Optimized.Mga

4.0.0

functions/Private/Authorization/Receive-MgaOauthToken.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
                                function Receive-MgaOauthToken {

    [CmdletBinding()]

    param (

        [string]

        $ApplicationID, 

        [string]

        $Tenant,

        [string]

        $Thumbprint, 

        [switch]

        $DeviceCode,

        $Certificate, 

        $ClientSecret,

        [string]

        $ManagedIdentity,

        [System.Net.ICredentials]

        $UserCredentials

    )

    try {

        $Script:MgaSession.Tenant = $Tenant

        $Script:MgaSession.ApplicationID = $ApplicationID

        if ($ClientSecret) {

            if ($clientsecret.gettype().name -ne 'securestring') {

                $Secret = $ClientSecret | ConvertTo-SecureString -AsPlainText -Force

            }

            else {

                $Secret = $ClientSecret

            }

            $Script:MgaSession.Secret = $Secret

            $TempPass = [PSCredential]::new('.', $Secret).GetNetworkCredential().Password

            if (!($Script:MgaSession.AccessToken) ) {

                Get-MgaMSALAccessToken -ApplicationID $ApplicationID -Tenant $Tenant -Secret $TempPass

            }

            else {

                Clear-MgaMSALAccessToken -ApplicationID $ApplicationID -Tenant $Tenant -ClientSecret $ClientSecret   

            }

        }

        elseif (($Certificate) -or ($Thumbprint)) {

            if ($Thumbprint) {

                $Certificate = Get-Item "Cert:\CurrentUser\My\$Thumbprint" -ErrorAction SilentlyContinue

                if ($null -eq $Certificate) {

                    $Certificate = Get-Item "Cert:\localMachine\My\$Thumbprint" -ErrorAction SilentlyContinue

                }

                if ($null -eq $Certificate) {

                    throw "No certificate found with thumbprint: $Thumbprint found... Exiting script..."

                }

            }

            $Script:MgaSession.Certificate = $Certificate

            if (!($Script:MgaSession.AccessToken) ) {

                Get-MgaMSALAccessToken -ApplicationID $ApplicationID -Tenant $Tenant -Certificate $Certificate

            }

            else {

                Clear-MgaMSALAccessToken -ApplicationID $ApplicationID -Tenant $Tenant -Certificate $Certificate   

            }

        }

        elseif ($ManagedIdentity) {

            if (!($Script:MgaSession.ManagedIdentity)) {

                Get-MgaIdentityAccessToken -ManagedIdentity $ManagedIdentity

            }

            else {

                Clear-MgaIdentityAccessToken -ManagedIdentity $ManagedIdentity

            }

        }

        elseif ($DeviceCode) {

            if (!($Script:MgaSession.DeviceCode)) {

                Get-MgaDeviceCodeAccessToken

            }

            else {

                Clear-MgaDeviceCodeAccessToken -Tenant $Tenant

            }

        }         

    }

    catch {

        throw $_

    }

}