public/VAddApplicationAuthentication.ps1

<#
.Synopsis
   ADD APPLICATION ID AUTHENTICATION METHOD
   CREATED BY: Vadim Melamed, EMAIL: vmelamed5@gmail.com
.DESCRIPTION
   USE THIS FUNCTION TO ADD AN AUTHENTICATION METHOD TO AN EXISTING APPLICATION ID
.EXAMPLE
   $AddApplicationAuthenticationStatus = VAddApplicationAuthentication -token {TOKEN VALUE} -AppID {APPID VALUE} -AuthType {AUTHTYPE VALUE} -AuthValue {AUTHVALUE VALUE}
.OUTPUTS
   $true if successful
   $false if failed
#>

function VAddApplicationAuthentication{
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=0)]
        [hashtable]$token,

        [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=1)]
        [String]$AppID,

        [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=2)]
        [ValidateSet('Path','Hash','OSUser','Address','Certificate')]
        [String]$AuthType,

        [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,Position=3)]
        [String]$AuthValue,
        
        [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=4)]
        [Switch]$IsFolder,

        [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=5)]
        [Switch]$AllowInternalScripts,

        [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=6)]
        [Switch]$NoSSL,

        [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=7)]
        [Switch]$HideWarnings

    )

    Write-Verbose "SUCCESSFULLY PARSED PVWA VALUE"
    Write-Verbose "SUCCESSFULLY PARSED TOKEN VALUE"
    Write-Verbose "SUCCESSFULLY PARSED APPID VALUE"
    Write-Verbose "SUCCESSFULLY PARSED AUTHTYPE VALUE"
    Write-Verbose "SUCCESSFULLY PARSED AUTHVALUE"

    $AuthTrigger = 0

    Write-Verbose "SETTING APPLICATION AUTHENTICATION TYPE"
    $authtypelower = $AuthType.ToLower()
    if($authtypelower -eq "path"){
        $AuthTrigger = 1
        Write-Verbose "APPLICATION AUTHENTICATION OF TYPE PATH WAS SELECTED"
    }
    elseif($authtypelower -eq "hash"){
        $AuthTrigger = 2
        Write-Verbose "APPLICATION AUTHENTICATION OF TYPE HASH WAS SELECTED"
    }
    elseif($authtypelower -eq "osuser"){
        $AuthTrigger = 3
        Write-Verbose "APPLICATION AUTHENTICATION OF TYPE OSUSER WAS SELECTED"
    }
    elseif($authtypelower -eq "address"){
        $AuthTrigger = 4
        Write-Verbose "APPLICATION AUTHENTICATION OF TYPE ADDRESS WAS SELECTED"
    }
    elseif($authtypelower -eq "certificate"){
        $AuthTrigger = 5
        Write-Verbose "APPLICATION AUTHENTICATION OF TYPE CERTIFICATE WAS SELECTED"
    }
  
    if($AuthTrigger -eq 1){
        if(!$IsFolder){
            if(!$HideWarnings){
                Vout -str "ISFOLDER NOT SPECIFIED, SETTING DEFAULT VALUE: FALSE" -type M
            }
            Write-Verbose "ISFOLDER NOT SPECIFIED, SETTING DEFAULT VALUE: FALSE"
            $isfolderflag = $false
        }
        elseif($IsFolder){
            Write-Verbose "ISFOLDER SPECIFIED, SETTING VALUE: TRUE"
            $isfolderflag = $true
        }

        if(!$AllowInternalScripts){
            Write-Verbose "ALLOWINTERNALSCRIPTS NOT SPECIFIED, SETTING DEFAULT VALUE: FALSE"
            if(!$HideWarnings){
                Vout -str "ALLOWINTERNALSCRIPTS NOT SPECIFIED, SETTING DEFAULT VALUE: FALSE" -type M
            }
            $allowinternalscriptsflag = $false
        }
        elseif($AllowInternalScripts){
            Write-Verbose "ALLOWINTERNALSCRIPTS SPECIFIED, SETTING VALUE: TRUE"
            $allowinternalscriptsflag = $true
        }
    
        Write-Verbose "SETTING PARAMETERS FOR API CALL"
        $params = @{
            authentication = @{
                AuthType = "path";
                AuthValue = $AuthValue;
                IsFolder = $isfolderflag;
                AllowInternalScripts = $allowinternalscriptsflag;
            }
        } | ConvertTo-Json
    }
    if($AuthTrigger -eq 2){
        Write-Verbose "SETTING PARAMETERS FOR API CALL"        
        $params = @{
            authentication = @{
                AuthType = "hash";
                AuthValue = $AuthValue;
                Comment = $comment
            }
        } | ConvertTo-Json
    }
    if($AuthTrigger -eq 3){
        Write-Verbose "SETTING PARAMETERS FOR API CALL"
        $params = @{
            authentication = @{
                AuthType = "osuser";
                AuthValue = $AuthValue;
            }
        } | ConvertTo-Json
    }
    if($AuthTrigger -eq 4){
        Write-Verbose "SETTING PARAMETERS FOR API CALL"
        $params = @{
            authentication = @{
                AuthType = "machineAddress";
                AuthValue = $AuthValue;
            }
        } | ConvertTo-Json
    }
    if($AuthTrigger -eq 5){
        Write-Verbose "SETTING PARAMETERS FOR API CALL"
        $params = @{
            authentication = @{
                AuthType = "certificateserialnumber";
                AuthValue = $AuthValue;
                Comment = $comment;
            }
        } | ConvertTo-Json
    }

    try{
        $tokenval = $token.token
        $sessionval = $token.session
        $PVWA = $token.pvwa
        $Header = $token.HeaderType
        $ISPSS = $token.ISPSS

        Write-Verbose "MAKING API CALL TO CYBERARK"
        
        if($NoSSL){
            Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
            $uri = "http://$PVWA/PasswordVault/WebServices/PIMServices.svc/Applications/$AppID/Authentications/"
        }
        else{
            Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
            $uri = "https://$PVWA/PasswordVault/WebServices/PIMServices.svc/Applications/$AppID/Authentications/"
        }

        if($sessionval){
            $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json" -WebSession $sessionval
        }
        else{
            $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json"  
        }
        Write-Verbose "PARSING DATA FROM CYBERARK"
        Write-Verbose "RETURNING JSON OBJECT"
        return $true
    }catch{
        Write-Verbose "UNABLE TO ADD APPLICATION AUTHENTICATION METHOD"
        Vout -str $_ -type E
        return $false
    }
}