Functions/Connect-IA.ps1

Function Connect-IA {
    <#
        .SYNOPSIS
            This is used to connect to the Insight Analytics API.
        .DESCRIPTION
            This function is used to authenticate to the IA API. This will grant you a secure connection to run the different functions in the CTGlobal Insight Analytics Customer Powershell Module.
        .EXAMPLE
            $ConnectorId = "b6eabcb6-c164-40a0-a2af-4617a8fa06bf"
            Connect-IA -connectorId $ConnectorId -environment prod
    #>

    Param(
        #ConnectorId is used to authenticate with the backend and filter tenant
        [Alias("LicenseId")]
        [Parameter(Mandatory = $true)]
        $LicenseKey, 
        [Parameter(Mandatory = $false)]
        $certificate,
        [Parameter(Mandatory = $false)]
        [ValidateSet("prod", "dev", "local", "preview")]
        $environment = 'prod'
    ) 
    
    Try {
        $script:apiBaseUrl = "api.ctglobalservices.com"
        $scopes = @("api://c793f772-aa21-4e5e-bd12-5c34ad6d7804/.default")
        
        $tenantId = "558b59a5-e432-4d65-a2b1-ac3bf80649d8";
        $certificateName = "CN=CTGlobal IA Sync";

        switch ($environment) {
            "local" {
                $script:apiBaseUrl = "localhost:5001"
            }
            "dev" {
                #db227f04-b6ad-417e-b64a-5edc87ac9b7f
                $script:apiBaseUrl = "api-dev.ctglobalservices.com"
                $scopes = @("api://fd30ac5f-2e42-4b39-9ce9-4015cb69ec9b/.default")
            }
        }

        $clientId = $LicenseKey

        if ($null -eq $certificate) {

            Write-Output 'Authenticating...'
            $clientMSAL = New-Object -TypeName "IA.Standard.Library.Authentication.Clients.MSAL" -ArgumentList $tenantId, $null, $certificateName, $clientId, $scopes
            $clientMSAL.Connect().Wait()
            
            if($clientMSAL.AuthResult.AccessToken){
                Write-Output "Authentication successful, expires on: $($clientMsal.AuthResult.ExpiresOn.LocalDateTime)"
            } 
        }
        else {
            $clientMSAL = New-Object -TypeName "IA.Standard.Library.Authentication.Clients.MSAL" -ArgumentList $tenantId, $clientId, $scopes
            $clientMSAL.Connect($certificate).Wait()
    
        }
        
        $script:Headers = @{
            "Authorization" = "Bearer $($clientMSAL.AccessToken)"
        }
        $script:clientMSAL = $clientMSAL

        if($environment -eq "preview"){
                Set-IATenantHeader -TenantId "558d1d63-c264-45dc-b8bc-6441dd3926ac" #CTGlobal Dev Tenant
        }

    }
    catch {
        $currentError = $_

        if($currentError.Exception.InnerException.InnerExceptions -like '*Keyset does not exist*'){
            throw [System.AccessViolationException]::New('IA Sync Certificate Missing!', $currentError.Exception)
        }

        if ($currentError.Exception.InnerException.InnerExceptions) {
            throw "Error, Exceptions:`n$($currentError.Exception.InnerException.InnerExceptions)"
        }
        else {
            throw $_
        }
    }
}