public/Get-VPASApplicationAuthentications.ps1
|
<#
.Synopsis GET APPLICATION ID AUTHENTICATION METHODS CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com .DESCRIPTION USE THIS FUNCTION TO GET ALL THE AUTHENTICATION METHODS FOR A SPECIFIED APPLICATION ID .LINK https://vpasmodule.com/commands/Get-VPASApplicationAuthentications .PARAMETER token HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc). If -token is not passed, function will use last known hashtable generated by New-VPASToken .PARAMETER AppID Unique ApplicationID (or Application Name) that will be used by the credential provider(s) to retrieve credentials .PARAMETER InputParameters HashTable of values containing the parameters required to make the API call .EXAMPLE $ApplicationAuthenticationsJSON = Get-VPASApplicationAuthentications -AppID {APPID VALUE} .EXAMPLE $InputParameters = @{ AppID = "TargetApplicationID" } $ApplicationAuthenticationsJSON = Get-VPASApplicationAuthentications -InputParameters $InputParameters .OUTPUTS If successful: { "authentication": [ { "AllowInternalScripts": null, "AppID": "VPasAppIDTest", "AuthType": "osUser", "AuthValue": "vman\\vmanda", "Comment": null, "IsFolder": null, "authID": "1" }, { "AllowInternalScripts": "False", "AppID": "VPasAppIDTest", "AuthType": "path", "AuthValue": "C:\\SomePath\\test.ps1", "Comment": null, "IsFolder": "False", "authID": "2" }, { "AllowInternalScripts": "True", "AppID": "VPasAppIDTest", "AuthType": "path", "AuthValue": "C:\\Folder", "Comment": null, "IsFolder": "True", "authID": "3" }, { "AllowInternalScripts": null, "AppID": "VPasAppIDTest", "AuthType": "hash", "AuthValue": "ABCDEFGHIJKLMNOPQRSTUVWXYZ", "Comment": null, "IsFolder": null, "authID": "4" }, { "AllowInternalScripts": null, "AppID": "VPasAppIDTest", "AuthType": "certificateSerialNumber", "AuthValue": "82736423493648927527405", "Comment": null, "IsFolder": null, "authID": "5" }, { "AllowInternalScripts": null, "AppID": "VPasAppIDTest", "AuthType": "machineAddress", "AuthValue": "1.1.1.1", "Comment": null, "IsFolder": null, "authID": "6" } ] } --- $false if failed #> function Get-VPASApplicationAuthentications{ [OutputType('System.Object',[bool])] [CmdletBinding(DefaultParameterSetName='Set1')] Param( [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter target ApplicaionID to query ApplicationID Authentications (for example: TestApplicaion1)")] [String]$AppID, [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")] [hashtable]$InputParameters, [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] [hashtable]$token ) Begin{ $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token $CommandName = $MyInvocation.MyCommand.Name $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND } Process{ try{ if($PSCmdlet.ParameterSetName -eq "InputParameters"){ $KeyHash = @{ set1 = @{ AcceptableKeys = @("AppID") MandatoryKeys = @("AppID") } } $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash if(!$CheckSet){ $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC Write-Verbose "FAILED TO FIND TARGET PARAMETER SET" Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E $examples = Write-VPASExampleHelper -CommandName $CommandName return $false } else{ foreach($key in $InputParameters.Keys){ Set-Variable -Name $key -Value $InputParameters.$key } } } }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "FAILED TO RETRIEVE APPLICATION AUTHENTICATION DETAILS" Write-VPASOutput -str $_ -type E return $false } try{ Write-Verbose "MAKING API CALL TO CYBERARK" if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA/PasswordVault/WebServices/PIMServices.svc/Applications/$AppID/Authentications" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA/PasswordVault/WebServices/PIMServices.svc/Applications/$AppID/Authentications" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURNARRAY Write-Verbose "PARSING DATA FROM CYBERARK" Write-Verbose "RETURNING APPLICATION AUTHENTICATION METHODS" return $response }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "UNABLE TO RETRIEVE APPLICATION AUTHENTICATION METHODS" Write-VPASOutput -str $_ -type E return $false } } End{ $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER } } |