DSCResources/ROSSCommon/Src/Save-ROSSManagementPortalConfiguration.ps1
|
function Save-ROSSManagementPortalConfiguration { <# .SYNOPSIS Writes a RES ONE Identity Director Management Portal web configuration file. #> [CmdletBinding(SupportsShouldProcess, DefaultParameterSetName = 'WindowsAuthentication')] param ( ## Path to RES ONE Identity Director Management Portal web configuration file [Parameter(Mandatory, ValueFromPipeline)] [System.String] $Path, ## RES ONE Identity Director database server/instance name. [Parameter(Mandatory)] [System.String] $DatabaseServer, ## RES ONE Identity Director database name. [Parameter(Mandatory)] [System.String] $DatabaseName, ## RES ONE Identity Director database access credential. Leave blank to use Windows Authentication for database access. [Parameter()] [System.Management.Automation.PSCredential] $Credential, ## RES ONE Identity Broker server Uri. [Parameter(Mandatory, ParameterSetName = 'IdentityBroker')] [System.String] $IdentityBrokerUrl, ## RES ONE Identity Broker application Uri. [Parameter(Mandatory, ParameterSetName = 'IdentityBroker')] [System.String] $ApplicationUrl, ## RES ONE Identity Broker client Id. [Parameter(Mandatory, ParameterSetName = 'IdentityBroker')] [System.String] $ClientId, ## RES ONE Identity Broker client shared secret. [Parameter(Mandatory, ParameterSetName = 'IdentityBroker')] [System.Management.Automation.PSCredential] $ClientSecret, ## Controls REST API endpoint [Parameter()] [System.Boolean] $EnableApiEndpoint = $true ) $webConsoleConfigTemplate = @' <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <webConsoleConfiguration> <managementService port="0" protocol="http"> <#ManagementServicePlaceholder#> </managementService> <#AuthenticationPlaceholder#> <api enabled="<#ApiEndpointPlaceholder#>" /> </webConsoleConfiguration> '@ $webConsoleManagementServiceSqlAuthenticationTemplate = @' <database type="<#DatabaseType#>" server="<#DatabaseServer#>" name="<#DatabaseName#>" user="<#DatabaseUser#>" password="<#DatabasePassword#>" useWindowsAuthentication="false" /> '@ $webConsoleManagementServiceWindowsAuthenticationTemplate = @' <database type="<#DatabaseType#>" server="<#DatabaseServer#>" name="<#DatabaseName#>" useWindowsAuthentication="true" /> '@ $webConsoleSqlAuthenticationTemplate = @' <authentication type="IdentityBroker"> <identityBroker authority="<#ServerUrl#>" clientId="<#ClientId#>" clientSecret="<#ClientSecret#>" redirectUri="<#ApplicationUrl#>" /> </authentication> '@ $webConsoleWindowsAuthenticationTemplate = @' <authentication type="Windows" /> '@ if ($null -ne $Credential) { $managementService = $webConsoleManagementServiceSqlAuthenticationTemplate; $managementService = $managementService.Replace('<#DatabaseUser#>', $Credential.Username); $managementService = $managementService.Replace('<#DatabasePassword#>', $Credential.GetNetworkCredential().Password); } else { $managementService = $webConsoleManagementServiceWindowsAuthenticationTemplate; } $managementService = $managementService.Replace('<#DatabaseType#>', 'MSSQL'); $managementService = $managementService.Replace('<#DatabaseServer#>', $DatabaseServer); $managementService = $managementService.Replace('<#DatabaseName#>', $DatabaseName); $webConsoleConfig = $webConsoleConfigTemplate.Replace('<#ManagementServicePlaceholder#>', $managementService); if ($PSCmdlet.ParameterSetName -eq 'IdentityBroker') { $identityServer = $webConsoleSqlAuthenticationTemplate; $identityServer = $identityServer.Replace('<#ServerUrl#>', $IdentityBrokerUrl); $identityServer = $identityServer.Replace('<#ApplicationUrl#>', $ApplicationUrl); $identityServer = $identityServer.Replace('<#ClientId#>', $ClientId); $identityServer = $identityServer.Replace('<#ClientSecret#>', $ClientSecret.GetNetworkCredential().Password); $webConsoleConfig = $webConsoleConfig.Replace('<#AuthenticationPlaceholder#>', $identityServer); } else { $webConsoleConfig = $webConsoleConfig.Replace('<#AuthenticationPlaceholder#>', $webConsoleWindowsAuthenticationTemplate); } $webConsoleConfig = $webConsoleConfig.Replace('<#ApiEndpointPlaceholder#>', $EnableApiEndpoint.ToString().ToLower()); Set-Content -Value $webConsoleConfig -Path $Path -Encoding UTF8; } #end function |