RESTful APIs in Power Shell Who am I

RESTful APIs in Power. Shell

Who am I? • Worked in Windows for 11 years • Worked with Power. Shell for 4 years • I work as Windows Automation Engineer at Rackspace • I build internal tools that make the jobs of the front line support techs easier Martin Howlett @Will. Code 4 Pizza

What we will cover • Introduction to APIs • Invoke-Rest. Method v. Invoke-Web. Request • Authentication • JSON • Examples • Chaining examples together • Security

Introduction

What is a restful API? • A structured web service that allows you retrieve data or perform actions easily Powershell (Invoke-Rest. Method) https: //www. quora. com/What-is-a-REST-API Web service Database

API’s everywhere! • Weather • Bing web search • Stack. Overflow • Currency. Layer • Calendar • Google Maps • Pay. Pal • Comic Vine • Spell check • URL shortener • Spotify • Minecraft • Train times • Meetup • Soundcloud • Pokéapi • Confluence • e. Bay • IBM Watson • Postcodes. io • Twitter • Dropbox • Wolfram Alpha • Nutritionix • Youtube • Buses • New Relic • An API of Ice And Fire • Jira • Amazon • Linked. In • Netflix Roulette • Slack • Rackspace • File. io • TFL • Word. Press • Facebook • Yelp • Wordnik • Instagram • Reddit • Robo. Hash • UK Police • Brewery. DB • Random. User • Wikipedia • Flikr https: //github. com/toddmotto/public-apis | http: //www. programmableweb. com/apis/directory

API verbs Verb Action Get Retrieve data Post New data / action Example Invoke-Rest. Method -Uri $uri -Method “Get” Invoke-Rest. Method –Uri $url –Method “Post” -Body $Json Delete Remove data Invoke-Rest. Method –Uri $url –Method “Delete” Put Update data Invoke-Rest. Method –Uri $url –Method “Put” -Body $Json

The Invokers

Invoke-Web. Request • Expects HTML as a response • Returns headers • Good for querying normal web pages

Invoke-Rest. Method • Expects JSON or XML as a response • Only returns data by default (no headers etc) • Good for querying RESTful APIs

Authentication

Authentication • Authentication allows: • Authorization • Tracking • Throttling • Authentication is done via an API key or token • You get tokens normally after signing up from the website portal • Tokens are typically a 32 character alpha numeric string

Authentication - Headers • Headers are created in hash tables • Most common headers are “X-Auth-Header” or “Authentication” • Examples APIs: • JIRA, Confluence, Rackspace Cloud, Twitter and Mailgun

Authentication - URL parameters • Simply chuck the token in as an URL parameter • Common in “simpler” APIs • Examples APIs: • Google URL shortener, Wolfram Alpha and Open. Weather. Map

JSON

JSON • JSON is a “human readable” language independent data format • Complex APIs will use JSON to send data • Most APIs will return JSON • Powershell 3+ natively to convert data to and from JSON

Convert. To / Convert. From examples

Conver. To-Json will fix your mistakes

The 2 problems with Convert. To-Json • Use –depth to make sure you convert your JSON “all the way down”

The 2 problems with Convert. To-Json • It will automatically convert special JSON characters <>'&

Examples!

Weather https: //github. com/willcodeforpizza/Posh. Weather

Google URL Shortener https: //gist. github. com/willcodeforpizza/56 f 776 c 31 b 56 f 5 c 322031 e 0 d 37 c 1 a 5 fa#file-googleurlshortener-psm 1

Spell Check • Uses the Microsoft cognitive API suite. • Same API Office online uses! https: //github. com/willcodeforpizza/Posh. Microsoft. Cognitive. Api

Ask Scripting Guy • Uses the Microsoft cognitive API suite - Bing search filtered to the Scripting Guy site • Automatically open first hit in Firefox https: //github. com/willcodeforpizza/Posh. Microsoft. Cognitive. Api

Mailgun • Removes dependency on a SMTP server • Useful for alerting or reports https: //github. com/willcodeforpizza/Posh. Mailgun

Slack • Real time alerting for more critical alerts • Even do real time script usage https: //github. com/willcodeforpizza/Posh. Slack

New Relic • Script tracking and usage • Error reporting

My. Twitter • For posting to Twitter • Uses OAuth 2 https: //github. com/My. Twitter

Wolfram Alpha • Query's a ‘computational knowledge engine” • More focused then a normal search engine https: //gist. github. com/willcodeforpizza/9 f 0 ed 4 a 641912 ceda 5 d 42 eeab 74129 e 3#file-get-wolframalphaquery-ps 1

Chaining examples

Chain together to link information • APIs are great by themselves to get data or automate updating a system • Most powerful when you start chaining them together • Use API 1 to feed into API 2 into API 3 etc…

Disk space report Check disk space on local server If space < 12% send email via Mailgun API https: //gist. github. com/willcodeforpizza/2 dc 839636 aa 2448 f 3 a 4 b 26 d 7 a 630 e 0 cc#file-disksizereportemailslack-ps 1 If space < 5% send message via Slack API

Disk space report https: //gist. github. com/willcodeforpizza/2 dc 839636 aa 2448 f 3 a 4 b 26 d 7 a 630 e 0 cc#file-disksizereportemailslack-ps 1

Get-Home. Time Get my next train via National Rail API Get the next bus after train arrives from bus API Get weather from Open Weather API to check rain If I’m late, email my better half via the Mailgun API

Get-Home. Time

Automated documentation Updates JIRA ticket Parse help and run spell check Parse help and shorten URLs Update wiki

Automated documentation

New-Employee Query HR system to get user details Create AD user Create in Office 365 Add to Salesforce Add to ticketing system Add to finance system Update profile on ticketing system

Security

Keep your keys secure! • Search KEY_ID on Github: https: //github. com/search? q=KEY_ID • Result on first page: • Uh-oh!

Storing API keys • Powershell & Windows password store • Powershell & Keepass module • Store as an encrypted string • Prompt the user DON’T EMBED THEM IN A SCRIPT!

Encrypting JSON strings https: //gist. github. com/willcodeforpizza/a 0 a 29 c 36 d 6 cef 18 b 1758 d 8754 c 2 ff 1 dc#file-encrypt-json-secrets

Rejected slides

Avoid herestrings • Harder to edit • Really difficult to dynamically add fields • More likely to make mistakes • Looks a mess with big strings