IdentityOps.psm1
|
#Requires -Version 7.2 Set-StrictMode -Version Latest # ── Enforce TLS 1.2+ ────────────────────────────────────────────────────────── [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 -bor [Net.SecurityProtocolType]::Tls13 # ── Module-scoped connection state ───────────────────────────────────────────── $script:IOConnection = @{ Connected = $false TenantId = $null TenantName = $null UserPrincipalName = $null AuthFlow = $null ConnectedAt = $null Scopes = @() } # ── High-privilege app roles (Microsoft Graph appId) ────────────────────────── $script:HighPrivilegeRoles = @( 'Directory.ReadWrite.All', 'RoleManagement.ReadWrite.Directory', 'Application.ReadWrite.All', 'AppRoleAssignment.ReadWrite.All', 'Mail.ReadWrite', 'Mail.Send', 'Files.ReadWrite.All', 'Sites.FullControl.All', 'User.ReadWrite.All', 'Group.ReadWrite.All', 'Calendars.ReadWrite', 'Contacts.ReadWrite', 'MailboxSettings.ReadWrite', 'Chat.ReadWrite.All', 'TeamSettings.ReadWrite.All', 'Policy.ReadWrite.ConditionalAccess' ) # ── Microsoft Graph well-known AppId ────────────────────────────────────────── $script:MsGraphAppId = '00000003-0000-0000-c000-000000000000' # ── Dot-source private functions ────────────────────────────────────────────── $privatePath = Join-Path $PSScriptRoot 'Private' if (Test-Path $privatePath) { Get-ChildItem -Path $privatePath -Filter '*.ps1' -Recurse -ErrorAction SilentlyContinue | ForEach-Object { $file = $_ try { . $file.FullName } catch { Write-Warning "IdentityOps: Failed to load private function '$($file.Name)': $($_.Exception.Message)" } } } # ── Dot-source public functions ─────────────────────────────────────────────── $publicPath = Join-Path $PSScriptRoot 'Public' if (Test-Path $publicPath) { Get-ChildItem -Path $publicPath -Filter '*.ps1' -Recurse -ErrorAction SilentlyContinue | ForEach-Object { $file = $_ try { . $file.FullName } catch { Write-Warning "IdentityOps: Failed to load public function '$($file.Name)': $($_.Exception.Message)" } } } |