Private/Apply-EdgeAuthorization.ps1
Function OkToTryRefresh { PARAM( [int] $Lifetime ) if (! $MyInvocation.MyCommand.Module.PrivateData.Connection['MostRecentRefresh'] ) { return $true; } # Refresh no more than once every ($Lifetime - 5 minutes). $MoratoriumPeriod = [TimeSpan]::FromSeconds($Lifetime) $MoratoriumPeriod = $MoratoriumPeriod.Subtract([TimeSpan]::FromMinutes(5)) $MostRecentRefresh = $MyInvocation.MyCommand.Module.PrivateData.Connection['MostRecentRefresh'] $NowMilliseconds = $(Get-NowMilliseconds) $OneMoratoriumPeriodAgo = $NowMilliseconds - $MoratoriumPeriod.TotalMilliseconds $OK = ($MostRecentRefresh -lt $OneMoratoriumPeriodAgo) $OK } Function Apply-EdgeAuthorization { [cmdletbinding()] PARAM( [string] $MgmtUri, [System.Collections.Hashtable] $IRMParams ) PROCESS { if ($PSBoundParameters['Debug']) { $DebugPreference = 'Continue' } Try { $NoToken = $MyInvocation.MyCommand.Module.PrivateData.Connection['NoToken'] if ($NoToken -ne $True) { Write-Debug ( "Apply-EdgeAuthorization NoToken: " + $NoToken) $UserToken = $( Get-EdgeStashedAdminToken ) Write-Debug ( "Apply-EdgeAuthorization usertoken: " + $( $UserToken | Format-List | Out-String ) ) If ( $UserToken -and ! $( Get-EdgeTokenIsExpired $UserToken )) { Write-Debug ( "Apply-EdgeAuthorization using stashed token" ) $IRMParams.Headers.Add('Authorization', 'Bearer ' + $usertoken.Value.access_token) } ElseIf ( $( OkToTryRefresh -Lifetime $UserToken.expires_in ) ) { Write-Debug ( "Apply-EdgeAuthorization try refresh token" ) $UserToken = Get-EdgeRefreshedAdminToken -UserToken $UserToken if ( $UserToken -and $UserToken.Value -and $UserToken.Value.access_token ) { Write-Debug ( "Apply-EdgeAuthorization using refreshed token" ) $IRMParams.Headers.Add('Authorization', 'Bearer ' + $UserToken.Value.access_token) } else { Write-Debug ( "Apply-EdgeAuthorization could not refresh token, using Basic Auth" ) $IRMParams.Headers.Add('Authorization', 'Basic ' + $( Get-EdgeBasicAuth )) } } else { Write-Debug ( "Apply-EdgeAuthorization not ok to refresh, using Basic Auth" ) $IRMParams.Headers.Add('Authorization', 'Basic ' + $( Get-EdgeBasicAuth )) } } else { Write-Debug ( "Not using token, using Basic Auth" ) $IRMParams.Headers.Add('Authorization', 'Basic ' + $( Get-EdgeBasicAuth )) } } Finally { if ($usertoken) { Remove-Variable usertoken } } } } |