functions/public/New-RoleAuthorization.ps1

function New-RoleAuthorization {
    param (
        [Parameter(Mandatory = $true)] [string] $authUrl,
        [Parameter(Mandatory = $true)] $body,
        [Parameter(Mandatory = $true)] [string] $accessToken
    )

    $url = "$($authUrl.TrimEnd("/"))/roles"

    if (!($body -is [string])) {
        $clientObject = $body
        $body = $body | ConvertTo-Json
    }
    else {
        $clientObject = ConvertFrom-Json -InputObject $body
    }

    $headers = @{"Accept" = "application/json"}
    if ($accessToken) {
        $headers.Add("Authorization", "Bearer $accessToken")
    }

    # attempt to add
    try {
        $response = Invoke-RestMethod -Method Post -Uri ([System.Uri]::EscapeUriString($url)) -Body $body -ContentType "application/json" -Headers $headers
        Write-DosMessage -Level "Information" -Message "Created the ""$($clientObject.name)"" role for the ""$($clientObject.securableItem)"" securable item"
        return $response
    }
    catch {
        $exception = $_.Exception
        if ((Assert-WebExceptionType -exception $exception -typeCode 409)) {
            $url = "$($url)/$($clientObject.grain)/$($clientObject.securableItem)/$($clientObject.name)"
            $response = Invoke-RestMethod -Method Get -Uri ([System.Uri]::EscapeUriString($url)) -ContentType "application/json" -Headers $headers
            Write-DosMessage -Level "Information" -Message """$($clientObject.name)"" role has already been created for the ""$($clientObject.securableItem)"" securable item"
            return $response
        }
        else {
            $error = "Unknown error attempting to post"
            $exception = $_.Exception
            if ($null -ne $exception -and $null -ne $exception.Response) {
                $error = Get-ErrorFromResponse -response $exception.Response
            }
            throw ( New-Object -TypeName "System.Net.WebException" "There was an error registering role $($clientObject.name) with Fabric.Authorization: $error, halting installation.", $exception)
        }
    }
}