST ...

cURL not sending file data

I have a cURL call that I'm trying to use to send file data to a remote server.
curl -X POST -u username:password -d 'data=#/path/to/file.ext&version=2&action=Parse' http://fqdn.to.server.i.control/Parser.cgi
curl -X POST -u username:password -d 'data=#localFile.ext&version=2&action=Parse' http://fqdn.to.server.i.control/Parser.cgi
cat file.ext | curl -X POST -u username:password -d 'data=#-&version=2&action=Parse' http://fqdn.to.server.i.control/Parser.cgi
The file contents are URI encoded already. Using Perl and CGI on the server side.
My problem is that when the server tries to access that "data" line, value I have is only "file.ext" - the path is stripped out and the file's contents are not used ($cgi->param("data") is just "file.ext", "localFile.ext" or "-" respectively).
Any indication as to what I'm doing wrong?
#MattJacob was correct; my syntax was wrong. data=#... should have been #... and the data= portion should have been in the file. Boy am I thick.

How to Login to an application using cURL?

I need to login to an application using cURL and find out the time taken to login to an application using cURL command.
What I have tried so far is write a shell script
curl -k -X -s "http://username:passowrd#servername:portnumber" -w 'Lookup time:\t%{time_namelookup} s
Total time:\t%{time_total} s
' -o /dev/null
IS this correct way to do it?

Write to stdin which asks for password

I am working on a bash script to configure openldap and add ldif script with users and groups.
How can I write the password from the bash script ?
This is the script I run when it asks for password:
ldapadd -h localhost -D "cn=admin,dc=sysadmin1,dc=hioa,dc=no" -W -x -f /etc/ldap/base.ldif
EDIT:
I tried this and created a passwd.txt file with the password:
ldapadd -h localhost -D "cn=admin,dc=sysadmin1,dc=hioa,dc=no" -W -x -y'passwd.txt' -f /etc/ldap/base.ldif
But gets this error:
Warning: Password file passwd.txt is publicly readable/writeable
ldap_bind: Invalid credentials (49)
man ldapadd.
-W
Prompt for simple authentication. This is used instead of specifying the password on the command line.
-w passwd
Use passwd as the password for simple authentication.
-y passwdfile
Use complete contents of passwdfile as the password for simple authentication.
So seems you are looking for option of -w or -y, not -W
There're two possibilities:
ldapadd reads the password from the standard input.
ldapadd reads the password directly from the current TTY.
In the first case it's enough to use something like this echo 'MySecretPassword' | ldapadd -h localhost -D "cn=admin,dc=sysadmin1,dc=hioa,dc=no" -W -x -f /etc/ldap/base.ldif. The second one is more complicated because you need a tool like expect. Check if the simple redirection works first.

Resources