src/cmdlets/New-GraphApplicationCertificate.ps1
# Copyright 2019, Adam Edwards # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. . (import-script ../graphservice/ApplicationAPI) . (import-script ../common/GraphApplicationCertificate) . (import-script common/CommandContext) function New-GraphApplicationCertificate { [cmdletbinding(supportsshouldprocess=$true, confirmimpact='high', positionalbinding=$false)] param( [parameter(parametersetname='appId', position=0, mandatory=$true)] [Guid] $AppId, [parameter(parametersetname='appId', position=1)] [parameter(parametersetname='app')] [parameter(parametersetname='objectId')] [TimeSpan] $CertValidityTimeSpan, [DateTime] $CertValidityStart, [parameter(parametersetname='objectId', mandatory=$true)] [Guid] $ObjectId, [parameter(parametersetname='app', mandatory=$true)] $Application, $CertStoreLocation = 'cert:/currentuser/my', [PSCustomObject] $Connection = $null, [String] $Version = $null ) $targetApp = $Application $targetObjectId = $ObjectId $commandContext = new-so CommandContext $connection $version $null $null $::.ApplicationAPI.DefaultApplicationApiVersion $appAPI = new-so ApplicationAPI $commandContext.connection $commandContext.version $targetApp = if ( $Application ) { $Application } elseif( $AppId ) { $appAPI |=> GetApplicationByAppId $AppId } elseif ( $ObjectId) { $appAPI |=> GetApplicationByObjectId $ObjectId } if ( ! $pscmdlet.shouldprocess("Application id=$($targetApp.AppId)", 'DESTRUCTIVE overwrite of existing certificates due to current defects in the Graph API') ) { return } $certificate = new-so GraphApplicationCertificate $targetApp.AppId $ObjectId $targetApp.displayName $CertValidityTimeSpan $CertValidityStart $CertStoreLocation $certificate |=> Create try { $appAPI |=> AddKeyCredentials $targetApp $certificate | out-null } catch { $certificate.X509Certificate | rm throw } $newKeyCredential = $::.ApplicationHelper |=> QueryApplications $targetApp.AppId $null $null $null $null $null $null $null $null keyCredentials | select -expandproperty keyCredentials | where customkeyIdentifier -eq $certificate.X509Certificate.thumbprint $::.ApplicationHelper |=> KeyCredentialToDisplayableObject $newKeyCredential $targetapp.AppId } |