Public/Authentication/New-DSSession.ps1

function New-DSSession {
    <#
        .SYNOPSIS
        Establishes a connection with your Devolutions Server instance.
        .DESCRIPTION
        Establishes a connection with your Devolutions Server by retrieving server informations and setting global variables that are required for accessing the API.
        .EXAMPLE
        $SecurePassword = ConvertTo-SecureString 'YourPassword' -AsPlainText -Force
        $SessionData = @{
            BaseURI = "Your/DVLS/Instance/URL"
            Credentials = New-Object System.Management.Automation.PSCredential ($YourUsername, $SecurePassword)
        }

        > New-DSSession @SessionData

        .EXAMPLE
        $SecurePassword = ConvertTo-SecureString $YourPassword -AsPlainText -Force
        $Credentials = New-Object System.Management.Automation.PSCredential ($YourUsername, $SecurePassword)
        $BaseURI = "Your/DVLS/Instance/URL"

        > New-DSSession -Credentials $Credentials -baseURI $URI

        .EXAMPLE
        # Authenticate using an application user

        $SecurePassword = ConvertTo-SecureString $YourApplicationSecret -AsPlainText -Force
        $Credentials = New-Object System.Management.Automation.PSCredential ($YourApplicationKey, $SecurePassword)
        $BaseURI = "Your/DVLS/Instance/URL"

        > New-DSSession -Credentials $Credentials -baseURI $URI -AsApplication
    #>

    [CmdletBinding()]
    PARAM (
        #PSCredential with your Devolutions Server username and password
        #[ValidateNotNull()]
        [object]$Credential = $null,
        #URL to your Devolutions Server instance
        [ValidateNotNullOrEmpty()]
        [string]$BaseUri = $(throw "You must provide your DVLS instance's URI."),
        #Required when using an application user to authenticate
        [switch]$AsApplication,
        [string]$DomainId
    )
    
    BEGIN {
        Write-Verbose '[Login] Beginning...'

    }
    
    PROCESS {
        #1. Fetch server information
        try {
            $ServerResponse = Invoke-WebRequest -Uri "$BaseURI/api/public-instance-information" -Method 'GET' -SessionVariable Global:WebSession

            if ((Test-Json $ServerResponse.Content -ErrorAction SilentlyContinue) -and (@(Compare-Object (ConvertFrom-Json $ServerResponse.Content).PSObject.Properties.Name @('data', 'result')).Length -eq 0)) {
                $ServerResponse = ConvertFrom-Json $ServerResponse.Content

                if ($ServerResponse.result -ne [SaveResult]::Success) {
                    throw '[New-DSSession] Unhandled error while fetching server information. Please submit a ticket if problem persists.'
                }
            }
            else {
                throw "[New-DSSession] There was a problem reaching your DVLS instance. Either you provided a wrong URL or it's not pointing to a DVLS instance."
            }
        }
        catch {
            Write-Error $_.Exception.Message
        }

        #2. Setting server related variables
        #$SessionKey = New-CryptographicKey
        #$SafeSessionKey = Encrypt-RSA $ServerResponse.data.publicKey.modulus $ServerResponse.data.publicKey.exponent $SessionKey
        
        Set-Variable -Name DSBaseURI -Value $BaseUri -Scope Script
        #Set-Variable -Name DSSessionKey -Value $SessionKey -Scope Global
        #Set-Variable -Name DSSafeSessionKey -Value $SafeSessionKey -Scope Global

        $jsonData = ConvertFrom-Json $ServerResponse.Content -Depth 10
        Set-Variable -Name DSInstanceVersion -Value $jsonData.data.version -Scope Global

        #3. Fetching token information (Actually logging in to DVLS)
        if (!$AsApplication) {
            $LoginResponse = New-DSSessionOAuth $Credential $BaseUri $DomainId

            if ($null -eq $LoginResponse.access_token) {
                throw '[New-DSSession] Unhandled error while logging in. Please submit a ticket if problem persists.'
            }

            return $LoginResponse
        }
        else {
            $ModuleVersion = (Get-Module Devolutions.Server).Version.ToString()
    
            $RequestParams = @{
                URI         = "$BaseUri/api/login/partial"
                Method      = 'POST'
                ContentType = 'application/json'
                WebSession  = $Global:WebSession
                Body        = ConvertTo-Json @{
                    userName        = $Credential.UserName
                    LoginParameters = @{
                        Password         = $Credential.GetNetworkCredential().Password
                        Client           = $AsApplication ? [ApplicationSource]::Cli : [ApplicationSource]::Scripting
                        Version          = $ModuleVersion
                        LocalMachineName = [System.Environment]::MachineName
                        LocalUserName    = [System.Environment]::UserName
                    }
                } -Depth 3
            }
    
            try {
                $LoginResponse = Invoke-WebRequest @RequestParams
    
                if ((Test-Json $LoginResponse.Content -ErrorAction SilentlyContinue) -and (@(Compare-Object (ConvertFrom-Json $LoginResponse.Content).PSObject.Properties.Name @('data', 'result')).Length -eq 0)) {
                    $LoginContent = ConvertFrom-Json $LoginResponse.Content
    
                    if ($LoginContent.result -ne [SaveResult]::Success) {
                        throw $LoginContent.data.message
                    }
                }
                else {
                    throw '[New-DSSession] Unhandled error while logging in. Please submit a ticket if problem persists.'
                }
            }
            catch {
                throw $_.Exception.Message
            }
            
            Set-Variable -Name DSSessionToken -Value $LoginContent.data.tokenId -Scope Global
            $Global:WebSession.Headers.Add('tokenId', $LoginContent.data.tokenId)
    
            $NewResponse = New-ServerResponse -response $LoginResponse -method 'POST'
            return $NewResponse
        }
    }
    
    END {
        if (Get-Variable -Name NewResponse -ErrorAction SilentlyContinue) {
            $Success = $NewResponse.isSuccess
        }
        else {
            $Success = $null -ne $LoginResponse.access_token
        }

        Write-Verbose ($Success ? 
            "[New-DSSession] Successfully logged in to Devolutions Server" : 
            '[New-DSSession] Could not log in. Please verify URL and credential.')
    }
}