psmsgraph

1.0.20.37

Public/Get-GraphOauthAuthorizationCode.ps1

                                <#    

    .NOTES

    ===========================================================================

     Created with:     SAPIEN Technologies, Inc., PowerShell Studio 2017 v5.4.135

     Created on:       2/8/2017 8:48 AM

     Edited on:     2/27/2017

     Created by:       Mark Kraus

     Organization:     Mitel

     Filename:         Get-GraphOauthAuthorizationCode.ps1

    ===========================================================================

    .DESCRIPTION

        Get-GraphOauthAuthorizationCode Function

#>

<#

    .SYNOPSIS

        Retrieves an OAuth Authorization code form Microsoft

    .DESCRIPTION

        Retrieves an OAuth Authorization code form Microsoft for a given Graph Application. This commandlet requires an interactive session as you will need to provide your credentials and authorize the Graph Application. The OAuth Authorization code will be used to obtain an OAuth Access Token. 

    .PARAMETER Application

        MSGraphAPI.Application object (See New-GraphApplication)

    .PARAMETER BaseURL

        The base URL for obtaining an OAuth Authorization Code form Microsoft. This is provided in the event that a different URL is required. The default is 

            https://login.microsoftonline.com/common/oauth2/authorize 

    .EXAMPLE

                PS C:\> $GraphAuthCode = Get-GraphOauthAuthorizationCode -Application $GraphApp

    .OUTPUTS

        MSGraphAPI.Oauth.AuthorizationCode

    .LINK

        http://psmsgraph.readthedocs.io/en/latest/functions/Get-GraphOauthAuthorizationCode

    .LINK

        https://graph.microsoft.io/en-us/docs/authorization/auth_overview

    .LINK

        http://psmsgraph.readthedocs.io/en/latest/functions/Get-GraphOauthAuthorizationCode/New-GraphApplication

#>

function Get-GraphOauthAuthorizationCode {

    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")]

    [CmdletBinding(ConfirmImpact = 'Low',

                   HelpUri = 'http://psmsgraph.readthedocs.io/en/latest/functions/Get-GraphOauthAuthorizationCode',

                   SupportsShouldProcess = $true)]

    [OutputType('MSGraphAPI.Oauth.AuthorizationCode')]

    param

    (

        [Parameter(Mandatory = $true,

                   ValueFromPipeline = $true,

                   ValueFromPipelineByPropertyName = $true)]

        [ValidateNotNullOrEmpty()]

        [Alias('App')]

        [PSTypeName('MSGraphAPI.Application')]$Application,

        [Parameter(Mandatory = $false,

                   ValueFromPipelineByPropertyName = $true)]

        [Alias('URL')]

        [string]$BaseURL = 'https://login.microsoftonline.com/common/oauth2/authorize'

    )

    Process {

        if (-not $pscmdlet.ShouldProcess($Application.ClientID)) {

            return

        }

        $Client_Id = [System.Web.HttpUtility]::UrlEncode($Application.ClientId)

        $Redirect_Uri = [System.Web.HttpUtility]::UrlEncode($Application.RedirectUri)

        $Url = "{0}?response_type=code&redirect_uri={1}&client_id={2}" -f @(

            $BaseURL

            $Redirect_Uri

            $Client_Id

        )

        Write-Verbose "URL: '$URL'"

        $Params = @{

            TypeName = 'System.Windows.Forms.Form'

            Property = @{

                Width = 440

                Height = 640

            }

        }

        $Form = New-Object @Params

        $Params = @{

            TypeName = 'System.Windows.Forms.WebBrowser'

            Property = @{

                Width = 420

                Height = 600

                Url = $Url

            }

        }

        $Web = New-Object @Params

        $DocumentCompleted_Script = {

            if ($web.Url.AbsoluteUri -match "error=[^&]*|code=[^&]*") {

                $form.Close()

            }

        }

        # ScriptErrorsSuppressed must be $false or AD FS tenants will fail on Windows Integrated Authentication pages

        $web.ScriptErrorsSuppressed = $false

        $web.Add_DocumentCompleted($DocumentCompleted_Script)

        $form.Controls.Add($web)

        $form.Add_Shown({ $form.Activate() })

        [void]$form.ShowDialog()

        $QueryOutput = [System.Web.HttpUtility]::ParseQueryString($web.Url.Query)

        $Response = @{ }

        foreach ($key in $queryOutput.Keys) {

            $Response["$key"] = $QueryOutput[$key]

        }

        $SecAuthCode = 'NOAUTHCODE' | ConvertTo-SecureString -AsPlainText -Force

        $AuthCodeCredential = [pscredential]::new('NOAUTHCODE', $SecAuthCode)

        if ($Response.Code) {

            $SecAuthCode = $Response.Code | ConvertTo-SecureString -AsPlainText -Force

            $AuthCodeCredential = [pscredential]::new('AuthCode', $SecAuthCode)

            $Response.Remove('Code')

        }

        [pscustomobject]@{

            PSTypeName = 'MSGraphAPI.Oauth.AuthorizationCode'

            AuthCodeCredential = $AuthCodeCredential

            ResultURL = $web.Url.psobject.copy()

            Application = $Application

            AuthCodeBaseURL = $BaseURL

            Response = $Response

            Issued = Get-date

        }

        [void]$form.Close()

        [void]$Web.Dispose()

        [void]$Form.Dispose()

    }

}