public/Get-VPASSpecificAuthenticationMethod.ps1
|
<#
.Synopsis GET SPECIFIC AUTHENTICATION METHOD CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com .DESCRIPTION USE THIS FUNCTION TO GET SPECIFIC AUTHENTICATION METHOD INTO CYBERARK .LINK https://vpasmodule.com/commands/Get-VPASSpecificAuthenticationMethod .PARAMETER token HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc). If -token is not passed, function will use last known hashtable generated by New-VPASToken .PARAMETER AuthMethodSearch Search string to find the target AuthenticationMethod .PARAMETER AuthMethodID Unique ID that maps to the target AuthenticationMethod Supply AuthMethodID to skip any querying for target AuthenticationMethod .PARAMETER InputParameters HashTable of values containing the parameters required to make the API call .EXAMPLE $AuthenticationMethodJSON = Get-VPASSpecificAuthenticationMethod -AuthMethodSearch {SEARCH QUERY VALUE} .EXAMPLE $AuthenticationMethodJSON = Get-VPASSpecificAuthenticationMethod -AuthMethodID {AUTH METHOD ID VALUE} .EXAMPLE $InputParameters = @{ AuthMethodSearch = "TargetAuthSearchQuery" } $AuthenticationMethodJSON = Get-VPASSpecificAuthenticationMethod -InputParameters $InputParameters .EXAMPLE $InputParameters = @{ AuthMethodID = "TargetAuthID" } $AuthenticationMethodJSON = Get-VPASSpecificAuthenticationMethod -InputParameters $InputParameters .OUTPUTS If successful: { "id": "radius", "displayName": "vpasradius", "enabled": false, "logoffUrl": "", "secondFactorAuth": null, "signInLabel": "", "usernameFieldLabel": "NewUserbox", "passwordFieldLabel": "NewPassbox" } --- $false if failed #> function Get-VPASSpecificAuthenticationMethod{ [OutputType('System.Object',[bool])] [CmdletBinding(DefaultParameterSetName='Set1')] Param( [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Searchquery to find the target authentication method (for example: saml)")] [String]$AuthMethodSearch, [Parameter(Mandatory=$true,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true,HelpMessage="Unique AuthMethodID of the target authentication method (for example: samlv3)")] [String]$AuthMethodID, [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")] [hashtable]$InputParameters, [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] [hashtable]$token ) Begin{ $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token $CommandName = $MyInvocation.MyCommand.Name $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND } Process{ try{ if($PSCmdlet.ParameterSetName -eq "InputParameters"){ $KeyHash = @{ set1 = @{ AcceptableKeys = @("AuthMethodSearch") MandatoryKeys = @("AuthMethodSearch") } set2 = @{ AcceptableKeys = @("AuthMethodID") MandatoryKeys = @("AuthMethodID") } } $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash if(!$CheckSet){ $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC Write-Verbose "FAILED TO FIND TARGET PARAMETER SET" Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E $examples = Write-VPASExampleHelper -CommandName $CommandName return $false } else{ foreach($key in $InputParameters.Keys){ Set-Variable -Name $key -Value $InputParameters.$key } } } }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "FAILED TO RETRIEVE AUTHENTICATION METHOD DETAILS" Write-VPASOutput -str $_ -type E return $false } try{ if([String]::IsNullOrEmpty($AuthMethodID)){ Write-Verbose "NO AUTH METHOD ID PROVIDED...INVOKING HELPER FUNCTION TO RETRIEVE UNIQUE AUTH METHOD ID BASED ON SPECIFIED PARAMETERS" $AuthMethodID = Get-VPASAuthenticationMethodIDHelper -token $token -AuthenticationMethodSearch $AuthMethodSearch Write-Verbose "RETURNING AUTH METHOD ID" } else{ Write-Verbose "AUTH METHOD ID SUPPLIED, SKIPPING HELPER FUNCTION" } if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA/passwordvault/api/Configuration/AuthenticationMethods/$AuthMethodID/" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA/passwordvault/api/Configuration/AuthenticationMethods/$AuthMethodID/" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD write-verbose "MAKING API CALL TO CYBERARK" if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } $outputlog = $response $log = Write-VPASTextRecorder -inputval $outputlog -token $token -LogType RETURN Write-Verbose "RETURNING JSON OBJECT" return $response }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "UNABLE TO GET AUTHENTICATION METHODS" Write-VPASOutput -str $_ -type E return $false } } End{ $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER } } |