0.2 - Update 1

0.2 Update 1

CHANGELOG.md

@@ -12,6 +12,27 @@ All notable changes to this project will be documented in this file.
 ### Fixed
 - N/A
 
+## [0.2 - Update 1] - 2024-02-18
+
+### Added
+- N/A
+
+### Changed
+- `New-IDSession`
+  - Adds `Authorization` header with Bearer token to WebSession object.
+- `New-IDPlatformToken`
+  - Adds `Authorization` header with Bearer token to WebSession object.
+  - Updates values in script scope object in-line with the previous module update.
+- Internal Functions & Error Handling
+  - Adds additional logic to handle error messages from Identity and other ISPSS services.
+  - Adds `LastError` details to script scope variable object returned with `Get-IDSession`.
+  - Makes contentType matching less stringent to accommodate data returned from other ISPSS services.
+
+### Fixed
+- `New-IDPlatformToken`
+  - Updated `GetWebSession` method to utilise `Get-IDSession` in order to return the WebSession object from the module's script scope.
+
+
 ## [0.2] - 2024-02-13
 
 Updates the `Get-IDSession` command, which can be used to return data from the module scope:

IdentityCommand/IdentityCommand.psm1

@@ -54,6 +54,8 @@ $ISPSSSession = [ordered]@{
     LastCommand        = $null
     LastCommandTime    = $null
     LastCommandResults = $null
+    LastError          = $null
+    LastErrorTime      = $null
 } | Add-CustomType -Type IdCmd.Session
 
 New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force

IdentityCommand/Private/Get-IDResponse.ps1

@@ -45,7 +45,7 @@ function Get-IDResponse {
 			#handle content type
 			switch ($ContentType) {
 
-				'text/html; charset=utf-8' {
+				{ $PSItem -match 'text/html' } {
 
 					If ($IDResponse -match '<HTML>') {
 
@@ -78,12 +78,11 @@ function Get-IDResponse {
 
 				}
 
-				'application/json; charset=utf-8' {
+				{ $PSItem -match 'application/json' } {
 
 					#application/json content expected
 					#Create Return Object from Returned JSON
 					$IDResponse = ConvertFrom-Json -InputObject $APIResponse.Content
-					Set-Variable -Name idresponse -Value $IDResponse -Scope global
 
 					switch ($IDResponse) {
 

IdentityCommand/Private/Invoke-IDRestMethod.ps1

@@ -199,18 +199,40 @@
 
 			If ($null -ne $($PSItem)) {
 
+				$ISPSSSession.LastError = $PSItem
+				$ISPSSSession.LastErrorTime = Get-Date
+
+				$ErrorID = $PSItem | Select-Object -ExpandProperty FullyQualifiedErrorId
+
 				try {
 
-					$ErrorMessage = $PSItem.Exception | Select-Object -ExpandProperty Message
-					$ErrorID = $PSItem | Select-Object -ExpandProperty FullyQualifiedErrorId
+					$ErrorDetails = $PSItem.ErrorDetails | ConvertFrom-Json -ErrorAction Stop
+					$validJson = $true
 
 				} catch {
-					#catch all
 
+					$validJson = $false
 					$ErrorMessage = $null
-					$ErrorID = $null
 
 				} finally {
+
+					if ($validJson) {
+
+						$ErrorMessage = $ErrorDetails | Select-Object -ExpandProperty Message
+						If ($null -ne $ErrorDetails.Description) {
+							$ErrorDescription = $ErrorDetails | Select-Object -ExpandProperty Description
+							$ErrorMessage = "$ErrorMessage. $ErrorDescription"
+						}
+						If ($null -ne $ErrorDetails.code) {
+							$ErrorID, $ErrorDetails.code -join ','
+						}
+
+					} else {
+
+						ErrorMessage = $PSItem.ErrorDetails
+
+					}
+
 					#throw the error
 					$PSCmdlet.ThrowTerminatingError(
 

IdentityCommand/Public/New-IDPlatformToken.ps1

@@ -63,7 +63,7 @@ Function New-IDPlatformToken {
                 #Add GetWebSession ScriptMethod
                 $result | Add-Member -MemberType ScriptMethod -Name GetWebSession -Value {
 
-                    Get-IDSession | Select-Object -ExpandProperty WebSession
+                        (Get-IDSession).WebSession
 
                 } -Force
 
@@ -74,6 +74,11 @@ Function New-IDPlatformToken {
 
                 } -Force
 
+                #Record authenticated User name, Session Start Time & add Authorization header
+                $ISPSSSession.User = $Credential.Username
+                $ISPSSSession.StartTime = Get-Date
+                $ISPSSSession.WebSession.Headers.Add('Authorization', "$($result.token_type) $($result.access_token)")
+
                 #Return the result
                 $result
 

IdentityCommand/Public/New-IDSession.ps1

@@ -162,9 +162,10 @@ Function New-IDSession {
 
                     } -Force
 
-                    #Record authenticated User name & Session Start Time
+                    #Record authenticated User name, Session Start Time & add Authorization header
                     $ISPSSSession.User = $result.User
                     $ISPSSSession.StartTime = Get-Date
+                    $ISPSSSession.WebSession.Headers.Add('Authorization', "Bearer $($result.Token)")
 
                     #Return the result
                     $result

Tests/Get-IDTenantConfiguration.Tests.ps1

@@ -35,6 +35,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
                 LastCommand        = $null
                 LastCommandTime    = $null
                 LastCommandResults = $null
+                LastError          = $null
+                LastErrorTime      = $null
             }
             New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
 

Tests/Get-IDUser.Tests.ps1

@@ -36,6 +36,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
                 LastCommand        = $null
                 LastCommandTime    = $null
                 LastCommandResults = $null
+                LastError          = $null
+                LastErrorTime      = $null
             }
             New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
         }

Tests/Get-IDUserIdentifier.Tests.ps1

@@ -36,6 +36,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
                 LastCommand        = $null
                 LastCommandTime    = $null
                 LastCommandResults = $null
+                LastError          = $null
+                LastErrorTime      = $null
             }
             New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
 

Tests/Get-IDUserRole.Tests.ps1

@@ -38,6 +38,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
                     LastCommand        = $null
                     LastCommandTime    = $null
                     LastCommandResults = $null
+                    LastError          = $null
+                    LastErrorTime      = $null
                 }
                 New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
                 $response = Get-IDUserRole -ID 1234 -Limit 1 -SortBy String

Tests/Get-ParentFunction.Tests.ps1

@@ -30,6 +30,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 			LastCommand        = $null
 			LastCommandTime    = $null
 			LastCommandResults = $null
+			LastError          = $null
+			LastErrorTime      = $null
 		}
 
 		New-Variable -Name psPASSession -Value $psPASSession -Scope Script -Force

Tests/Get-SessionClone.Tests.ps1

@@ -60,6 +60,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
                     LastCommand        = (Get-Variable MyInvocation).Value
                     LastCommandTime    = (Get-Date).AddMinutes(-1)
                     LastCommandResults = @{'TestProperty' = 'TestValue' }
+                    LastError          = $null
+                    LastErrorTime      = $null
                 }
 
                 New-Variable -Name object -Value $psPASSession -Scope Script -Force
@@ -73,7 +75,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
             }
             It 'produces expected output properties' {
 
-                $script:Clone.keys | Should -HaveCount 9
+                $script:Clone.keys | Should -HaveCount 11
 
             }
 

Tests/Invoke-IDRestMethod.Tests.ps1

@@ -173,10 +173,12 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 					LastCommand        = $null
 					LastCommandTime    = $null
 					LastCommandResults = $null
+					LastError          = $null
+					LastErrorTime      = $null
 				}
 				New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
 				If ($IsCoreCLR) {
-					$errorDetails = $([pscustomobject]@{'ErrorCode' = 'URA999'; 'ErrorMessage' = 'Some Error Message' } | ConvertTo-Json)
+					$errorDetails = $([pscustomobject]@{'ErrorCode' = 'URA999'; 'Message' = 'Some Error Message' } | ConvertTo-Json)
 					$statusCode = 400
 					$response = New-Object System.Net.Http.HttpResponseMessage $statusCode
 					$exception = New-Object Microsoft.PowerShell.Commands.HttpResponseException "$statusCode ($($response.ReasonPhrase))", $response
@@ -229,8 +231,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 
 			It 'reports inner error messages' {
 				If ($IsCoreCLR) {
-					$Details = [pscustomobject]@{'ErrorCode' = 'URA666'; 'ErrorMessage' = 'Some Inner Error' }
-					$errorDetails = $([pscustomobject]@{'ErrorCode' = 'URA999'; 'ErrorMessage' = 'Some Error Message' ; 'Details' = $Details } | ConvertTo-Json)
+					$Details = [pscustomobject]@{'ErrorCode' = 'URA666'; 'Message' = 'Some Inner Error' }
+					$errorDetails = $([pscustomobject]@{'ErrorCode' = 'URA999'; 'Message' = 'Some Error Message' ; 'Details' = $Details } | ConvertTo-Json)
 					$errorRecord = New-Object Management.Automation.ErrorRecord $exception, $errorID, $errorCategory, $targetObject
 					$errorRecord.ErrorDetails = $errorDetails
 					Mock Invoke-WebRequest { Throw $errorRecord }

Tests/Invoke-IDSqlcmd.Tests.ps1

@@ -36,6 +36,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
                 LastCommand        = $null
                 LastCommandTime    = $null
                 LastCommandResults = $null
+                LastError          = $null
+                LastErrorTime      = $null
             }
             New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
         }

Tests/Lock-IDUser.Tests.ps1

@@ -38,6 +38,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
                     LastCommand        = $null
                     LastCommandTime    = $null
                     LastCommandResults = $null
+                    LastError          = $null
+                    LastErrorTime      = $null
                 }
                 New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
                 $response = Lock-IDUser -user 1234

Tests/New-IDPlatformToken.Tests.ps1

@@ -23,34 +23,36 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 
     InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) {
 
-        BeforeEach {
-
-            $ISPSSSession = [ordered]@{
-                tenant_url         = $null
-                User               = $null
-                TenantId           = $null
-                SessionId          = $null
-                WebSession         = $null
-                StartTime          = $null
-                ElapsedTime        = $null
-                LastCommand        = $null
-                LastCommandTime    = $null
-                LastCommandResults = $null
-            }
-            New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
-            Mock Invoke-IDRestMethod -MockWith {
-                [pscustomobject]@{
-                    token_type   = 'SomeTokenType'
-                    expires_in   = 'SomeValue'
-                    access_token = 'SomeAccessToken'
-                }
-            }
+        Context 'General' {
 
-            $Cred = New-Object System.Management.Automation.PSCredential ('SomeUser', $(ConvertTo-SecureString 'SomePassword' -AsPlainText -Force))
+            BeforeEach {
+                $ISPSSSession = [ordered]@{
+                    tenant_url         = $null
+                    User               = $null
+                    TenantId           = $null
+                    SessionId          = $null
+                    WebSession         = $null
+                    StartTime          = $null
+                    ElapsedTime        = $null
+                    LastCommand        = $null
+                    LastCommandTime    = $null
+                    LastCommandResults = $null
+                    LastError          = $null
+                    LastErrorTime      = $null
+                }
+                New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
+                Mock Invoke-IDRestMethod -MockWith {
+                    $ISPSSSession.WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession
+                    [pscustomobject]@{
+                        token_type   = 'SomeTokenType'
+                        expires_in   = 'SomeValue'
+                        access_token = 'SomeAccessToken'
+                    }
+                }
 
-        }
+                $Cred = New-Object System.Management.Automation.PSCredential ('SomeUser', $(ConvertTo-SecureString 'SomePassword' -AsPlainText -Force))
 
-        Context 'General' {
+            }
 
             It 'sets expected tenant_url with no trailing slash as script scope variable' {
                 New-IDPlatformToken -tenant_url https://sometenant.id.cyberark.cloud/ -Credential $Cred

Tests/New-IDSession.Tests.ps1

@@ -35,6 +35,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
                 LastCommand        = $null
                 LastCommandTime    = $null
                 LastCommandResults = $null
+                LastError          = $null
+                LastErrorTime      = $null
             }
             New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
             Mock Start-Authentication -MockWith {
@@ -214,6 +216,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
 
             BeforeEach {
                 Mock Start-AdvanceAuthentication -MockWith {
+                    $ISPSSSession.WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession
                     [pscustomobject]@{
                         Summary = 'LoginSuccess'
                     }

Tests/Start-AdvanceAuthentication.Tests.ps1

@@ -36,6 +36,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
                 LastCommand        = $null
                 LastCommandTime    = $null
                 LastCommandResults = $null
+                LastError          = $null
+                LastErrorTime      = $null
             }
             New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
             $Mechanism = [pscustomobject]@{

Tests/Start-Authentication.Tests.ps1

@@ -36,6 +36,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
                 LastCommand        = $null
                 LastCommandTime    = $null
                 LastCommandResults = $null
+                LastError          = $null
+                LastErrorTime      = $null
             }
             New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
             $LogonRequest = @{ }

Tests/Start-SamlAuthentication.Tests.ps1

@@ -37,6 +37,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
                 LastCommand        = $null
                 LastCommandTime    = $null
                 LastCommandResults = $null
+                LastError          = $null
+                LastErrorTime      = $null
             }
             New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
             $LogonRequest = @{ }

Tests/Suspend-IDUserMFA.Tests.ps1

@@ -38,6 +38,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
                     LastCommand        = $null
                     LastCommandTime    = $null
                     LastCommandResults = $null
+                    LastError          = $null
+                    LastErrorTime      = $null
                 }
                 New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
                 $response = Suspend-IDUserMFA -ID 1234

Tests/Test-IDUserCloudLock.Tests.ps1

@@ -38,6 +38,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
                     LastCommand        = $null
                     LastCommandTime    = $null
                     LastCommandResults = $null
+                    LastError          = $null
+                    LastErrorTime      = $null
                 }
                 New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
                 $response = Test-IDUserCloudLock -user 1234

Tests/Unlock-IDUser.Tests.ps1

@@ -38,6 +38,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') {
                     LastCommand        = $null
                     LastCommandTime    = $null
                     LastCommandResults = $null
+                    LastError          = $null
+                    LastErrorTime      = $null
                 }
                 New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force
                 $response = Unlock-IDUser -user 1234