VMware API 400 error help

maxluong · ‎03-29-2022

We are using Groovy and httpRequest plugin to make these two requests. One of them does not work as expected.

1. This works fine:

def resReports = httpRequest url: "https://skyline.vmware.com/public/api/data",
ignoreSslErrors: true,
httpMode: 'POST',
contentType: 'APPLICATION_JSON',
acceptType: 'APPLICATION_JSON',
customHeaders: [[name: 'Authorization', value: "${workingToken}"]],
requestBody: "{\"query\":\"{ activeFindings( filter: {categoryName: SECURITY, severity: CRITICAL} limit: 20 ) { findings { findingId severity products findingDescription findingImpact recommendations totalAffectedObjectsCount } totalRecords timeTaken}}\"}"

2. This for some reason, does not work. The only thing changed was the requestBody, but I cannot find where the error lies since it follows this documented format very closely.

def resReports = httpRequest url: "https://skyline.vmware.com/public/api/data",
ignoreSslErrors: true,
httpMode: 'POST',
contentType: 'APPLICATION_JSON',
acceptType: 'APPLICATION_JSON',
customHeaders: [[name: 'Authorization', value: "${workingToken}"]],
requestBody: "{\"query\":\"{ activeFindings( filter: {findingId: \"vSphere-CVE-2020-3992-VMSA#202023\"} limit: 200 ) { findings { findingId products affectedObjects(start: 0, limit: 200) {sourceName objectName objectType version buildNumber solutionTags { type version } firstObserved} } totalRecords timeTaken}}\"}"

jjiang04 · ‎03-29-2022

I guess the Skyline API interprets the JSON query as

{"query":"{ activeFindings( filter: {findingId: "vSphere-CVE-2020-3992-VMSA#202023"} limit: 200 ) { findings { findingId products affectedObjects(start: 0, limit: 200) {sourceName objectName objectType version buildNumber solutionTags { type version } firstObserved} } totalRecords timeTaken}}"}

and

"{ activeFindings( filter: {findingId: " as the value of "query". Therefore the rest is invalid JSON. I believe this is a JSON parsing bug with the API.

All

VMware API 400 error help