Configuration.ps1

#
# IdentityNow V3 API
# Use these APIs to interact with the IdentityNow platform to achieve repeatable, automated processes with greater scalability. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs.
# Version: 3.0.0
# Generated by OpenAPI Generator: https://openapi-generator.tech
#

<#
.SYNOPSIS

Get the configuration object 'Configuration'.

.DESCRIPTION

Get the configuration object 'Configuration'.

.OUTPUTS

System.Collections.Hashtable
#>

function Get-DefaultConfiguration {

    $Configuration = $Script:Configuration

    if (Test-Path -Path "$HOME/.sailpoint/config.yaml" -PathType leaf) {

        $ConfigFileContents = Get-Content -Path "$HOME/.sailpoint/config.yaml" -Raw

        $ConfigObject = ConvertFrom-YAML $ConfigFileContents

        if ($null -ne $ConfigObject.environments) {
            $Environments = $ConfigObject.environments
            $ActiveEnvironment = $ConfigObject.activeenvironment
            if (![string]::IsNullOrEmpty($ActiveEnvironment)) {
                if ($null -ne $Environments.Item($ActiveEnvironment).baseurl) {
                    $Configuration["BaseUrl"] = $Environments.Item($ActiveEnvironment).baseurl + "/"
                    $Configuration["TokenUrl"] = $Environments.Item($ActiveEnvironment).baseurl + "/oauth/token"
                } else {
                    Write-Host "No baseurl set for environment: $ActiveEnvironment" -ForegroundColor Red
                }

                if ($null -ne $Environments.Item($ActiveEnvironment).pat.clientid) {
                    $Configuration["ClientId"] = $Environments.Item($ActiveEnvironment).pat.clientid
                } else {
                    Write-Host "No clientid set for environment: $ActiveEnvironment" -ForegroundColor Red
                }

                if ($null -ne $Environments.Item($ActiveEnvironment).pat.clientsecret) {
                    $Configuration["ClientSecret"] = $Environments.Item($ActiveEnvironment).pat.clientsecret
                } else {
                    Write-Host "No clientsecret set for environment: $ActiveEnvironment" -ForegroundColor Red
                }

                if($null -ne $Configuration["Environment"]) {
                    if ($Configuration["Environment"] -ne $ActiveEnvironment) {
                        Write-Debug "Environment has switched, resetting token."
                        $Configuration["Token"] = ""
                    }
                }

                $Configuration["Environment"] = $ActiveEnvironment
            } else {
                Write-Host "No active environment is set" -ForegroundColor Red
            }
        } else {
            Write-Host "No environments specified in config file" -ForegroundColor Red
        }
    } elseif ($null -ne $ENV:SAIL_BASE_URL -and $null -ne $ENV:SAIL_CLIENT_ID -and $null -ne $ENV:SAIL_CLIENT_SECRET) {
        # Environment variables are set, use environment variables for configuration
        Write-Debug "Environment variables set, using environment variables for configuration."
    } else {
        Write-Host "Configuration file not found at $HOME/.sailpoint/config.yaml. Please provide a configuration file or configure using PowerShell environment variables." -ForegroundColor Red
    }

    if ($null -ne $ENV:SAIL_BASE_URL) {
        $Configuration["BaseUrl"] = $ENV:SAIL_BASE_URL + "/"
        $Configuration["TokenUrl"] = $ENV:SAIL_BASE_URL + "/oauth/token"
    }

    if ($null -ne $ENV:SAIL_CLIENT_ID) {
        $Configuration["ClientId"] = $ENV:SAIL_CLIENT_ID
    }

    if ($null -ne $ENV:SAIL_CLIENT_SECRET) {
        $Configuration["ClientSecret"] = $ENV:SAIL_CLIENT_SECRET
    }

    if (!$Configuration.containsKey("Token")) {
        $Configuration["Token"] = ""
    }

    if (!$Configuration.containsKey("TokenExpiration")) {
        $Configuration["TokenExpiration"] = ""
    }

    if (!$Configuration.containsKey("SkipCertificateCheck")) {
        $Configuration["SkipCertificateCheck"] = $false
    }

    if (!$Configuration.containsKey("MaximumRetryCount")) {
        $Configuration["MaximumRetryCount"] = 10
    }

    if (!$Configuration.containsKey("RetryIntervalSeconds")) {
        $Configuration["RetryIntervalSeconds"] = 5
    }

    if (!$Configuration.containsKey("Proxy")) {
        $Configuration["Proxy"] = $null
    }

    Return $Configuration

}

<#
.SYNOPSIS

Set the configuration.

.DESCRIPTION

Set the configuration.

.PARAMETER BaseUrl
Base URL of the HTTP endpoints

.PARAMETER Username
Username in HTTP basic authentication

.PARAMETER Password
Password in HTTP basic authentication

.PARAMETER ApiKey
API Keys for authentication/authorization

.PARAMETER ApiKeyPrefix
Prefix in the API Keys

.PARAMETER Cookie
Cookie for authentication/authorization

.PARAMETER AccessToken
Access token for authentication/authorization

.PARAMETER SkipCertificateCheck
Skip certificate verification

.PARAMETER DefaultHeaders
Default HTTP headers to be included in the HTTP request

.PARAMETER Proxy
Proxy setting in the HTTP request, e.g.

$proxy = [System.Net.WebRequest]::GetSystemWebProxy()
$proxy.Credentials = [System.Net.CredentialCache]::DefaultCredentials

.PARAMETER PassThru
Return an object of the Configuration

.OUTPUTS

System.Collections.Hashtable
#>

function Set-DefaultConfiguration {

    [CmdletBinding()]
    Param(
        [string]$BaseUrl,
        [string]$Token,
        [AllowNull()]
        [Nullable[DateTime]]$TokenExpiration,
        [string]$TokenUrl,
        [string]$ClientId,
        [string]$ClientSecret,
        [System.Nullable[Int32]]$MaximumRetryCount,
        [System.Nullable[Int32]]$RetryIntervalSeconds,
        [System.Object]$Proxy,
        [switch]$PassThru
    )

    Process {

        If ($BaseUrl) {
            # validate URL
            $URL = $BaseUrl -as [System.URI]
            if (!($null -ne $URL.AbsoluteURI -and $URL.Scheme -match '[http|https]')) {
                throw "Invalid URL '$($BaseUrl)' cannot be used in the base URL."
            }
            $Script:Configuration["BaseUrl"] = $BaseUrl
        }

        If ($Token) {
            $Script:Configuration['Token'] = $Token
        }

        If ($TokenExpiration) {
            $Script:Configuration['TokenExpiration'] = $TokenExpiration
        }

        If ($TokenUrl) {
            $Script:Configuration['TokenUrl'] = $TokenUrl
        }

        If ($ClientId) {
            $Script:Configuration['ClientId'] = $ClientId
        }

        If ($ClientSecret) {
            $Script:Configuration['ClientSecret'] = $ClientSecret
        }

        If ($RetryIntervalSeconds) {
            $Script:Configuration['RetryIntervalSeconds'] = $RetryIntervalSeconds
        }

        If ($MaximumRetryCount) {
            $Script:Configuration['MaximumRetryCount'] = $MaximumRetryCount
        }

        If ($null -ne $Proxy) {
            If ($Proxy.GetType().FullName -ne "System.Net.SystemWebProxy" -and $Proxy.GetType().FullName -ne "System.Net.WebRequest+WebProxyWrapperOpaque") {
                throw "Incorrect Proxy type '$($Proxy.GetType().FullName)'. Must be System.Net.SystemWebProxy or System.Net.WebRequest+WebProxyWrapperOpaque."
            }
            $Script:Configuration['Proxy'] = $Proxy
        } else {
            $Script:Configuration['Proxy'] = $null
        }

        If ($PassThru.IsPresent) {
            $Script:Configuration
        }
    }
}

function Get-AccessToken {
    Write-Debug "Getting Access Token"

    if ($null -eq $Script:Configuration["ClientId"] -or $null -eq $Script:Configuration["ClientSecret"] -or $null -eq $Script:Configuration["TokenUrl"]) {
        throw "ClientId, ClientSecret or TokenUrl Missing. Please provide values in the environment or in ~/.sailpoint/config.yaml"
    } else {
        Write-Debug $Script:Configuration["TokenUrl"]
        Write-Debug $Script:Configuration["ClientId"]
        Write-Debug $Script:Configuration["ClientSecret"]

        if ("" -eq $Script:Configuration['Token']){    
            $HttpValues = [System.Web.HttpUtility]::ParseQueryString([String]::Empty)
            $HttpValues.Add("grant_type","client_credentials")
            $HttpValues.Add("client_id", $Script:Configuration["ClientId"])
            $HttpValues.Add("client_secret",$Script:Configuration["ClientSecret"])
        
            # Build the request and load it with the query string.
            $UriBuilder = [System.UriBuilder]($Script:Configuration["TokenUrl"])
            $UriBuilder.Query = $HttpValues.ToString()
        
            Write-Debug $UriBuilder.Uri
        
            try {
                $Response = Invoke-WebRequest -Uri $UriBuilder.Uri `
                                              -Method "POST" `
                                              -ErrorAction Stop `
                                              -UseBasicParsing                

                if ($Response.statuscode -eq '200'){
                    $Data = ConvertFrom-Json $Response.Content
                    $Token = $Data.access_token
                    $TokenExpiration = (Get-Date).AddSeconds($Data.expires_in)
                    Set-DefaultConfiguration -Token $Token -TokenExpiration $TokenExpiration
                    return $Token
                } 

            } catch {
                return $null
                Write-Debug ("Exception occurred when calling Invoke-WebRequest: {0}" -f ($_.ErrorDetails | ConvertFrom-Json))
                Write-Debug ("Response headers: {0}" -f ($_.Exception.Response.Headers | ConvertTo-Json))
            }
        } else {
            if ($null -ne $Script:Configuration["TokenExpiration"]) {
                # Check Token Expiration
                $TokenExp = $Script:Configuration["TokenExpiration"]
                Write-Debug "Token Exp: $TokenExp"
                if ((Get-Date) -gt $Script:Configuration["TokenExpiration"]) {
                    Write-Debug "Token is expired, reset token and expiration"
                    $HttpValues = [System.Web.HttpUtility]::ParseQueryString([String]::Empty)
                    $HttpValues.Add("grant_type","client_credentials")
                    $HttpValues.Add("client_id", $Script:Configuration["ClientId"])
                    $HttpValues.Add("client_secret",$Script:Configuration["ClientSecret"])
                
                    # Build the request and load it with the query string.
                    $UriBuilder = [System.UriBuilder]($Script:Configuration["TokenUrl"])
                    $UriBuilder.Query = $HttpValues.ToString()
                
                    Write-Debug $UriBuilder.Uri
                
                    try {
                        $Response = Invoke-WebRequest -Uri $UriBuilder.Uri `
                                                      -Method "POST" `
                                                      -ErrorAction Stop `
                                                      -UseBasicParsing                
                    
                        if ($Response.statuscode -eq '200'){
                            $Data = ConvertFrom-Json $Response.Content
                            $Token = $Data.access_token
                            $TokenExpiration = (Get-Date).AddSeconds($Data.expires_in)
                            Set-DefaultConfiguration -Token $Token -TokenExpiration $TokenExpiration
                            return $Token
                        } 
                    
                    } catch {
                        return $null
                        Write-Debug ("Exception occurred when calling Invoke-WebRequest: {0}" -f ($_.ErrorDetails | ConvertFrom-Json))
                        Write-Debug ("Response headers: {0}" -f ($_.Exception.Response.Headers | ConvertTo-Json))
                    }
                } else {
                    Write-Debug "Token is valid"
                    return $Script:Configuration["Token"]
                }

            } else {
                return $Script:Configuration["Token"]
            }
        }
    }
}