AzDnsAsCode

1.0.3

internal/functions/createBearerToken.ps1

function createBearerToken
{
    <#
    .SYNOPSIS
        get token for specific Api Endpoint
     
    .DESCRIPTION
        get token for specific Api Endpoint
     
    .PARAMETER targetEndPoint
        Api Endpoint like 'MsGraphApi'
 
    .EXAMPLE
        PS C:\> createBearerToken -targetEndpoint "MsGraphApi"
 
        get token
    #>
    [CmdletBinding()]
    param (
        $targetEndPoint
    )
    Set-AzApiCallContext
    Set-AzApiCallEnvironment

    Write-Output "+Processing new bearer token request ($targetEndPoint)"
    if ($targetEndPoint -eq "AzManagementAPI") {
        $azureRmProfile = [Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureRmProfileProvider]::Instance.Profile;
        $profileClient = New-Object Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient($azureRmProfile);
        $catchResult = "letscheck"
        try {
            $newBearerAccessTokenRequest = ($profileClient.AcquireAccessToken($script:checkContext.Subscription.TenantId))
        }
        catch {
            $catchResult = $_
        }
    }
    if ($targetEndPoint -eq "MsGraphAPI") {
        $contextForMSGraphToken = [Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureRmProfileProvider]::Instance.Profile.DefaultContext
        $catchResult = "letscheck"
        try {
            $newBearerAccessTokenRequest = [Microsoft.Azure.Commands.Common.Authentication.AzureSession]::Instance.AuthenticationFactory.Authenticate($contextForMSGraphToken.Account, $contextForMSGraphToken.Environment, $contextForMSGraphToken.Tenant.id.ToString(), $null, [Microsoft.Azure.Commands.Common.Authentication.ShowDialog]::Never, $null, "$(($script:htAzureEnvironmentRelatedUrls).(checkContext).Environment.Name).MSGraphUrl)")
        }
        catch {
            $catchResult = $_
        }
    }
    if ($targetEndPoint -eq "AzDevOps") {
        $contextForADOToken = [Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureRmProfileProvider]::Instance.Profile.DefaultContext
        $catchResult = "letscheck"
        try {
            $newBearerAccessTokenRequest = [Microsoft.Azure.Commands.Common.Authentication.AzureSession]::Instance.AuthenticationFactory.Authenticate($contextForADOToken.Account, $contextForADOToken.Environment, $contextForADOToken.Tenant.Id.ToString(), $null, [Microsoft.Azure.Commands.Common.Authentication.ShowDialog]::Never, $null, "https://app.vssps.visualstudio.com/")
        }
        catch {
            $catchResult = $_
        }
    }
    if ($targetEndPoint -eq "MsPowerBi") {
        $contextForPowerBIToken = [Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureRmProfileProvider]::Instance.Profile.DefaultContext
        $catchResult = "letscheck"
        try {
            $newBearerAccessTokenRequest = [Microsoft.Azure.Commands.Common.Authentication.AzureSession]::Instance.AuthenticationFactory.Authenticate($contextForPowerBIToken.Account, $contextForPowerBIToken.Environment, $contextForPowerBIToken.Tenant.Id.ToString(), $null, [Microsoft.Azure.Commands.Common.Authentication.ShowDialog]::Never, $null, "https://graph.microsoft.com")
        }
        catch {
            $catchResult = $_
        }
    }
    if ($catchResult -ne "letscheck") {
        Write-Host "-ERROR processing new bearer token request ($targetEndPoint): $catchResult" -ForegroundColor Red
        Write-Host "Likely your Azure credentials have not been set up or have expired, please run 'Connect-AzAccount' to set up your Azure credentials."
        Write-Host "It could also well be that there are multiple context in cache, please run 'Clear-AzContext' and then run 'Connect-AzAccount'."
        Throw "Error - check the last console output for details"
    }
    $dateTimeTokenCreated = (get-date -format "MM/dd/yyyy HH:mm:ss")

    if ($targetEndPoint -eq "AzManagementAPI") {
        $script:htBearerAccessToken.AzManagementAPI = [PSCustomObject]@{
            AccessToken = $newBearerAccessTokenRequest.AccessToken
            expire = $newBearerAccessTokenRequest.ExpiresOn
        }
    }
    if ($targetEndPoint -eq "MsGraphAPI") {
        $script:htBearerAccessToken.MsGraphAPI = [PSCustomObject]@{
            AccessToken = $newBearerAccessTokenRequest.AccessToken
            expire = $newBearerAccessTokenRequest.ExpiresOn
        }
    }
    if ($targetEndPoint -eq "AzDevOps") {
        $script:htBearerAccessToken.AzDevOps = [PSCustomObject]@{
            AccessToken = $newBearerAccessTokenRequest.AccessToken
            expire = $newBearerAccessTokenRequest.ExpiresOn
        }
    }
    if ($targetEndPoint -eq "MsPowerBi") {
        $script:htBearerAccessToken.MsPowerBi = [PSCustomObject]@{
            AccessToken = $newBearerAccessTokenRequest.AccessToken
            expire = $newBearerAccessTokenRequest.ExpiresOn
        }
    }

    $bearerDetails = GetJWTDetails -token $newBearerAccessTokenRequest.AccessToken
    $bearerAccessTokenExpiryDateTime = $bearerDetails.expiryDateTime
    $bearerAccessTokenTimeToExpiry = $bearerDetails.timeToExpiry
    Write-Host "+Bearer token ($targetEndPoint): [tokenRequestProcessed: '$dateTimeTokenCreated']; [expiryDateTime: '$bearerAccessTokenExpiryDateTime']; [timeUntilExpiry: '$bearerAccessTokenTimeToExpiry']"
}