diff --git a/CHANGELOG.md b/CHANGELOG.md index ad4f6a0..7a242a5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,27 @@ All notable changes to this project will be documented in this file. ### Fixed - N/A +## [0.2 - Update 1] - 2024-02-18 + +### Added +- N/A + +### Changed +- `New-IDSession` + - Adds `Authorization` header with Bearer token to WebSession object. +- `New-IDPlatformToken` + - Adds `Authorization` header with Bearer token to WebSession object. + - Updates values in script scope object in-line with the previous module update. +- Internal Functions & Error Handling + - Adds additional logic to handle error messages from Identity and other ISPSS services. + - Adds `LastError` details to script scope variable object returned with `Get-IDSession`. + - Makes contentType matching less stringent to accommodate data returned from other ISPSS services. + +### Fixed +- `New-IDPlatformToken` + - Updated `GetWebSession` method to utilise `Get-IDSession` in order to return the WebSession object from the module's script scope. + + ## [0.2] - 2024-02-13 Updates the `Get-IDSession` command, which can be used to return data from the module scope: diff --git a/IdentityCommand/IdentityCommand.psm1 b/IdentityCommand/IdentityCommand.psm1 index 9d5b70e..d5006e4 100644 --- a/IdentityCommand/IdentityCommand.psm1 +++ b/IdentityCommand/IdentityCommand.psm1 @@ -54,6 +54,8 @@ $ISPSSSession = [ordered]@{ LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } | Add-CustomType -Type IdCmd.Session New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force \ No newline at end of file diff --git a/IdentityCommand/Private/Get-IDResponse.ps1 b/IdentityCommand/Private/Get-IDResponse.ps1 index 2f5d20f..3f85ae3 100644 --- a/IdentityCommand/Private/Get-IDResponse.ps1 +++ b/IdentityCommand/Private/Get-IDResponse.ps1 @@ -45,7 +45,7 @@ function Get-IDResponse { #handle content type switch ($ContentType) { - 'text/html; charset=utf-8' { + { $PSItem -match 'text/html' } { If ($IDResponse -match '') { @@ -78,12 +78,11 @@ function Get-IDResponse { } - 'application/json; charset=utf-8' { + { $PSItem -match 'application/json' } { #application/json content expected #Create Return Object from Returned JSON $IDResponse = ConvertFrom-Json -InputObject $APIResponse.Content - Set-Variable -Name idresponse -Value $IDResponse -Scope global switch ($IDResponse) { diff --git a/IdentityCommand/Private/Invoke-IDRestMethod.ps1 b/IdentityCommand/Private/Invoke-IDRestMethod.ps1 index a339389..ce8ced5 100644 --- a/IdentityCommand/Private/Invoke-IDRestMethod.ps1 +++ b/IdentityCommand/Private/Invoke-IDRestMethod.ps1 @@ -199,18 +199,40 @@ If ($null -ne $($PSItem)) { + $ISPSSSession.LastError = $PSItem + $ISPSSSession.LastErrorTime = Get-Date + + $ErrorID = $PSItem | Select-Object -ExpandProperty FullyQualifiedErrorId + try { - $ErrorMessage = $PSItem.Exception | Select-Object -ExpandProperty Message - $ErrorID = $PSItem | Select-Object -ExpandProperty FullyQualifiedErrorId + $ErrorDetails = $PSItem.ErrorDetails | ConvertFrom-Json -ErrorAction Stop + $validJson = $true } catch { - #catch all + $validJson = $false $ErrorMessage = $null - $ErrorID = $null } finally { + + if ($validJson) { + + $ErrorMessage = $ErrorDetails | Select-Object -ExpandProperty Message + If ($null -ne $ErrorDetails.Description) { + $ErrorDescription = $ErrorDetails | Select-Object -ExpandProperty Description + $ErrorMessage = "$ErrorMessage. $ErrorDescription" + } + If ($null -ne $ErrorDetails.code) { + $ErrorID, $ErrorDetails.code -join ',' + } + + } else { + + ErrorMessage = $PSItem.ErrorDetails + + } + #throw the error $PSCmdlet.ThrowTerminatingError( diff --git a/IdentityCommand/Public/New-IDPlatformToken.ps1 b/IdentityCommand/Public/New-IDPlatformToken.ps1 index 211fbe4..5685428 100644 --- a/IdentityCommand/Public/New-IDPlatformToken.ps1 +++ b/IdentityCommand/Public/New-IDPlatformToken.ps1 @@ -63,7 +63,7 @@ Function New-IDPlatformToken { #Add GetWebSession ScriptMethod $result | Add-Member -MemberType ScriptMethod -Name GetWebSession -Value { - Get-IDSession | Select-Object -ExpandProperty WebSession + (Get-IDSession).WebSession } -Force @@ -74,6 +74,11 @@ Function New-IDPlatformToken { } -Force + #Record authenticated User name, Session Start Time & add Authorization header + $ISPSSSession.User = $Credential.Username + $ISPSSSession.StartTime = Get-Date + $ISPSSSession.WebSession.Headers.Add('Authorization', "$($result.token_type) $($result.access_token)") + #Return the result $result diff --git a/IdentityCommand/Public/New-IDSession.ps1 b/IdentityCommand/Public/New-IDSession.ps1 index 6e50976..7dea665 100644 --- a/IdentityCommand/Public/New-IDSession.ps1 +++ b/IdentityCommand/Public/New-IDSession.ps1 @@ -162,9 +162,10 @@ Function New-IDSession { } -Force - #Record authenticated User name & Session Start Time + #Record authenticated User name, Session Start Time & add Authorization header $ISPSSSession.User = $result.User $ISPSSSession.StartTime = Get-Date + $ISPSSSession.WebSession.Headers.Add('Authorization', "Bearer $($result.Token)") #Return the result $result diff --git a/Tests/Get-IDTenantConfiguration.Tests.ps1 b/Tests/Get-IDTenantConfiguration.Tests.ps1 index 4553eba..9ddbe75 100644 --- a/Tests/Get-IDTenantConfiguration.Tests.ps1 +++ b/Tests/Get-IDTenantConfiguration.Tests.ps1 @@ -35,6 +35,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force diff --git a/Tests/Get-IDUser.Tests.ps1 b/Tests/Get-IDUser.Tests.ps1 index c2502d8..0b7d907 100644 --- a/Tests/Get-IDUser.Tests.ps1 +++ b/Tests/Get-IDUser.Tests.ps1 @@ -36,6 +36,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force } diff --git a/Tests/Get-IDUserIdentifier.Tests.ps1 b/Tests/Get-IDUserIdentifier.Tests.ps1 index 6721b63..d7cb603 100644 --- a/Tests/Get-IDUserIdentifier.Tests.ps1 +++ b/Tests/Get-IDUserIdentifier.Tests.ps1 @@ -36,6 +36,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force diff --git a/Tests/Get-IDUserRole.Tests.ps1 b/Tests/Get-IDUserRole.Tests.ps1 index 00ed508..5f827e2 100644 --- a/Tests/Get-IDUserRole.Tests.ps1 +++ b/Tests/Get-IDUserRole.Tests.ps1 @@ -38,6 +38,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force $response = Get-IDUserRole -ID 1234 -Limit 1 -SortBy String diff --git a/Tests/Get-ParentFunction.Tests.ps1 b/Tests/Get-ParentFunction.Tests.ps1 index b82a201..faa3ddb 100644 --- a/Tests/Get-ParentFunction.Tests.ps1 +++ b/Tests/Get-ParentFunction.Tests.ps1 @@ -30,6 +30,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name psPASSession -Value $psPASSession -Scope Script -Force diff --git a/Tests/Get-SessionClone.Tests.ps1 b/Tests/Get-SessionClone.Tests.ps1 index 35eb588..04ad82d 100644 --- a/Tests/Get-SessionClone.Tests.ps1 +++ b/Tests/Get-SessionClone.Tests.ps1 @@ -60,6 +60,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = (Get-Variable MyInvocation).Value LastCommandTime = (Get-Date).AddMinutes(-1) LastCommandResults = @{'TestProperty' = 'TestValue' } + LastError = $null + LastErrorTime = $null } New-Variable -Name object -Value $psPASSession -Scope Script -Force @@ -73,7 +75,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { } It 'produces expected output properties' { - $script:Clone.keys | Should -HaveCount 9 + $script:Clone.keys | Should -HaveCount 11 } diff --git a/Tests/Invoke-IDRestMethod.Tests.ps1 b/Tests/Invoke-IDRestMethod.Tests.ps1 index 143b3ee..972ba6d 100644 --- a/Tests/Invoke-IDRestMethod.Tests.ps1 +++ b/Tests/Invoke-IDRestMethod.Tests.ps1 @@ -173,10 +173,12 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force If ($IsCoreCLR) { - $errorDetails = $([pscustomobject]@{'ErrorCode' = 'URA999'; 'ErrorMessage' = 'Some Error Message' } | ConvertTo-Json) + $errorDetails = $([pscustomobject]@{'ErrorCode' = 'URA999'; 'Message' = 'Some Error Message' } | ConvertTo-Json) $statusCode = 400 $response = New-Object System.Net.Http.HttpResponseMessage $statusCode $exception = New-Object Microsoft.PowerShell.Commands.HttpResponseException "$statusCode ($($response.ReasonPhrase))", $response @@ -229,8 +231,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { It 'reports inner error messages' { If ($IsCoreCLR) { - $Details = [pscustomobject]@{'ErrorCode' = 'URA666'; 'ErrorMessage' = 'Some Inner Error' } - $errorDetails = $([pscustomobject]@{'ErrorCode' = 'URA999'; 'ErrorMessage' = 'Some Error Message' ; 'Details' = $Details } | ConvertTo-Json) + $Details = [pscustomobject]@{'ErrorCode' = 'URA666'; 'Message' = 'Some Inner Error' } + $errorDetails = $([pscustomobject]@{'ErrorCode' = 'URA999'; 'Message' = 'Some Error Message' ; 'Details' = $Details } | ConvertTo-Json) $errorRecord = New-Object Management.Automation.ErrorRecord $exception, $errorID, $errorCategory, $targetObject $errorRecord.ErrorDetails = $errorDetails Mock Invoke-WebRequest { Throw $errorRecord } diff --git a/Tests/Invoke-IDSqlcmd.Tests.ps1 b/Tests/Invoke-IDSqlcmd.Tests.ps1 index 8be2d75..62485aa 100644 --- a/Tests/Invoke-IDSqlcmd.Tests.ps1 +++ b/Tests/Invoke-IDSqlcmd.Tests.ps1 @@ -36,6 +36,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force } diff --git a/Tests/Lock-IDUser.Tests.ps1 b/Tests/Lock-IDUser.Tests.ps1 index acc2847..25fdc94 100644 --- a/Tests/Lock-IDUser.Tests.ps1 +++ b/Tests/Lock-IDUser.Tests.ps1 @@ -38,6 +38,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force $response = Lock-IDUser -user 1234 diff --git a/Tests/New-IDPlatformToken.Tests.ps1 b/Tests/New-IDPlatformToken.Tests.ps1 index 574229d..0c939c7 100644 --- a/Tests/New-IDPlatformToken.Tests.ps1 +++ b/Tests/New-IDPlatformToken.Tests.ps1 @@ -23,34 +23,36 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { - BeforeEach { - - $ISPSSSession = [ordered]@{ - tenant_url = $null - User = $null - TenantId = $null - SessionId = $null - WebSession = $null - StartTime = $null - ElapsedTime = $null - LastCommand = $null - LastCommandTime = $null - LastCommandResults = $null - } - New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force - Mock Invoke-IDRestMethod -MockWith { - [pscustomobject]@{ - token_type = 'SomeTokenType' - expires_in = 'SomeValue' - access_token = 'SomeAccessToken' - } - } + Context 'General' { - $Cred = New-Object System.Management.Automation.PSCredential ('SomeUser', $(ConvertTo-SecureString 'SomePassword' -AsPlainText -Force)) + BeforeEach { + $ISPSSSession = [ordered]@{ + tenant_url = $null + User = $null + TenantId = $null + SessionId = $null + WebSession = $null + StartTime = $null + ElapsedTime = $null + LastCommand = $null + LastCommandTime = $null + LastCommandResults = $null + LastError = $null + LastErrorTime = $null + } + New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force + Mock Invoke-IDRestMethod -MockWith { + $ISPSSSession.WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + [pscustomobject]@{ + token_type = 'SomeTokenType' + expires_in = 'SomeValue' + access_token = 'SomeAccessToken' + } + } - } + $Cred = New-Object System.Management.Automation.PSCredential ('SomeUser', $(ConvertTo-SecureString 'SomePassword' -AsPlainText -Force)) - Context 'General' { + } It 'sets expected tenant_url with no trailing slash as script scope variable' { New-IDPlatformToken -tenant_url https://sometenant.id.cyberark.cloud/ -Credential $Cred diff --git a/Tests/New-IDSession.Tests.ps1 b/Tests/New-IDSession.Tests.ps1 index ef971ea..950659b 100644 --- a/Tests/New-IDSession.Tests.ps1 +++ b/Tests/New-IDSession.Tests.ps1 @@ -35,6 +35,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force Mock Start-Authentication -MockWith { @@ -214,6 +216,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { BeforeEach { Mock Start-AdvanceAuthentication -MockWith { + $ISPSSSession.WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession [pscustomobject]@{ Summary = 'LoginSuccess' } diff --git a/Tests/Start-AdvanceAuthentication.Tests.ps1 b/Tests/Start-AdvanceAuthentication.Tests.ps1 index 9e77186..847c21a 100644 --- a/Tests/Start-AdvanceAuthentication.Tests.ps1 +++ b/Tests/Start-AdvanceAuthentication.Tests.ps1 @@ -36,6 +36,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force $Mechanism = [pscustomobject]@{ diff --git a/Tests/Start-Authentication.Tests.ps1 b/Tests/Start-Authentication.Tests.ps1 index 86f7b75..aca6f8b 100644 --- a/Tests/Start-Authentication.Tests.ps1 +++ b/Tests/Start-Authentication.Tests.ps1 @@ -36,6 +36,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force $LogonRequest = @{ } diff --git a/Tests/Start-SamlAuthentication.Tests.ps1 b/Tests/Start-SamlAuthentication.Tests.ps1 index bba5c41..a5197a3 100644 --- a/Tests/Start-SamlAuthentication.Tests.ps1 +++ b/Tests/Start-SamlAuthentication.Tests.ps1 @@ -37,6 +37,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force $LogonRequest = @{ } diff --git a/Tests/Suspend-IDUserMFA.Tests.ps1 b/Tests/Suspend-IDUserMFA.Tests.ps1 index 2105a4a..369f6a2 100644 --- a/Tests/Suspend-IDUserMFA.Tests.ps1 +++ b/Tests/Suspend-IDUserMFA.Tests.ps1 @@ -38,6 +38,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force $response = Suspend-IDUserMFA -ID 1234 diff --git a/Tests/Test-IDUserCloudLock.Tests.ps1 b/Tests/Test-IDUserCloudLock.Tests.ps1 index 45ed56a..657cf05 100644 --- a/Tests/Test-IDUserCloudLock.Tests.ps1 +++ b/Tests/Test-IDUserCloudLock.Tests.ps1 @@ -38,6 +38,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force $response = Test-IDUserCloudLock -user 1234 diff --git a/Tests/Unlock-IDUser.Tests.ps1 b/Tests/Unlock-IDUser.Tests.ps1 index 650ff84..75f7c73 100644 --- a/Tests/Unlock-IDUser.Tests.ps1 +++ b/Tests/Unlock-IDUser.Tests.ps1 @@ -38,6 +38,8 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { LastCommand = $null LastCommandTime = $null LastCommandResults = $null + LastError = $null + LastErrorTime = $null } New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force $response = Unlock-IDUser -user 1234