Public/Test-O365Jwt.ps1
|
Function Test-O365Jwt { Param ( # [Parameter(Mandatory)] [String] $JwtToken, # [Parameter()] [String] $Location = (Join-Path $HOME ".psdtx") ) try{ $JwtDecoded = Get-O365JwtPayload -JwtToken $JwtToken $IssuedAt = (New-Object -Type DateTime -ArgumentList 1970, 1, 1, 0, 0, 0, 0).AddSeconds($JwtDecoded.iat) $Exp = (New-Object -Type DateTime -ArgumentList 1970, 1, 1, 0, 0, 0, 0).AddSeconds($JwtDecoded.exp) Write-Verbose "O365 Token issued at: $IssuedAt" Write-Verbose "O365 Token expires at: $Exp" Write-Verbose "O365 Token Username: $($JwtDecoded.unique_name)" Write-Verbose "Azure App: $($JwtDecoded.app_displayname)" if($JwtDecoded.aud -ne "https://graph.microsoft.com"){ throw "Not a valid Microsoft Graph Token!" } if([datetime]::UtcNow -gt $Exp){ throw "Token expired at $Exp" } Write-Output $true }catch{ $PSItem throw "Not a valid O365 Token" } } |