Functions/Get-GSuiteAccessToken.ps1
<#
.SYNOPSIS This function uses a permanent refresh token to get a temporary GSuite access token. #> function Get-GSuiteAccessToken { [CmdletBinding(PositionalBinding=$false)] [OutputType([String])] param ( # The application ID of the Google web application. [Parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] [String]$applicationId, # The client secret of the Google web application. [Parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] [String]$clientSecret, # The refresh token. [Parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] [String]$refreshToken, # Select the stream where the messages will be directed. [Parameter(Mandatory=$false)] [ValidateSet("Information", "Warning", "Error", "None")] [String]$outputStream = "Error" ) # Construct the REST call $invokeRestMethodParams = @{ Uri = "https://www.googleapis.com/oauth2/v4/token" Method = "POST" Headers = @{ "Content-Type" = "application/json" } Body = @{ client_id = $applicationId client_secret = $clientSecret grant_type = "refresh_token" refresh_token = $refreshToken } | ConvertTo-Json } # Invoke the REST call Write-Information "Retrieving the GSuite access token using the refresh token" try { $response = Invoke-RestMethod @invokeRestMethodParams } catch { Write-OutputMessage "Exception occurred while retrieving the GSuite access token.`r`n$($_.Exception.Message)" -OutputStream $outputStream -ReturnMessage:$false return $null } # Verify the response if ($null -eq $response -or $response.expires_in -le 0 -or [String]::IsNullOrWhiteSpace($response.access_token)) { Write-OutputMessage "Failed to retrieve the GSuite access token." -OutputStream $outputStream -ReturnMessage:$false return $null } # Return the access token return $response.access_token } |