vaultcredential.psm1
|
<#
.Synopsis Short description .DESCRIPTION Long description .EXAMPLE Example of how to use this cmdlet .EXAMPLE Another example of how to use this cmdlet #> function Get-VaultCredential { [CmdletBinding( # DefaultParameterSetName='List' )] [Alias()] [OutputType([System.Management.Automation.PSCredential],ParameterSetName='UserNameAndResource')] [OutputType([Windows.Security.Credentials.PasswordCredential],ParameterSetName=('List','Interactive'))] Param ( # Resource locator (URI) for the stored PasswordCredential object [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, Position=0, ParameterSetName='UserNameAndResource')] [Parameter(Mandatory=$false, ValueFromPipelineByPropertyName=$false, ParameterSetName='List')] [Parameter(Mandatory=$false, Position=0, ValueFromPipelineByPropertyName=$false, ParameterSetName='ListAllPasswords')] [Parameter(Mandatory=$false, ValueFromPipelineByPropertyName=$false, ParameterSetName='Interactive')] [string] $Resource, # Username for the stored PasswordCredential object [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, Position=1, ParameterSetName='UserNameAndResource')] [Parameter(Mandatory=$false, ValueFromPipelineByPropertyName=$false, ParameterSetName='List')] [Parameter(Mandatory=$false, ValueFromPipelineByPropertyName=$false, Position=1, ParameterSetName='ListAllPasswords')] [Parameter(Mandatory=$false, ValueFromPipelineByPropertyName=$false, ParameterSetName='Interactive')] [string] $Username, # Username for the stored PasswordCredential object [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$false, ParameterSetName='List')] [switch] $List, # To list passwords when more than one object is returned [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$false, ParameterSetName='ListAllPasswords')] [switch] $ListAllPasswords, # Force listing all passwords [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$false, ParameterSetName='ListAllPasswords')] [switch] $Force, # Display out-gridview to choose [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$false, ParameterSetName='Interactive')] [switch] $Interactive ) Begin { $( $vaultAssembly = [void][Windows.Security.Credentials.PasswordVault,Windows.Security.Credentials,ContentType=WindowsRuntime] $vaultAssembly | Out-Null $vault = New-Object Windows.Security.Credentials.PasswordVault ) | Out-Null #Write-Warning "Parameter set $($PsCmdlet.ParameterSetName)" } Process { switch ($PsCmdlet.ParameterSetName) { "UserNameAndResource" { $vaultcredential = $vault.Retrieve($resource,$username) $vaultPasswordSecureString = New-Object SecureString $vaultcredential.Password.GetEnumerator() | ForEach-Object { $vaultPasswordSecureString.AppendChar($_) } New-Object System.Management.Automation.PSCredential ($vaultcredential.UserName, $vaultPasswordSecureString) } "List" { $vault.RetrieveAll() | Where-Object { $_.username -like ($username -replace '^$','*') } | Where-Object { $_.resource -like ($resource -replace '^$','*') } | Select-Object -Property UserName,Resource #$vaultcredential #| Select-Object -Property UserName,Resource } "ListAllPasswords" { Write-Warning "Functionality not implemented" } "Interactive" { $vault.RetrieveAll() | Where-Object { $_.username -like ($username -replace '^$','*') } | Where-Object { $_.resource -like ($resource -replace '^$','*') } | Out-GridView -PassThru -Title "Choose credential(s) to return as credential objects" | ForEach-Object { Try { $vaultcredential = $vault.Retrieve($_.resource,$_.username) #$global:vc = $vaultcredential $vaultPasswordSecureString = New-Object SecureString $vaultcredential.Password.GetEnumerator() | ForEach-Object { $vaultPasswordSecureString.AppendChar($_) } New-Object System.Management.Automation.PSCredential ($vaultcredential.UserName, $vaultPasswordSecureString) } Catch { } Finally { $vaultcredential = $null } } } } } End { Remove-Variable -Name vault Remove-Variable -Name vaultAssembly } } <# .Synopsis Short description .DESCRIPTION Long description .EXAMPLE Example of how to use this cmdlet .EXAMPLE Another example of how to use this cmdlet #> function Add-VaultCredential { [CmdletBinding( DefaultParameterSetName='Credential' )] [Alias()] Param ( # Resource locator (URI) [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, Position=0)] [string] $resource, # Username for the stored PasswordCredential object [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, Position=1, ParameterSetName='UsernamePassword')] [string] $username, # Password for the stored PasswordCredential object [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, Position=2, ParameterSetName='UsernamePassword')] [System.Security.SecureString] $password, [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, Position=1, ParameterSetName='Credential')] [PSCredential] $credential ) Begin { $vaultAssembly = [void][Windows.Security.Credentials.PasswordVault,Windows.Security.Credentials,ContentType=WindowsRuntime] $vaultAssembly $vault = New-Object Windows.Security.Credentials.PasswordVault } Process { Switch ($PSCmdlet.ParameterSetName) { "UsernamePassword" { # test password for securestring If ($password.GetType().Name -eq "SecureString") { $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($credential.Password) $thispassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR) } } "Credential" { # convert to username and password $username = $credential.username $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($credential.Password) $thispassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR) } } $CredentialToAdd = New-Object Windows.Security.Credentials.PasswordCredential($resource, $username, $thispassword) $vault.Add($CredentialToAdd) } End { Remove-Variable -Name vault Remove-Variable -Name vaultAssembly } } <# .Synopsis Short description .DESCRIPTION Long description .EXAMPLE Example of how to use this cmdlet .EXAMPLE Another example of how to use this cmdlet #> function Remove-VaultCredential { [CmdletBinding( SupportsShouldProcess=$true, �� � ConfirmImpact="High" )] [Alias()] Param ( # Resource locator (URI) [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, Position=0)] [string] $Resource, # Username for the stored PasswordCredential object [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, Position=1)] [string] $Username ) Begin { $vaultAssembly = [void][Windows.Security.Credentials.PasswordVault,Windows.Security.Credentials,ContentType=WindowsRuntime] $vaultAssembly | Out-Null $vault = New-Object Windows.Security.Credentials.PasswordVault } Process { If ($pscmdlet.ShouldProcess("$resource : $username")) { $vault.Remove($resource,$username) } } End { Remove-Variable -Name vault Remove-Variable -Name vaultAssembly } } |