functions/authentication/Initialize-TssSdkClient.ps1

function Initialize-TssSdkClient {
    <#
    .SYNOPSIS
    Initialize SDK Client for the module
 
    .DESCRIPTION
    Initialize SDK Client for the module to utilize token request using machine authentication via SDK Client Management feature in Secret Server (see notes section)
    See help for New-TssSession using the associated UseSdkClient/ConfigPath parameters
 
    .EXAMPLE
    Initialize-TssSdkClient -SecretServer 'http://alpha.local/SecretServer' -RuleName tss_module -ConfigPath $env:HOME
 
    On Ubuntu 20.04 client, initialize SDK Client saving the configuration files in the user's HOME path
 
    .EXAMPLE
    Initialize-TssSdkClient -SecretServer 'http://alpha.local/SecretServer' -RuleName tss_module -ConfigPath c:\thycotic -Force
 
    Initializes SDK Client saving the configuration files to c:\thycotic, with Force provided configuration will drop current configs (if exist) and recreate
 
    .LINK
    https://thycotic-ps.github.io/thycotic.secretserver/commands/authentication/Initialize-TssSdkClient
 
    .LINK
    https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/authentication/Initialize-TssSdkClient.ps1
 
    .NOTES
    Secret Server docs cover configuring Application Account and SDK Client rule
    https://docs.thycotic.com/ss/10.9.0/api-scripting/sdk-cli/index.md#task_1__configuring_secret_server
    #>

    [cmdletbinding()]
    param(
        # Secret Server
        [Parameter(Mandatory, ParameterSetName = 'init')]
        [string]
        $SecretServer,

        # SDK Client Management rule name
        [Parameter(Mandatory, ParameterSetName = 'init')]
        [string]
        $RuleName,

        # SDK Client Management rule onboarding key
        [Parameter(ParameterSetName = 'init')]
        [string]
        $OnboardingKey,

        # Config path for the key/config files, no folder names with spaces allowed
        [Parameter(Mandatory, ParameterSetName = 'init')]
        [ValidateScript( { Test-Path $_ -PathType Container })]
        [ValidateScript( { $_ -notmatch '\s' })]
        [string]
        $ConfigPath,

        # Overwrite configuration (drop and create a new)
        [switch]
        $Force
    )
    begin {
        $tssParams = $PSBoundParameters
        $tssExe = [IO.Path]::Combine($clientSdkPath, 'tss.exe')

        if ($IsLinux) {
            Write-Verbose 'SDK Client, tss utility, has some dependencies required on certain Linux distributions, more details: https://docs.thycotic.com/ss/10.9.0/api-scripting/sdk-cli#task_2__installing_the_sdk_client'
        }
    }
    process {
        Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)"

        if ($tssParams.ContainsKey('Force')) {
            $tssRemoveArgs = "remove --confirm --key-directory $ConfigPath --config-directory $ConfigPath"
            Write-Verbose "arguments for tss init: $tssRemoveArgs"
            try {
                $tssRmInfo = New-Object System.Diagnostics.ProcessStartInfo
                $tssRmInfo.FileName = $tssExe
                $tssRmInfo.Arguments = $tssRemoveArgs
                $tssRmInfo.RedirectStandardError = $true
                $tssRmInfo.RedirectStandardOutput = $true
                $tssRmInfo.UseShellExecute = $false
                $tssRmProcess = New-Object System.Diagnostics.Process
                $tssRmProcess.StartInfo = $tssRmInfo
                $tssRmProcess.Start() | Out-Null
                $tssRmProcess.WaitForExit()
                $tssRmOutput = $tssRmProcess.StandardOutput.ReadToEnd()
                $tssRmOutput += $tssRmProcess.StandardError.ReadToEnd()

                Write-Verbose "SDK Client raw output: $tssRmOutput"
                if ($tssRmOutput -match 'Your configuration settings have been removed.') {
                    Write-Verbose 'SDK Client configuration has been removed'
                } else {
                    Write-Waring "Issue removing configuration files for [$SecretServer]: $tssRmProcessOutput"
                    return
                }
            } catch {
                Write-Warning "Issue removing SDK Client (tss) config files for [$SecretServer]"
                $err = $_
                . $ErrorHandling $err
            }
        }

        $tssArgs = [ordered]@{}
        switch ($tssParams.Keys) {
            'SecretServer' { $tssArgs.SecretServer = "--url $SecretServer" }
            'RuleName' { $tssArgs.RuleName = "--rule-name $RuleName" }
            'OnboardingKey' { $tssArgs.OnboardingKey = "--onboarding-key $OnboardingKey" }
            'ConfigPath' { $tssArgs.ConfigDirectory = "--key-directory $ConfigPath --config-directory $ConfigPath" }
        }

        $tssInitArgs = "init $($tssArgs['SecretServer']) $($tssArgs['RuleName']) $($tssArgs['OnboardingKey']) $($tssArgs['ConfigDirectory'])"
        Write-Verbose "arguments for tss init: $tssInitArgs"
        try {
            $tssInitInfo = New-Object System.Diagnostics.ProcessStartInfo
            $tssInitInfo.FileName = $tssExe
            $tssInitInfo.Arguments = $tssInitArgs
            $tssInitInfo.RedirectStandardError = $true
            $tssInitInfo.RedirectStandardOutput = $true
            $tssInitInfo.UseShellExecute = $false
            $tssProcess = New-Object System.Diagnostics.Process
            $tssProcess.StartInfo = $tssInitInfo
            $tssProcess.Start() | Out-Null
            $tssProcess.WaitForExit()
            $tssInitOutput = $tssProcess.StandardOutput.ReadToEnd()
            $tssInitOutput += $tssProcess.StandardError.ReadToEnd()

            Write-Verbose "SDK Client raw output: $tssInitOutput"
            if ($tssInitOutput -eq 'Your SDK client account registration is complete.') {
                Write-Host 'SDK Client initialization completed successfully'
            }
            if ($tssInitOutput -match 'This machine is already initialized. Remove the configuration settings.') {
                Write-Warning 'Initialization has already been run for this host, include -Force parameter if you want to drop and reinitialize'
            }
        } catch {
            Write-Warning "Issue initializing SDK Client (tss) for [$SecretServer]"
            Write-Error $_
            $err = $_
            . $ErrorHandling $err
        }
    }
}