I will create a JWT token and place it in the header of the GET request to authenticate my tenant. Then I use
Invoke-RestMethod -Uri "https://graph.microsoft.com/beta/deviceManagement/deviceHealthScripts" -Method GET -Headers $headers -ContentType 'application/json' -ErrorAction "continue"
This retrieves a proactive remediation script object. Just that I have no idea what format the actual code is. I should be looking at my PowerShell script but nope, just a lot of random characters. This is part of the JSON file.
"detectionScriptContent": "JGVudmlyb25lbW50YWxSZWdwYXRoID0gJ1JlZ2lzdHJ5OjpIS0VZX0xPQ0FMX01BQ0hJTkVcU3lzdGVtXEN1cnJlbnRDb250cm9sU2V0XENvbnRyb2xcU2Vzc2lvbiBNYW5hZ2VyXEVudmlyb25tZW50Jw0KDQokZGVzaXJlZFByb3BlcnR5ID0gIkFSQ0dJU19MSUNFTlNFX0ZJTEUiDQokdmFsID0gIjI3MDA5QGF6ci1saWMtMDEiDQoNCiMgJGRlc2lyZWRQcm9wZXJ0eSA9ICJUTVAiDQojICR2YWwgPSAiQzpcV0lORE9XU1xURU1QIg0KDQoNCiMgVGVzdC1QYXRoIC1QYXRoICdIS0xNOlxTeXN0ZW1cQ3VycmVudENvbnRyb2xTZXRcQ29udHJvbFxTZXNzaW9uIE1hbmFnZXJcRW52aXJvbm1lbnRcUGF0aCcNCiRkZXNpcmVkUHJvcGVydHlFeGlzdHMgPSAoJG51bGwgLW5lIChHZXQtSXRlbVByb3BlcnR5IC1QYXRoICRlbnZpcm9uZW1udGFsUmVncGF0aCAtTmFtZSAkZGVzaXJlZFByb3BlcnR5IC1FcnJvckFjdGlvbiBTaWxlbnRseUNvbnRpbnVlKSkNCg0KV3JpdGUtT3V0cHV0ICRkZXNpcmVkUHJvcGVydHlFeGlzdHMNCg0KaWYoJGRlc2lyZWRQcm9wZXJ0eUV4aXN0cyl7DQoNCiAgICBXcml0ZS1PdXRwdXQgIkRldGVjdGVkIFByb3BlcnR5ICRkZXNpcmVkUHJvcGVydHkgZXhpc3RzLiINCg0KfWVsc2V7IFdyaXRlLU91dHB1dCAiJGRlc2lyZWRQcm9wZXJ0eSBkb2VzIG5vdCBleGlzdC4gRXhpdCAxIjsgZXhpdCAxIH0NCg0KJGRlc2lyZWRQcm9wZXJ0eVZhbHVlID0gR2V0LUl0ZW1Qcm9wZXJ0eVZhbHVlIC1QYXRoICRlbnZpcm9uZW1udGFsUmVncGF0aCAtTmFtZSAkZGVzaXJlZFByb3BlcnR5IC1FcnJvckFjdGlvbiBTaWxlbnRseUNvbnRpbnVlDQoNCmlmKCRkZXNpcmVkUHJvcGVydHlWYWx1ZSAtZXEgJHZhbCl7DQoNCiAgICBXcml0ZS1PdXRwdXQgIiRkZXNpcmVkUHJvcGVydHkgdmFsdWUgbWF0Y2hlcyAkdmFsLiBFeGl0IDAiOyBFeGl0IDA7DQoNCn1lbHNleyBXcml0ZS1PdXRwdXQgIiRkZXNpcmVkUHJvcGVydHkgdmFsdWUgRE9FUyBOT1QgbWF0Y2hlcyAkdmFsLiBFeGl0IDEiOyBFeGl0IDE7IH0NCg==",
"remediationScriptContent": "DQoNCiRlbnZpcm9uZW1udGFsUmVncGF0aCA9ICdIS0xNOlxTeXN0ZW1cQ3VycmVudENvbnRyb2xTZXRcQ29udHJvbFxTZXNzaW9uIE1hbmFnZXJcRW52aXJvbm1lbnQnDQoNCiRkZXNpcmVkUHJvcGVydHkgPSAiQVJDR0lTX0xJQ0VOU0VfRklMRSINCiR2YWwgPSAiMjcwMDlAYXpyLWxpYy0wMSINCg0KDQpmdW5jdGlvbiBjcmVhdGVSZWdpc3RyeVByb3BlcnR5ew0KDQogICAgJGcgPSBHZXQtSXRlbVByb3BlcnR5IC1QYXRoICRlbnZpcm9uZW1udGFsUmVncGF0aCAtTmFtZSAkZGVzaXJlZFByb3BlcnR5IC1FcnJvckFjdGlvbiBTaWxlbnRseUNvbnRpbnVlDQoNCiAgICBpZigkZyAtZXEgJG51bGwpew0KICAgICAgICBOZXctSXRlbVByb3BlcnR5IC1QYXRoICRlbnZpcm9uZW1udGFsUmVncGF0aCAtTmFtZSAkZGVzaXJlZFByb3BlcnR5IC1WYWx1ZSAkdmFsIC1FcnJvckFjdGlvbiBTaWxlbnRseUNvbnRpbnVlIHwgb3V0LW51bGwNCiAgICB9ZWxzZXsNCiAgICAgICAgU2V0LUl0ZW1Qcm9wZXJ0eSAtUGF0aCAkZW52aXJvbmVtbnRhbFJlZ3BhdGggLU5hbWUgJGRlc2lyZWRQcm9wZXJ0eSAtVmFsdWUgJHZhbCAtRXJyb3JBY3Rpb24gU2lsZW50bHlDb250aW51ZSB8IG91dC1udWxsDQogICAgfQ0KfQ0KDQpmdW5jdGlvbiBSZWdpc3RyeUl0ZW1QYXNzZXN7DQogICAgJHJlZ1Byb3BlcnR5T2JqZWN0ID0gR2V0LUl0ZW1Qcm9wZXJ0eSAtUGF0aCAkZW52aXJvbmVtbnRhbFJlZ3BhdGggLU5hbWUgJGRlc2lyZWRQcm9wZXJ0eSAtRXJyb3JBY3Rpb24gU2lsZW50bHlDb250aW51ZQ0KICAgICRwcm9wRXhpc3RzID0gKCRudWxsIC1uZSAkcmVnUHJvcGVydHlPYmplY3QpDQoNCiAgICBpZigkcHJvcEV4aXN0cyAtZXEgJHRydWUpew0KDQogICAgICAgICRwcm9wVmFsdWUgPSBHZXQtSXRlbVByb3BlcnR5VmFsdWUgLVBhdGggJGVudmlyb25lbW50YWxSZWdwYXRoIC1OYW1lICRkZXNpcmVkUHJvcGVydHkgLUVycm9yQWN0aW9uIFNpbGVudGx5Q29udGludWUgDQogICAgICAgIA0KICAgICAgICByZXR1cm4gKCRwcm9wRXhpc3RzIC1hbmQgKCRwcm9wVmFsdWUgLWVxICR2YWwpKQ0KICAgIH0NCiAgICAjaWYgaXQgYnlwc3NlcyB0aGUgY29uZGl0aW9uYWwgc2NvcGUsIHRoZW4gcHJvcEV4aXN0cyBtdXN0IGJlIGZhbHNlLg0KICAgIHJldHVybiAkcHJvcEV4aXN0cw0KfQ0KDQppZigoUmVnaXN0cnlJdGVtUGFzc2VzKSAtZXEgJGZhbHNlKXsNCg0KICAgIFdyaXRlLU91dHB1dCAiQ3JlYXRpbmcgdGhlIHByb3BlcnR5ICRkZXNpcmVkUHJvcGVydHkiDQogICAgY3JlYXRlUmVnaXN0cnlQcm9wZXJ0eQ0KfQ0KDQppZihSZWdpc3RyeUl0ZW1QYXNzZXMpew0KICAgIA0KICAgIFdyaXRlLU91dHB1dCAiUmVnaXN0ZXkgaXRlbSBhbiB2YWx1ZSBjaGVja3Mgb3V0LiBFeGl0IDAiOyBFeGl0IDA7DQoNCn1lbHNleyBXcml0ZS1PdXRwdXQgIlNvbWV0aGluZyB3ZW50IHdyb25nLkV4aXQgMSI7IGV4aXQgMTsgfQ0KDQoNCg==",
Microsoft Docs say its binary but that's not the case https://docs.microsoft.com/en-us/graph/api/intune-devices-devicehealthscript-update?view=graph-rest-beta
CodePudding user response:
Your property values are Base64-encoded bytes representing UTF-8-encoded strings.
If a given string is composed of seemingly random characters consisting predominantly of digits and uppercase and lowercase letters, optionally followed by one or two
=
, there is a good chance that it represents Base64-encoded data.Base64 is capable of encoding any binary data (array of bytes), so there's no telling in the abstract what is being encoded:
- However, given that the names of the properties in your case contain "ScriptContent", it is reasonable to assume that text is being encoded.
- This then leaves the question what character encoding was used to create the binary data that was Base64-encoded. UTF-8 is a common character encoding, and it is indeed what was used in your case.
You can decode them (into plain-text .NET strings) as follows (using a simple sample input string):
$bytes = [Convert]::FromBase64String('SGkgdGhlcmUu')
[Text.Encoding]::Utf8.GetString($bytes) # -> 'Hi there.'
To encode:
$bytes = [Text.Encoding]::Utf8.GetBytes('Hi there.')
[Convert]::ToBase64String($bytes) # -> 'SGkgdGhlcmUu'