public/Get-VPASIdentityCurrentUserSecurityQuestions.ps1
<#
.Synopsis GET SECURITY QUESTIONS FOR CURRENT USER IN IDENTITY CREATED BY: Vadim Melamed, EMAIL: vmelamed5@gmail.com .DESCRIPTION USE THIS FUNCTION TO RETRIEVE THE SECURITY QUESTIONS SET FOR THE CURRENT USER IN IDENTITY .PARAMETER token HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc). If -token is not passed, function will use last known hashtable generated by New-VPASToken .EXAMPLE $CurrentSecurityQuestions = Get-VPASIdentityCurrentUserSecurityQuestions .OUTPUTS If successful: { "AnswerMinLength": 3, "MaxQuestions": 20, "MinAdminQuestions": 0, "AdminQuestions": [ { "Uuid": "a_djkasljd74892-1234-5678-abcd-klajsd374892", "Culture": "all", "Question": "What is your favorite color?" }, { "Uuid": "a_djkasljd74892-1234-5678-abcd-18790kejhdkq", "Culture": "all", "Question": "What was your first car?" }, { "Uuid": "a_djkasljd74892-1234-5678-abcd-lkj098kjh", "Culture": "all", "Question": "What is the name of your elementary school?" } ], "MinUserQuestions": 1, "Questions": [ { "Uuid": "u_djkasljd74892-1234-5678-abcd-456dfg456hj", "QuestionText": "Who is your favorite superhero?" } ] } --- $false if failed #> function Get-VPASIdentityCurrentUserSecurityQuestions{ [OutputType('System.Object',[bool])] [CmdletBinding()] Param( [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=0)] [hashtable]$token ) Begin{ $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain = Get-VPASSession -token $token $CommandName = $MyInvocation.MyCommand.Name $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND } Process{ Write-Verbose "SUCCESSFULLY PARSED PVWA VALUE" Write-Verbose "SUCCESSFULLY PARSED TOKEN VALUE" try{ if(!$IdentityURL){ $log = Write-VPASTextRecorder -inputval "LOGIN TOKEN WAS NOT GENERATED THROUGH IDENTITY" -token $token -LogType MISC $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-VPASOutput -str "LOGIN TOKEN WAS NOT GENERATED THROUGH IDENTITY, TERMINATING API CALL" -type E return $false } if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$IdentityURL/UserMgmt/GetSecurityQuestions" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$IdentityURL/UserMgmt/GetSecurityQuestions?addAdminQuestions=true" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } $outputlog = $response.Result $outputQuestions = @() foreach($rec in $outputlog.Questions){ $minihash = @{ Uuid = $rec.Uuid QuestionText = $rec.QuestionText } $outputQuestions += $minihash } $outputAdminQuestions = @() foreach($rec in $outputlog.AdminQuestions){ $minihash = @{ Uuid = $rec.Uuid QuestionText = $rec.QuestionText } $outputAdminQuestions += $minihash } $outputhash = @{ AnswerMinLength = $outputlog.AnswerMinLength MaxQuestions = $outputlog.MaxQuestions MinAdminQuestions = $outputlog.MinAdminQuestions MinUserQuestions = $outputlog.MinUserQuestions } $outputcomplete = @{ Value = $outputhash Questions = $outputQuestions AdminQuestions = $outputAdminQuestions } | ConvertTo-Json | ConvertFrom-Json $log = Write-VPASTextRecorder -inputval $outputcomplete -token $token -LogType RETURNARRAY return $response.Result }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "FAILED TO GET CURRENT USER DETAILS" Write-VPASOutput -str $_ -type E return $false } } End{ $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER } } |