updated http error code

2025-05-29 01:45:43 -04:00
parent d8a2f64cd5
commit e3f48831ce
1 changed files with 36 additions and 18 deletions
--- a/StackMonkey.ps1
+++ b/StackMonkey.ps1
@@ -11,6 +11,10 @@
 # Listening port for HTTP UI
 $Port = 8082

+# Configurable endpoints
+$Global:DattoWebhookUrl = 'https://automate.svstools.ca/webhook/svsmspkit'
+
+
 # Define every task once here:
 #  Id        → checkbox HTML `id`
 #  Name      → URL path (`/Name`)
@@ -261,13 +265,17 @@ function Install-SVSMSP {
 function Handle-FetchSites {
    param($Context)

-    # 1) Read incoming JSON
-    $raw = (New-Object IO.StreamReader $Context.Request.InputStream).ReadToEnd()
+    # 1) Read incoming JSON (using block auto-disposes the reader)
+    using ($reader = [IO.StreamReader]::new($Context.Request.InputStream)) {
+        $raw = $reader.ReadToEnd()
+    }
+
    try {
        $pw = (ConvertFrom-Json $raw).password
+        if (-not $pw) { throw "Missing `password` field" }
    } catch {
        Write-LogHybrid "Invalid JSON in /getpw payload: $($_.Exception.Message)" "Error" "FetchSites"
-        returnRespondEmpty $Context
+        returnRespondEmpty $Context 400
        return
    }

@@ -275,17 +283,17 @@ function Handle-FetchSites {
    Write-LogHybrid "Calling webhook for Datto credentials…" "Info" "FetchSites"
    try {
        $hdr  = @{ "SVSMSPKit" = $pw }
-        $resp = Invoke-RestMethod -Uri "https://automate.svstools.ca/webhook/svsmspkit" `
-                 -Headers $hdr -Method Get
+        $resp = Invoke-RestMethod -Uri $Global:DattoWebhookUrl -Headers $hdr -Method GET

        # store for later RMM calls
        $Global:ApiUrl       = $resp.ApiUrl
        $Global:ApiKey       = $resp.ApiKey
        $Global:ApiSecretKey = $resp.ApiSecretKey
+
        Write-LogHybrid "Fetched and stored API credentials." "Success" "FetchSites"
    } catch {
        Write-LogHybrid "Webhook call failed: $($_.Exception.Message)" "Error" "FetchSites" -LogToEvent
-        returnRespondEmpty $Context
+        returnRespondEmpty $Context 403
        return
    }

@@ -295,16 +303,16 @@ function Handle-FetchSites {
        $securePublic = ConvertTo-SecureString 'public' -AsPlainText -Force
        $creds        = New-Object System.Management.Automation.PSCredential('public-client',$securePublic)
        $tokenResp    = Invoke-RestMethod `
-                         -Uri "$ApiUrl/auth/oauth/token" `
+                           -Uri "$Global:ApiUrl/auth/oauth/token" `
                           -Credential $creds `
                           -Method Post `
                           -ContentType 'application/x-www-form-urlencoded' `
-                         -Body "grant_type=password&username=$ApiKey&password=$ApiSecretKey"
+                           -Body "grant_type=password&username=$Global:ApiKey&password=$Global:ApiSecretKey"
        $token = $tokenResp.access_token
        Write-LogHybrid "OAuth token acquired." "Success" "FetchSites"
    } catch {
        Write-LogHybrid "OAuth request failed: $($_.Exception.Message)" "Error" "FetchSites"
-        returnRespondEmpty $Context
+        returnRespondEmpty $Context 500
        return
    }

@@ -312,17 +320,18 @@ function Handle-FetchSites {
    Write-LogHybrid "Fetching Datto RMM site list" "Info" "FetchSites"
    try {
        $hdr       = @{ Authorization = "Bearer $token" }
-        $sitesResp = Invoke-RestMethod -Uri "$ApiUrl/api/v2/account/sites" `
+        $sitesResp = Invoke-RestMethod -Uri "$Global:ApiUrl/api/v2/account/sites" `
                                       -Method Get `
                                       -Headers $hdr `
                                       -ContentType 'application/json'
+
        $siteList = $sitesResp.sites | ForEach-Object {
            [PSCustomObject]@{ Name = $_.name; UID = $_.uid }
        }
-        Write-LogHybrid "Site list retrieved (${siteList.Count} sites)." "Success" "FetchSites"
+        Write-LogHybrid "Site list retrieved ($($siteList.Count) sites)." "Success" "FetchSites"
    } catch {
        Write-LogHybrid "Failed to fetch site list: $($_.Exception.Message)" "Error" "FetchSites"
-        returnRespondEmpty $Context
+        returnRespondEmpty $Context 500
        return
    }

@@ -339,16 +348,25 @@ function Handle-FetchSites {

 # Helper function to consistently return an empty JSON array
 function returnRespondEmpty {
-    param($Context)
+    param(
+        [Parameter(Mandatory)][object]$Context,
+        [Parameter(Mandatory)][ValidateRange(100,599)][int]$StatusCode = 500
+    )
+    # Always return an empty JSON array body
    $empty = [Text.Encoding]::UTF8.GetBytes("[]")
-    $Context.Response.StatusCode      = 500
+
+    # Set the desired status code and headers
+    $Context.Response.StatusCode      = $StatusCode
    $Context.Response.ContentType     = 'application/json'
    $Context.Response.ContentLength64 = $empty.Length
+
+    # Write and close
    $Context.Response.OutputStream.Write($empty, 0, $empty.Length)
    $Context.Response.OutputStream.Close()
 }


+
 # On-boarding handlers
 function Handle-SetSVSPowerPlan {
    param($Context)