Private/PartnerActions/Get-SAMTokens.ps1
|
function Get-SAMTokens() { # Get current Azure context $AzContext = Get-AzContext # Check if we are already logged in to the partner tenant, if not, log in. if (!$AzContext -or $AzContext.Tenant.Id -ne $PartnerTenantId) { try { Write-Host "Please log in to Azure with your @jlhosting.dk account. A browser window has been opened." -ForegroundColor Yellow Connect-AzAccount -Tenant $PartnerTenantId -SubscriptionName $SubscriptionName -ErrorAction Stop | Out-Null } catch { throw "Failed to connect to Azure. Please make sure you have the Az module installed: $_" } } try { # Retreive all required values from Azure Key Vault $ApplicationId = Get-AzKeyVaultSecret -VaultName $KeyVaultName -Name "ApplicationId" -AsPlainText -ErrorAction Stop $ApplicationSecret = Get-AzKeyVaultSecret -VaultName $KeyVaultName -Name "ApplicationSecret" -AsPlainText -ErrorAction Stop $RefreshToken = Get-AzKeyVaultSecret -VaultName $KeyVaultName -Name "RefreshToken" -AsPlainText -ErrorAction Stop $ExchangeRefreshToken = Get-AzKeyVaultSecret -VaultName $KeyVaultName -Name "ExchangeRefreshToken" -AsPlainText -ErrorAction Stop $ApplicationCredential = (New-Object System.Management.Automation.PSCredential ($ApplicationId, (ConvertTo-SecureString $ApplicationSecret -AsPlainText -Force))) $ApplicationCertificate = New-Object -TypeName System.Security.Cryptography.X509Certificates.X509Certificate2 -ArgumentList ([Convert]::FromBase64String((Get-AzKeyVaultSecret -VaultName $KeyVaultName -Name "AppRegistration" -AsPlainText -ErrorAction Stop))), '', 'Exportable,MachineKeySet,PersistKeySet' } catch { throw "Failed to connect to Azure Key Vault and retreive secrets: $_" } # Return all values as a custom object return [PSCustomObject]@{ ApplicationId = $ApplicationId ApplicationSecret = $ApplicationSecret RefreshToken = $RefreshToken ExchangeRefreshToken = $ExchangeRefreshToken ApplicationCredential = $ApplicationCredential ApplicationCertificate = $ApplicationCertificate } } |