Framework/Listeners/EventHub/EventHubOutput.ps1

Set-StrictMode -Version Latest 

class EventHubOutput: ListenerBase
{        
    hidden static [EventHubOutput] $Instance = $null;  
    #Default source is kept as SDL / PowerShell.
    #This value must be set in respective environment i.e. CICD,CA
    [string] $EventHubSource;

    EventHubOutput()
    {
        
    }


    static [EventHubOutput] GetInstance()
    {
        if($null -eq [EventHubOutput]::Instance)
        {
            [EventHubOutput]::Instance = [EventHubOutput]::new();
        }
        return [EventHubOutput]::Instance;
    }

    [void] RegisterEvents()
    {
        $this.UnregisterEvents();

        $this.RegisterEvent([SVTEvent]::EvaluationCompleted, {
            $currentInstance = [EventHubOutput]::GetInstance();
            try
            {
                $currentInstance.WriteControlResult([SVTEventContext[]] ($Event.SourceArgs));
            }
            catch
            {
                $currentInstance.PublishException($_);
            }
        });
    }

    hidden [void] WriteControlResult([SVTEventContext[]] $eventContextAll)
    {
        try
        {
            $settings = [ConfigurationManager]::GetAzSKSettings()
            $tempBodyObjectsAll = [System.Collections.ArrayList]::new()

            if(-not [string]::IsNullOrWhiteSpace($settings.EventHubSource))
            {
                $this.EventHubSource = $settings.EventHubSource
            }

            if(-not [string]::IsNullOrWhiteSpace($settings.EventHubNamespace))
            {
                $eventContextAll | ForEach-Object{
                $eventContext = $_

                $tempBodyObjects = $this.GetEventHubBodyObjects($this.EventHubSource,$eventContext) 
                $tempBodyObjects | ForEach-Object{
                    Set-Variable -Name tempBody -Value $_ -Scope Local
                    $tempBodyObjectsAll.Add($tempBody)
                    }
                }
                
                $body = $tempBodyObjectsAll | ConvertTo-Json
                [EventHubOutput]::PostEventHubData(`
                            $settings.EventHubNamespace, `
                            $settings.EventHubName, `
                            $settings.EventHubSendKeyName, `
                            $settings.EventHubSendKey,`
                            $body, `
                            $settings.EventHubType)
            }
        }
        catch
        {
            [Exception] $ex = [Exception]::new(("Invalid EventHub Settings: " + $_.Exception.ToString()), $_.Exception)
            throw [SuppressedException] $ex
        }
    }

    hidden [PSObject[]] GetEventHubBodyObjects([string] $Source,[SVTEventContext] $eventContext)
    {
        [PSObject[]] $output = @();
        [array] $eventContext.ControlResults | ForEach-Object{
            Set-Variable -Name ControlResult -Value $_ -Scope Local
            $out = "" | Select-Object ResourceType, ResourceGroup, Reference, ResourceName, ChildResourceName, ControlStatus, ActualVerificationResult, ControlId, OrganizationName, OrganizationId, FeatureName, Source, Recommendation, ControlSeverity, TimeTakenInMs, AttestationStatus, AttestedBy, Justification
            if($eventContext.IsResource())
            {
                $out.ResourceType=$eventContext.ResourceContext.ResourceType
                $out.ResourceGroup=$eventContext.ResourceContext.ResourceGroupName            
                $out.ResourceName=$eventContext.ResourceContext.ResourceName
                $out.ChildResourceName=$ControlResult.ChildResourceName
            }

            $out.Reference=$eventContext.Metadata.Reference
            $out.ControlStatus=$ControlResult.VerificationResult.ToString()
            $out.ActualVerificationResult=$ControlResult.ActualVerificationResult.ToString()
            $out.ControlId=$eventContext.ControlItem.ControlID
            $out.OrganizationName=$eventContext.OrganizationContext.OrganizationName
            $out.OrganizationId=$eventContext.OrganizationContext.OrganizationId
            $out.FeatureName=$eventContext.FeatureName
            $out.Recommendation=$eventContext.ControlItem.Recommendation
            $out.ControlSeverity=$eventContext.ControlItem.ControlSeverity.ToString()
            $out.Source=$Source

            #mapping the attestation properties
            if($null -ne $ControlResult -and $null -ne $ControlResult.StateManagement -and $null -ne $ControlResult.StateManagement.AttestedStateData)
            {
                $attestedData = $ControlResult.StateManagement.AttestedStateData;
                $out.AttestationStatus = $ControlResult.AttestationStatus.ToString();
                $out.AttestedBy = $attestedData.AttestedBy;
                $out.Justification = $attestedData.Justification;
            }
            
            $output += $out
        }
        return $output    
    }

    static [string] PostEventHubData([string] $ehNamespace, [string] $ehName, [string] $ehSendKeyName, [string] $ehSendKey, $body, $logType)
    {
        $ehUrl = "$ehNamespace.servicebus.windows.net/$ehName"
        $ControlSettingsJson = [ConfigurationManager]::LoadServerConfigFile("ControlSettings.json")
        $sasToken=GetEventHubToken -URI $ehUrl -AccessPolicyName $ehSendKeyName -AccessPolicyKey $ehSendKey -TokenTimeOut $ControlSettingsJson.EventHubOutput.TokenTimeOut
        $response = SendEventHubMessage -URI $ehUrl -SASToken $sasToken -Message $body -TimeOut $ControlSettingsJson.EventHubOutput.TimeOut -APIVersion $ControlSettingsJson.EventHubOutput.APIVersion
        return $response.StatusCode
    }
}

function GetEventHubToken([string]$URI, [string]$AccessPolicyName, [string]$AccessPolicyKey, [int]$TokenTimeOut)
{
    [Reflection.Assembly]::LoadWithPartialName("System.Web")| out-null

    $now = [DateTimeOffset]::Now
    $Expires=($now.ToUnixTimeSeconds())+$TokenTimeOut

    $SignatureString=[System.Web.HttpUtility]::UrlEncode($URI)+ "`n" + [string]$Expires
    $HMAC = New-Object System.Security.Cryptography.HMACSHA256
    $HMAC.key = [Text.Encoding]::ASCII.GetBytes($AccessPolicyKey)
    $Signature = $HMAC.ComputeHash([Text.Encoding]::ASCII.GetBytes($SignatureString))
    $Signature = [Convert]::ToBase64String($Signature)
    $SASToken = "SharedAccessSignature sr=" + `
                    [System.Web.HttpUtility]::UrlEncode($URI) +`
                    "&sig=" + [System.Web.HttpUtility]::UrlEncode($Signature) + `
                    "&se=" + $Expires + `
                    "&skn=" + $AccessPolicyName
    return $SASToken
}

function SendEventHubMessage([string]$URI, [string]$SASToken, [string]$Message, [int]$TimeOut, [string]$APIVersion)
{
    try {
        $webRequest=Invoke-WebRequest `
                            -Method POST `
                            -Uri ("https://"+$URI+"/messages?timeout="+$TimeOut+"&api-version="+$APIVersion) `
                            -Header @{ Authorization = $SASToken} `
                            -ContentType "application/atom+xml;type=entry;charset=utf-8" `
                            -Body $Message `
                            -ErrorAction SilentlyContinue
    } 
    catch
    {
        Write-Error("Invoke-WebRequest returned: `n`tStatusCode: "+$_.Exception.Response.StatusCode+"`n`tStausDescription: "+$_.Exception.Response.StatusDescription)
        break
    }
    return $webRequest
}