public/Remove-VPASAuthenticationMethod.ps1

<#
.Synopsis
   DELETE AUTHENTICATION METHOD
   CREATED BY: Vadim Melamed, EMAIL: vmelamed5@gmail.com
.DESCRIPTION
   USE THIS FUNCTION TO DELETE AUTHENTICATION METHOD INTO CYBERARK
.PARAMETER token
   HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc).
   If -token is not passed, function will use last known hashtable generated by New-VPASToken
.PARAMETER AuthMethodSearch
   Search string to find the target AuthenticationMethod
.PARAMETER AuthMethodID
   Unique ID that maps to the target AuthenticationMethod
   Supply AuthMethodID to skip any querying for target AuthenticationMethod
.PARAMETER WhatIf
   Run code simulation to see what is affected by running the command as well as any possible implications
   This is a code simulation flag, meaning the command will NOT actually run
.PARAMETER HideWhatIfOutput
   Suppress any code simulation output from the console
.EXAMPLE
   $WhatIfSimulation = Remove-VPASAuthenticationMethod -AuthMethodID {AUTH METHOD ID VALUE} -WhatIf
.EXAMPLE
   $DeleteAuthenticationMethodStatus = Remove-VPASAuthenticationMethod -AuthMethodID {AUTH METHOD ID VALUE}
.OUTPUTS
   $true if successful
   ---
   $false if failed
#>

function Remove-VPASAuthenticationMethod{
    [OutputType([bool],'System.Object')]
    [CmdletBinding()]
    Param(

        [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=0)]
        [String]$AuthMethodSearch,

        [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=1)]
        [String]$AuthMethodID,

        [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=2)]
        [hashtable]$token,

        [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=3)]
        [Switch]$WhatIf,

        [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=4)]
        [Switch]$HideWhatIfOutput
    )

    Begin{
        $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain = Get-VPASSession -token $token
        $CommandName = $MyInvocation.MyCommand.Name
        $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND
    }
    Process{
        Write-Verbose "SUCCESSFULLY PARSED PVWA VALUE"
        Write-Verbose "SUCCESSFULLY PARSED TOKEN VALUE"

        try{

            if([String]::IsNullOrEmpty($AuthMethodID)){
                Write-Verbose "NO AUTH METHOD ID PROVIDED...INVOKING HELPER FUNCTION TO RETRIEVE UNIQUE AUTH METHOD ID BASED ON SPECIFIED PARAMETERS"
                $AuthMethodID = Get-VPASAuthenticationMethodIDHelper -token $token -AuthenticationMethodSearch $AuthMethodSearch
                Write-Verbose "RETURNING AUTH METHOD ID"
            }
            else{
                Write-Verbose "AUTH METHOD ID SUPPLIED, SKIPPING HELPER FUNCTION"
            }

            if($NoSSL){
                Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS"
                $uri = "http://$PVWA/passwordvault/api/Configuration/AuthenticationMethods/$AuthMethodID/"
            }
            else{
                Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS"
                $uri = "https://$PVWA/passwordvault/api/Configuration/AuthenticationMethods/$AuthMethodID/"
            }
            $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI
            $log = Write-VPASTextRecorder -inputval "DELETE" -token $token -LogType METHOD

            if($WhatIf){
                $log = Write-VPASTextRecorder -token $token -LogType WHATIF1
                $WhatIfHash = @{}
                Write-Verbose "INITIATING COMMAND SIMULATION"

                $WhatIfInfo = Get-VPASAuthenticationMethods -token $token
                if(!$WhatIfInfo){
                    $log = Write-VPASTextRecorder -inputval "UNABLE TO QUERY AUTHENTICATION METHODS...RETURNING FALSE" -token $token -LogType MISC
                    $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
                    $log = Write-VPASTextRecorder -token $token -LogType WHATIF2
                    Write-Verbose "UNABLE TO QUERY AUTHENTICATION METHODS...RETURNING FALSE"
                    Write-VPASOutput "UNABLE TO QUERY AUTHENTICATION METHODS" -type E
                    return $false
                }
                foreach($WhatIfMethod in $WhatIfInfo.Methods){
                    $WhatIfID = $WhatIfMethod.id
                    $WhatIfDisplayName = $WhatIfMethod.displayName
                    $WhatIfEnabled = $WhatIfMethod.enabled
                    $WhatIfMobileEnabled = $WhatIfMethod.mobileEnabled
                    $WhatIfLogoffURL = $WhatIfMethod.logoffUrl
                    $WhatIfSecondFactorAuth = $WhatIfMethod.secondFactorAuth
                    $WhatIfSignInLabel = $WhatIfMethod.signInLabel
                    $WhatIfUsernameFieldLabel = $WhatIfMethod.usernameFieldLabel
                    $WhatIfPasswordFieldLabel = $WhatIfMethod.passwordFieldLabel

                    if($WhatIfID -eq $AuthMethodID){
                        if(!$HideWhatIfOutput){
                            Write-VPASOutput -str "====== BEGIN COMMAND SIMULATION ======" -type S
                            Write-VPASOutput -str "THE FOLLOWING AUTHENTICATION METHOD WOULD BE DELETED:" -type S
                            Write-VPASOutput -str "ID : $WhatIfID" -type S
                            Write-VPASOutput -str "DisplayName : $WhatIfDisplayName" -type S
                            Write-VPASOutput -str "Enabled : $WhatIfEnabled" -type S
                            Write-VPASOutput -str "MobileEnabled : $WhatIfMobileEnabled" -type S
                            Write-VPASOutput -str "LogoffURL : $WhatIfLogoffURL" -type S
                            Write-VPASOutput -str "SecondFactorAuth : $WhatIfSecondFactorAuth" -type S
                            Write-VPASOutput -str "SignInLabel : $WhatIfSignInLabel" -type S
                            Write-VPASOutput -str "UsernameFieldLabel : $WhatIfUsernameFieldLabel" -type S
                            Write-VPASOutput -str "PasswordFieldLabel : $WhatIfPasswordFieldLabel" -type S
                            Write-VPASOutput -str "---" -type S
                            Write-VPASOutput -str "URI : $uri" -type S
                            Write-VPASOutput -str "METHOD : DELETE" -type S
                            Write-VPASOutput -str " " -type S
                            Write-VPASOutput -str "======= END COMMAND SIMULATION =======" -type S
                        }

                        $WhatIfHash = @{
                            WhatIf = @{
                                ID = $WhatIfID
                                DisplayName = $WhatIfDisplayName
                                Enabled = $WhatIfEnabled
                                MobileEnabled = $WhatIfMobileEnabled
                                LogoffURL = $WhatIfLogoffURL
                                SecondFactorAuth = $WhatIfSecondFactorAuth
                                SignInLabel = $WhatIfSignInLabel
                                UsernameFieldLabel = $WhatIfUsernameFieldLabel
                                PasswordFieldLabel = $WhatIfPasswordFieldLabel
                                RestURI = $uri
                                RestMethod = "DELETE"
                                Disclaimer = "THIS AUTHENTICATION METHOD WILL BE DELETED IF -WhatIf FLAG IS REMOVED"
                            }
                        }
                        $WhatIfJSON = $WhatIfHash | ConvertTo-Json | ConvertFrom-Json
                        $log = Write-VPASTextRecorder -inputval $WhatIfJSON -token $token -LogType RETURNARRAY
                        $log = Write-VPASTextRecorder -token $token -LogType WHATIF2
                        return $WhatIfJSON
                    }
                }

                $log = Write-VPASTextRecorder -inputval "UNABLE TO FIND TARGET AUTHENTICATION METHOD ID...RETURNING FALSE" -token $token -LogType MISC
                $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
                $log = Write-VPASTextRecorder -token $token -LogType WHATIF2
                Write-Verbose "UNABLE TO FIND TARGET AUTHENTICATION METHOD ID...RETURNING FALSE"
                Write-VPASOutput "UNABLE TO FIND TARGET AUTHENTICATION METHOD ID" -type E
                return $false
            }
            else{
                write-verbose "MAKING API CALL TO CYBERARK"

                if($sessionval){
                    $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method DELETE -ContentType "application/json" -WebSession $sessionval
                }
                else{
                    $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method DELETE -ContentType "application/json"
                }
                $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: TRUE" -token $token -LogType MISC
                Write-Verbose "AUTHENTICATION METHOD ID HAS BEEN DELETED"
                Write-Verbose "RETURNING TRUE"
                return $true
            }
        }catch{
            $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR
            $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC
            Write-Verbose "UNABLE TO DELETE AUTHENTICATION METHOD ID"
            Write-VPASOutput -str $_ -type E
            return $false
        }
    }
    End{
        $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER
    }
}