Automatos.Common

1.0.0

Functions/Authentication/Export-CredentialMetadata.ps1

<#
.DESCRIPTION
    This script creates a JSON configuration defining metadata for stored credentials.
    In conjunction with the Import function, this enables secure and unattended retrieval of credentials by automatic and manual processes.
#>
function Export-CredentialMetadata
{
    [CmdletBinding()]
    Param
    (
        # Filename of Metadata
        [Parameter(Mandatory=$false)]
        [String]
        $Filename = "CredMeta",

        # Path to place JSON metadata file (Should be defined in PS Profile)
        [Parameter(Mandatory=$false)]
        [String]
        $CredentialPath = $Global:PS_CredentialPath,
        
        # User Context Object (Should be defined in PS Profile)
        [Parameter(Mandatory=$false)]
        [psobject]
        $Context = $Global:PS_UserContext 
    )

    Process
    {
        if ($Context -and $CredentialPath)
        {
            # Define Meta Path
            $MetaPath = "$CredentialPath\$filename.json"

            # Create PSObject of UniversalMetadata
            $FullMeta = [array]@(
                if($context.core_username_primary -and $Context.core_domain)
                    {New-CredentialMetaObj -name "CORE_Primary" -hint "Primary User Account (Core)" -userName $context.core_username_primary -domain $Context.core_domain -type Identity -expires $true}else{$null}
                
                if($context.core_username_secondary -and $Context.core_domain)
                    {New-CredentialMetaObj -name "CORE_Secondary" -hint "Secondary User Account (Core)" -userName $context.core_username_secondary -domain $Context.core_domain -type Identity -expires $true}else{$null}
                
                if($context.ofe_username_primary -and $Context.core_domain)
                    {New-CredentialMetaObj -name "OFE_Primary" -hint "Primary User Account (OFE)" -userName $Context.ofe_username_primary -domain $Context.ofe_Domain -type Identity -expires $true}else{$null}
                
                if($context.ofe_username_secondary -and $Context.core_domain)
                    {New-CredentialMetaObj -name "OFE_Secondary" -hint "Secondary User Account (OFE)" -userName $Context.ofe_username_secondary -domain $Context.ofe_Domain -type Identity -expires $true}else{$null}
                
                if($Context.ofe_domain)
                    {New-CredentialMetaObj -name "sole-service" -hint "Sole Service Account" -userName "sole-service" -domain $Context.ofe_Domain -type Service -expires $false}else{$null}
            )
            
            # Combine into one JSON Metadata Object and Output File to Path
            $FullMetaJson = $FullMeta | ConvertTo-Json
            $FullMetaJson | Out-file "$CredentialPath\$Filename.json" -Encoding utf8 -Force
        }
        else {write-host "User Context or Infrastructure Environment NOT found in loaded PS Profiles!" -ForegroundColor Red}
    }
}