Public/Connection.ps1
# # Copyright 2018, Alexis La Goutte <alexis dot lagoutte at gmail dot com> # # SPDX-License-Identifier: Apache-2.0 # function Connect-ArubaIAP { <# .SYNOPSIS Connect to a Aruba Instant Access Point .DESCRIPTION Connect to a Aruba Instant Access Point .EXAMPLE Connect-ArubaIAP -Server 192.0.2.1 Connect to a Aruba Instant Access Point with IP 192.0.2.1 using (Get-)credential .EXAMPLE Connect-ArubaIAP -Server 192.0.2.1 -iap_ip_addr 192.0.2.2 Connect to a Aruba Instant Access Point with IP 192.0.2.1 and IAP IP (query AP) 192.0.2.2 using (Get-)credential .EXAMPLE Connect-ArubaIAP -Server 192.0.2.1 -SkipCertificateCheck Connect to an Aruba Instant Access Point using HTTPS (without check certificate validation) with IP 192.0.2.1 using (Get-)credential .EXAMPLE Connect-ArubaIAP -Server 192.0.2.1 -port 4443 Connect to an Aruba Instant Access Point with port 4443 with IP 192.0.2.1 using (Get-)credential .EXAMPLE $cred = get-credential PS C:\>Connect-ArubaIAP -Server 192.0.2.1 -credential $cred Connect to a Aruba Instant Access Point with IP 192.0.2.1 and passing (Get-)credential .EXAMPLE $mysecpassword = ConvertTo-SecureString aruba -AsPlainText -Force PS C:\>Connect-ArubaIAP -Server 192.0.2.1 -Username admin -Password $mysecpassword Connect to a Aruba Instant Access Point with IP 192.0.2.1 using Username and Password #> Param( [Parameter(Mandatory = $true, position = 1)] [String]$Server, [Parameter(Mandatory = $false)] [String]$Username, [Parameter(Mandatory = $false)] [SecureString]$Password, [Parameter(Mandatory = $false)] [PSCredential]$Credentials, [Parameter (Mandatory = $false)] [ipaddress]$iap_ip_addr, [Parameter(Mandatory = $false)] [switch]$SkipCertificateCheck = $false, [Parameter(Mandatory = $false)] [ValidateRange(1, 65535)] [int]$port = 4343 ) Begin { } Process { $connection = @{server = ""; session = ""; invokeParams = ""; sid = ""; iap_ip_addr = ""; port = $port } $invokeParams = @{DisableKeepAlive = $false; UseBasicParsing = $true; SkipCertificateCheck = $SkipCertificateCheck } #If there is a password (and a user), create a credentials if ($Password) { $Credentials = New-Object System.Management.Automation.PSCredential($Username, $Password) } #Not Credentials (and no password) if ($null -eq $Credentials) { $Credentials = Get-Credential -Message 'Please enter administrative credentials for your ArubaIAP Instant Access Point' } if ("Desktop" -eq $PSVersionTable.PsEdition) { #Remove -SkipCertificateCheck from Invoke Parameter (not supported <= PS 5) $invokeParams.remove("SkipCertificateCheck") #Enable UseUnsafeParsingHeader for fix protocol violation when use PS5 (See Bug #2) Set-UseUnsafeHeaderParsing -Enable } else { #Core Edition #Remove -UseBasicParsing (Enable by default with PowerShell 6/Core) $invokeParams.remove("UseBasicParsing") } #for PowerShell (<=) 5 (Desktop), Enable TLS 1.1, 1.2 and Disable SSL chain trust (needed/recommanded by ArubaIAP) if ("Desktop" -eq $PSVersionTable.PsEdition) { #Enable TLS 1.1 and 1.2 Set-ArubaIAPCipherSSL if ($SkipCertificateCheck) { #Disable SSL chain trust... Set-ArubaIAPuntrustedSSL } } $postParams = @{user = $Credentials.username; passwd = $Credentials.GetNetworkCredential().Password } $url = "https://${Server}:${port}/rest/login" $headers = @{ Accept = "application/json"; "Content-type" = "application/json" } try { $response = Invoke-RestMethod $url -Method POST -Body ($postParams | ConvertTo-Json) -SessionVariable arubaiap -headers $headers @invokeParams } catch { Show-ArubaIAPException $_ throw "Unable to connect" } if ($response.Status -ne "Success" -or $null -eq $response.sid) { $errormsg = $response."Error Message" throw "Unable to connect ($errormsg)" } $connection.server = $server $connection.session = $arubaiap $connection.invokeParams = $invokeParams $connection.sid = $response.sid if ($iap_ip_addr) { $connection.iap_ip_addr = $iap_ip_addr } else { $connection.iap_ip_addr = $server } set-variable -name DefaultArubaIAPConnection -value $connection -scope Global $connection } End { } } function Set-ArubaIAPConnection { <# .SYNOPSIS Configure Aruba IAP connection Setting .DESCRIPTION Configure Aruba IAP connection Setting (IAP IP Address...) .EXAMPLE Set-ArubaIAPConnection -iap_ip_addr 192.0.2.2 Configure IAP IP Address to 192.0.2.2 .EXAMPLE Set-ArubaIAPConnection -iap_ip_addr $null Restore IAP IP Addr configuration to default (by default IP Server) #> [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'Low')] Param( [Parameter(Mandatory = $false)] [ipaddress]$iap_ip_addr ) Begin { } Process { if ($PSCmdlet.ShouldProcess($connection.server, 'Set default iap_ip_addr on connection')) { if ( $PsBoundParameters.ContainsKey('iap_ip_addr') ) { if ($null -eq $iap_ip_addr) { $DefaultArubaIAPConnection.iap_ip_addr = $DefaultArubaIAPConnection.server } else { $DefaultArubaIAPConnection.iap_ip_addr = $iap_ip_addr } } } } End { } } function Disconnect-ArubaIAP { <# .SYNOPSIS Disconnect to a ArubaIAP Instant Access Point .DESCRIPTION Disconnect the connection on ArubaIAP Instant Access Point .EXAMPLE Disconnect-ArubaIAP Disconnect the connection .EXAMPLE Disconnect-ArubaIAP -confirm:$false Disconnect the connection with no confirmation #> [CmdletBinding(SupportsShouldProcess, ConfirmImpact = 'High')] Param( ) Begin { } Process { $url = "rest/logout" if ($PSCmdlet.ShouldProcess($DefaultArubaIAPConnection.server, 'Proceed with removal of Aruba Instant Access Point connection ?')) { Invoke-ArubaIAPRestMethod -method "Get" -uri $url | Out-Null if ("Desktop" -eq $PSVersionTable.PsEdition) { #Disable UseUnsafeParsingHeader (See Bug #2) Set-UseUnsafeHeaderParsing -Disable } if (Get-Variable -Name DefaultArubaIAPConnection -scope global) { Remove-Variable -name DefaultArubaIAPConnection -scope global } } } End { } } |