Auth/Renew-BcAuthContext.ps1

<#
 .Synopsis
  Function for refreshing a Business Central Authorization Context
 .Description
  Function for refreshing a Business Central Authorization Context
  If AccessToken is about to expire or has expired, refresh it
  If authentication was obtained using client_credentials flow, then Renew-BcAuthContext with authenticate using the same client credentials (ClientID+ClientSecret)
  If authentication was obtained using password, refresh_token or devicecode, then the refresh token in the auth context will be used to refresh the access token
 .Parameter bcAuthContext
  Authorization Context obtained by New-BcAuthContext.
 .Parameter minValidityPeriodInSeconds
  If the access token has a validity period lower than this number of seconds, trigger a refresh
 .Example
  $authContext = New-BcAuthContext -includeDeviceLogin
  # do a lot of work
  $authContext = Renew-BcAuthContext -bcAuthContext $authContext
  # do more work
#>

function Renew-BcAuthContext {
    Param(
        $bcAuthContext,
        [int] $minValidityPeriodInSeconds = 300,
        [switch] $silent
    )

$telemetryScope = InitTelemetryScope -name $MyInvocation.InvocationName -parameterValues $PSBoundParameters -includeParameters @()
try {

    Test-BcAuthContext -bcAuthContext $bcAuthContext

    if ($bcAuthContext.UtcExpiresOn.Subtract([DateTime]::UtcNow).TotalSeconds -ge $minValidityPeriodInSeconds) {
        $bcAuthContext
    }
    else {
        if ($bcAuthContext.ContainsKey('clientAssertion') -and "$ENV:ACTIONS_ID_TOKEN_REQUEST_TOKEN" -ne "" -and "$ENV:ACTIONS_ID_TOKEN_REQUEST_URL" -ne "") {
            Write-Host "Renew federated token"
            $result = Invoke-RestMethod -Method GET -UseBasicParsing -Headers @{ "Authorization" = "bearer $ENV:ACTIONS_ID_TOKEN_REQUEST_TOKEN"; "Accept" = "application/vnd.github+json" } -Uri "$ENV:ACTIONS_ID_TOKEN_REQUEST_URL&audience=api://AzureADTokenExchange"
            $bcauthContext.clientAssertion = $result.value
        }
        New-BcAuthContext `
            -clientID $bcAuthContext.clientID `
            -tenantID $bcAuthContext.tenantID `
            -authority $bcAuthContext.authority `
            -refreshToken $bcAuthContext.RefreshToken `
            -Scopes $bcAuthContext.Scopes `
            -clientSecret $bcAuthContext.clientSecret `
            -clientAssertion $bcAuthContext.clientAssertion `
            -credential $bcAuthContext.Credential `
            -includeDeviceLogin:$bcAuthContext.includeDeviceLogin `
            -deviceLoginTimeout $bcAuthContext.deviceLoginTimeout `
            -silent:$silent
    }
}
catch {
    TrackException -telemetryScope $telemetryScope -errorRecord $_
    throw
}
finally {
    TrackTrace -telemetryScope $telemetryScope
}
}
Export-ModuleMember -Function Renew-BcAuthContext