gbrueckl.Toolbox

0.0.0.3

Public/AzureAuthentication.ps1

                                #requires -Version 3.0

function Get-AzureAuthentication

{

    [CmdletBinding()]

    param

    (

        [Parameter(Mandatory = $false, Position = 1)] [string] $TenantId = "common", 

        [Parameter(Mandatory = $true, Position = 2)] [string] $ClientId,

        [Parameter(ParameterSetName = "ServicePrincipal", Mandatory = $true, Position = 3)] [string] $ClientKey,

        [Parameter(ParameterSetName = "Basic", Mandatory = $true, Position = 3)] [string] $Username,

        [Parameter(ParameterSetName = "Basic", Mandatory = $true, Position = 3)] [string] $Password,

        [Parameter(Mandatory = $false)] [string] $Scope,

        [Parameter(Mandatory = $false)] [switch] $TokenOnly

    )

    $authUrl = "https://login.windows.net/$TenantID/oauth2/token/"

    if(-not $Scope)

    {

        $Scope = "$ClientId/.default"

    }

    $body = @{

        "client_id" = $ClientId

        "scope" = $Scope

    }

    switch ($PSCmdlet.ParameterSetName) 

    { 

        "ServicePrincipal" {

            $body["grant_type"] = "client_credentials"

            $body["client_secret"] = $ClientKey

        }

        "Basic" {

            $body["grant_type"] = "password"

            $body["username"] = $Username

            $body["password"] = $Password

        }

    }

    try

    {

        $response = Invoke-RestMethod -Uri $authUrl -Method Post -Body $body

    }

    catch { 

        Write-Output ([System.IO.StreamReader]$_.Exception.Response.GetResponseStream()).ReadToEnd() 

        Write-Error $_

    }

    if($TokenOnly)

    {

        return $response.access_token

    }

    else

    {

        return $response

    }

}

$clientId = '9e316e15-39aa-4027-a229-17498bb43b33'

$tenantId = '6a8611db-10e0-454c-be8e-68a7d768d450'

$clientKey = '2u8,:V1J$15rVb[D\W5qMi62'

<#

        #swagger

        $clientId = 'e18a3703-ad6d-409d-a471-adb080b468a1'

        $tenantId = '668388a7-abae-4620-b726-29bfd4f5126f'

#>

$authUrl = "https://login.windows.net/$TenantID/oauth2/token/"

$body = @{

    "client_id" = $clientId

    "grant_type" = "client_credentials"

    "client_secret" = $clientKey

    "scope" = "https://herbiedv0b2c.onmicrosoft.com/TelematicsServices/read_write"

}

Invoke-RestMethod -Uri $authUrl -Method Post -Body $body

# TRY/CATCH with proper Error message on APIs

#try { Invoke-RestMethod -Uri $Uri -Headers $Headers }

#catch { ([System.IO.StreamReader]$_.Exception.Response.GetResponseStream()).ReadToEnd() }