PSSensu

0.0.1

Public/Get-SensuAccessToken.ps1

                                function Get-SensuAccessToken {

    <#

    .SYNOPSIS

       Get a Sensu access token

    .DESCRIPTION

       Get a Sensu access token, and update the $PSSensuConfig.Token used by most commands as a default value for -Token

    .EXAMPLE

        Set-SensuAccessToken

        # Use BaseUri and Credential values from Get-PSSensuConfig to generate a Sensu access token

    .EXAMPLE

        Set-SensuAccessToken -BaseUri $Uri -Credential $Credential

        # Generate a Sensu access token

    .EXAMPLE

        Set-SensuAccessToken -IfCheckFails

        # Generate a Sensu access token, _only_ if Get-PSSensuConfiguration token is not valid

    .EXAMPLE

        Set-SensuAccessToken -IfCheckFails -Token $Token

        # Generate a Sensu access token, _only_ if $Token is not valid

    .PARAMETER UpdateConfig

        Whether to update the configuration file on top of the live module values

        Defaults to $True

    .PARAMETER BaseUri

        BaseUri to build REST endpoint Uris from

    .PARAMETER Credential

        PSCredential to use for auth

        We default to the value specified by Set-PSSensuConfiguration (Initially, admin:P@ssw0rd!)

    .PARAMETER Token

        If IfCheckFails is specified, check validity of this token and only request a new token if this token is not valid

        Default:  Token from Get-PSSensuConfiguration

    .PARAMETER IfCheckFails

        If specified, only request a token if a specified -Token is not valid

    .FUNCTIONALITY

        Sensu

    #>

    [cmdletbinding()]

    param (

        [string]$BaseUri = $Script:PSSensuConfig.BaseUri,

        [ValidateNotNull()]

        [System.Management.Automation.Credential()]

        [PSCredential]$Credential = $Script:PSSensuConfig.Credential,

        [string]$Token = $Script:PSSensuConfig.Token,

        [bool]$UpdateConfig = $True,

        [switch]$IfCheckFails

    )

    # If specified, run an arbitrary check.  Ideally something like the 'health' endpoint, but I can't get that working

    if($IfCheckFails -and $PSBoundParameters.ContainsKey('Token')){

        $Uri = Join-Parts -Separator '/' -Parts $BaseUri, 'api/core/v2/users'

        try {

            $o = $null

            $o = Invoke-RestMethod -Uri $Uri -ContentType application/json -Headers @{Authorization = $Token} -ErrorAction SilentlyContinue

            if($o.username.where({$_}).count -gt 0){

                Write-Verbose "Token was valid, no action taken"

                return

            }

        }

        catch {

            if($_.Exception -like '*{"Code":5*' -or $_.Exception -like '*(401)*'){

                Write-Verbose "Token was invalid or expired, generating a new token"

            }

            else {

                Write-Verbose "Token validity could not be determined due to an error"

                Write-Error $_

            }

        }

    }

    $Uri = Join-Parts -Separator '/' -Parts $BaseUri, 'auth'

    $p = $Credential.GetNetworkCredential().Password

    $u = $Credential.UserName

    $Base64Cred = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $u,$p)))

    $o = $null

    $o = Invoke-RestMethod -Uri $Uri -ContentType application/json -Headers @{Authorization = "Basic $Base64Cred"}

    if($UpdateConfig){

        Set-PSSensuConfiguration -Token $o.access_token

    }

    $o.access_token

}