Public/Get-GraphOauthAuthorizationCode.ps1

<#
    .NOTES
    ===========================================================================
     Created with: SAPIEN Technologies, Inc., PowerShell Studio 2017 v5.4.135
     Created on: 2/8/2017 8:48 AM
     Edited on: 2/27/2017
     Created by: Mark Kraus
     Organization: Mitel
     Filename: Get-GraphOauthAuthorizationCode.ps1
    ===========================================================================
    .DESCRIPTION
        Get-GraphOauthAuthorizationCode Function
#>


<#
    .SYNOPSIS
        Retrieves an OAuth Authorization code form Microsoft
    
    .DESCRIPTION
        Retrieves an OAuth Authorization code form Microsoft for a given Graph Application. This commandlet requires an interactive session as you will need to provide your credentials and authorize the Graph Application. The OAuth Authorization code will be used to obtain an OAuth Access Token.
    
    .PARAMETER Application
        MSGraphAPI.Application object (See New-GraphApplication)
    
    .PARAMETER BaseURL
        The base URL for obtaining an OAuth Authorization Code form Microsoft. This is provided in the event that a different URL is required. The default is
        
            https://login.microsoftonline.com/common/oauth2/authorize
    
    .EXAMPLE
                PS C:\> $GraphAuthCode = Get-GraphOauthAuthorizationCode -Application $GraphApp
    
    .OUTPUTS
        MSGraphAPI.Oauth.AuthorizationCode
#>

function Get-GraphOauthAuthorizationCode {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")]
    [CmdletBinding(ConfirmImpact = 'Low',
                   SupportsShouldProcess = $true)]
    [OutputType('MSGraphAPI.Oauth.AuthorizationCode')]
    param
    (
        [Parameter(Mandatory = $true,
                   ValueFromPipeline = $true,
                   ValueFromPipelineByPropertyName = $true)]
        [ValidateNotNullOrEmpty()]
        [Alias('App')]
        [PSTypeName('MSGraphAPI.Application')]$Application,
        
        [Parameter(Mandatory = $false,
                   ValueFromPipelineByPropertyName = $true)]
        [Alias('URL')]
        [string]$BaseURL = 'https://login.microsoftonline.com/common/oauth2/authorize'
    )
    Process {
        if (-not $pscmdlet.ShouldProcess($Application.ClientID)) {
            return
        }
        $Client_Id = [System.Web.HttpUtility]::UrlEncode($Application.ClientId)
        $Redirect_Uri = [System.Web.HttpUtility]::UrlEncode($Application.RedirectUri)
        $Url = "{0}?response_type=code&redirect_uri={1}&client_id={2}" -f @(
            $BaseURL
            $Redirect_Uri
            $Client_Id
        )
        Write-Verbose "URL: '$URL'"
        $Params = @{
            TypeName = 'System.Windows.Forms.Form'
            Property = @{
                Width = 440
                Height = 640
            }
        }
        $Form = New-Object @Params
        $Params = @{
            TypeName = 'System.Windows.Forms.WebBrowser'
            Property = @{
                Width = 420
                Height = 600
                Url = $Url
            }
        }
        $Web = New-Object @Params
        $DocumentCompleted_Script = {
            if ($web.Url.AbsoluteUri -match "error=[^&]*|code=[^&]*") {
                $form.Close()
            }
        }
        # ScriptErrorsSuppressed must be $false or AD FS tenants will fail on Windows Integrated Authentication pages
        $web.ScriptErrorsSuppressed = $false
        $web.Add_DocumentCompleted($DocumentCompleted_Script)
        $form.Controls.Add($web)
        $form.Add_Shown({ $form.Activate() })
        [void]$form.ShowDialog()
        
        $QueryOutput = [System.Web.HttpUtility]::ParseQueryString($web.Url.Query)
        $Response = @{ }
        foreach ($key in $queryOutput.Keys) {
            $Response["$key"] = $QueryOutput[$key]
        }
        $SecAuthCode = 'NOAUTHCODE' | ConvertTo-SecureString -AsPlainText -Force
        $AuthCodeCredential = [pscredential]::new('NOAUTHCODE', $SecAuthCode)
        if ($Response.Code) {
            $SecAuthCode = $Response.Code | ConvertTo-SecureString -AsPlainText -Force
            $AuthCodeCredential = [pscredential]::new('AuthCode', $SecAuthCode)
            $Response.Remove('Code')
        }
        [pscustomobject]@{
            PSTypeName = 'MSGraphAPI.Oauth.AuthorizationCode'
            AuthCodeCredential = $AuthCodeCredential
            ResultURL = $web.Url.psobject.copy()
            Application = $Application
            AuthCodeBaseURL = $BaseURL
            Response = $Response
            Issued = Get-date
        }
        [void]$form.Close()
        [void]$Web.Dispose()
        [void]$Form.Dispose()
    }
}