Release 0.2 (#8)

* 📝 🚸 UPDATE Examples

Changing URLs used in examples to attempt to make it clearer that it is an Identity Portal URL which should be specified.

* UPDATE Module Scope Variables

Improves the way module scope variables are used throughout the module by utilising a single module scope object which holds property values which can be reused across functions, and also returned to the local scope for information purposes.
Updates all functions and tests to reference new module scope session object.
Updates `Get-IDSession` to return the module scope session object.
Updates `GetWebSession()` method of `New-IDSession` to reference module scope session object, avoiding a breaking change for ISPSS authentication in `psPAS`.
Adds new private helper functions:
- `Get-ParentFunction`
- `Get-SessionClone`

* UPDATE Get-IDSession.md

Update help in-line with command and module changes.

* Update README.md

* Update CHANGELOG.md

* Update appveyor.yml

CHANGELOG.md

@@ -1,7 +1,7 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
-## [unreleased] - 2023-10-08
+## [unreleased] - ####-##-##
 
 ### Added
 - N/A
@@ -12,6 +12,50 @@ All notable changes to this project will be documented in this file.
 ### Fixed
 - N/A
 
+## [0.2] - 2024-02-13
+
+Updates the `Get-IDSession` command, which can be used to return data from the module scope:
+
+```powershell
+PS C:\> Get-IDSession
+
+Name                           Value
+----                           -----
+tenant_url                     https://abc1234.id.cyberark.cloud
+User                           [email protected]
+TenantId                       ABC1234
+SessionId                      1337CbGbPunk3Sm1ff5ess510nD3tai75
+WebSession                     Microsoft.PowerShell.Commands.WebRequestSession
+StartTime                      12/02/2024 22:58:13
+ElapsedTime                    00:25:30
+LastCommand                    System.Management.Automation.InvocationInfo
+LastCommandTime                12/02/2024 23:23:07
+LastCommandResults             {"success":true,"Result":{"SomeResult"}}
+```
+
+Executing this command exports variables like the URL, Username & WebSession object for the authenticated session from IdentityCommand into your local scope, either for use in other requests outside of the module scope, or for informational purposes.
+
+Return data also includes details such as session start time, elapsed time, last command time, as well as data for the last invoked command and the results of the previous command useful for debugging & development purposes.
+
+### Added
+- Private Function `Get-ParentFunction`
+  - Helper function to get command invocation data from different scopes
+- Private Function `Get-SessionClone`
+  - Helper function to create unreferenced copy of IdentityCommand session hashtable object
+
+### Changed
+- `Get-IDSession`
+  - Returns the module scoped `$ISPSSSession` variable (which includes the WebSession object), instead of just the WebSession object.
+- `New-IDSession`
+  - Sets values in the script scope `$ISPSSSession` object instead of individual script scope variables.
+- `Close-IDSession`
+  - Sets null values in the script scope `$ISPSSSession` object instead of removing individual script scope variables.
+- All other functions
+  - Updated entire codebase to reference `$ISPSSSession` object instead of individual script scope variables.
+
+### Fixed
+- N/A
+
 ## [0.1 - Update 3] - 2023-10-08
 
 ### Added

IdentityCommand/IdentityCommand.psm1

@@ -40,4 +40,20 @@ Get-ChildItem $PSScriptRoot\ -Recurse -Include '*.ps1' -Exclude '*.ps1xml' |
 
         }
 
-    }
+    }
+
+# Script scope session object for session data
+$ISPSSSession = [ordered]@{
+    tenant_url         = $null
+    User               = $null
+    TenantId           = $null
+    SessionId          = $null
+    WebSession         = $null
+    StartTime          = $null
+    ElapsedTime        = $null
+    LastCommand        = $null
+    LastCommandTime    = $null
+    LastCommandResults = $null
+} | Add-CustomType -Type IdCmd.Session
+
+New-Variable -Name ISPSSSession -Value $ISPSSSession -Scope Script -Force

IdentityCommand/Private/Clear-AdvanceAuthentication.ps1

@@ -26,15 +26,15 @@ Function Clear-AdvanceAuthentication {
     Process {
 
         $Body = @{
-            TenantId  = $Script:TenantId
-            SessionId = $Script:SessionId
+            TenantId  = $ISPSSSession.TenantId
+            SessionId = $ISPSSSession.SessionId
         }
 
-        $LogonRequest['Uri'] = "$Script:tenant_url/Security/CleanupAuthentication"
+        $LogonRequest['Uri'] = "$($ISPSSSession.tenant_url)/Security/CleanupAuthentication"
         $LogonRequest['Method'] = 'POST'
         $LogonRequest['Body'] = $Body | ConvertTo-Json
 
-        if ($PSCmdlet.ShouldProcess($Script:SessionId, 'Clear Authentication Session')) {
+        if ($PSCmdlet.ShouldProcess($($ISPSSSession.SessionId), 'Clear Authentication Session')) {
 
             Invoke-IDRestMethod @LogonRequest | Out-Null
 

IdentityCommand/Private/Complete-SamlAuthentication.ps1

@@ -36,9 +36,9 @@ Function Complete-SamlAuthentication {
         #Setup request. This command will return html, so supress output/html error detection
         $Script:ExpectHtml = $true
         $LogonRequest['Method'] = 'GET'
-        $LogonRequest['Uri'] = "$Script:tenant_url/login"
+        $LogonRequest['Uri'] = "$($ISPSSSession.tenant_url)/login"
 
-        if ($PSCmdlet.ShouldProcess($Script:tenant_url, 'Send Assertion')) {
+        if ($PSCmdlet.ShouldProcess($ISPSSSession.tenant_url, 'Send Assertion')) {
 
             try {
 

IdentityCommand/Private/Get-ParentFunction.ps1

@@ -0,0 +1,58 @@
+Function Get-ParentFunction {
+	<#
+	.SYNOPSIS
+	Returns details of the calling function from a variable scope
+
+	.DESCRIPTION
+	Returns the FunctionName and the ParameterSetName which was used to invoke another function
+
+	.PARAMETER Scope
+	The Scope number from which to return the calling functions details.
+
+	.EXAMPLE
+	Function Test-Parent {Test-Child}
+	Function Test-Child {Get-ParentFunction}
+	$example = Test-Parent
+
+	$example.FunctionName #Returns Test-Parent
+
+	.EXAMPLE
+	Function Test-Example {
+		[CmdletBinding()]
+		param([parameter(ParameterSetName = "ExampleParamSet")][string]$Name)
+			Test-Parent
+	}
+	Function Test-Parent {Test-Child}
+	Function Test-Child {Get-ParentFunction -Scope 3}
+	$example = Test-Example -Name "test"
+
+	$example.Function #Returns "Test-Example"
+	$example.ParameterSetName #Returns "ExampleParamSet"
+
+	.NOTES
+
+	#>
+	[CmdletBinding()]
+	Param(
+		# The scope number from which to retrieve the parent function name
+		[Parameter(
+			Mandatory = $false,
+			ValueFromPipelineByPropertyName = $true
+		)]
+		[Int]
+		$Scope = 2
+	)
+
+	Process {
+
+		#Get MyInvocation details from required scope
+		$CommandData = (Get-Variable MyInvocation -Scope $Scope).Value
+		[PSCustomObject]@{
+			CommandData      = $CommandData
+			FunctionName     = $CommandData.MyCommand.Name
+			ParameterSetName = (Get-Variable PSCmdlet -Scope $Scope -ErrorAction SilentlyContinue).Value.ParameterSetName
+		}
+
+	}
+
+}

IdentityCommand/Private/Get-SessionClone.ps1

@@ -0,0 +1,46 @@
+function Get-SessionClone {
+    <#
+    .SYNOPSIS
+    Deep copy a hashtable
+
+    .DESCRIPTION
+    Deep copy a hashtable or ordered dictionary, and return an ordered dictionary
+
+    .PARAMETER InputObject
+    A hashtable or OrderedDictionary to clone
+
+    .EXAMPLE
+    Get-SessionClone -InputObject $Hashtable
+
+    Returns a new ordered hashtable, which is a deep copy of $Hashtable
+
+    .OUTPUTS
+    System.Collections.Specialized.OrderedDictionary
+    #>
+    [cmdletbinding()]
+    [OutputType('System.Collections.Specialized.OrderedDictionary')]
+    param(
+        [parameter(
+            Mandatory = $true,
+            ValueFromPipeline = $true
+        )]
+        $InputObject
+    )
+    process {
+        if (($InputObject -is [hashtable]) -or ($InputObject -is [System.Collections.Specialized.OrderedDictionary])) {
+            $clone = [ordered]@{}
+            foreach ($key in $InputObject.keys) {
+                if ($null -ne $InputObject[$key]) {
+                    $clone[$key] = Get-SessionClone $InputObject[$key]
+                } else {
+                    $clone[$key] = $null
+                }
+            }
+            return $clone
+        } else {
+
+            return $InputObject
+
+        }
+    }
+}

IdentityCommand/Private/Invoke-IDRestMethod.ps1

@@ -9,7 +9,7 @@
 	queried and acted on.
 	All requests are sent with ContentType=application/json.
 	If the sessionVariable parameter is passed, the function will return the WebSession
-	object to the $Script:WebSession variable.
+	object to the $ISPSSSession.WebSession variable.
 
 	.PARAMETER Method
 	The method for the REST Method.
@@ -27,7 +27,7 @@
 	.PARAMETER SessionVariable
 	If passed, will be sent to invoke-webrequest which in turn will create a websession
 	variable using the string value as the name. This variable will only exist in the current scope
-	so will be set as the value of $Script:WebSession to be available in a modules scope.
+	so will be set as the value of $ISPSSSession.WebSession to be available in a modules scope.
 	Cannot be specified with WebSession
 
 	.PARAMETER WebSession
@@ -61,7 +61,7 @@
 	An Accept string to be included in the request header
 
 	.EXAMPLE
-	Invoke-IDRestMethod -Uri $URI -Method DELETE -WebSession $Script:WebSession
+	Invoke-IDRestMethod -Uri $URI -Method DELETE -WebSession $ISPSSSession.WebSession
 
 	Send request to web service
 	#>
@@ -121,12 +121,12 @@
 		$ProgressPreference = 'SilentlyContinue'
 		$PSBoundParameters.Add('UseBasicParsing', $true)
 
-		if ($null -ne $Script:WebSession) {
+		if ($null -ne $ISPSSSession.WebSession) {
 
 			#use the WebSession if it exists in the module scope, and alternate session is not specified.
 			if ( -not ($PSBoundParameters.ContainsKey('WebSession'))) {
 
-				$PSBoundParameters.Add('WebSession', $Script:WebSession)
+				$PSBoundParameters.Add('WebSession', $ISPSSSession.WebSession)
 
 			}
 
@@ -229,11 +229,16 @@
 
 		} finally {
 
+			#Add Command Data to $ISPSSSession module scope variable
+			$ISPSSSession.LastCommand = Get-ParentFunction | Select-Object -ExpandProperty CommandData
+			$ISPSSSession.LastCommandResults = $APIResponse
+			$ISPSSSession.LastCommandTime = Get-Date
+
 			#If Session Variable passed as argument
 			If ($PSCmdlet.ParameterSetName -eq 'SessionVariable') {
 
 				#Make the WebSession available in the module scope
-				Set-Variable -Name WebSession -Value $(Get-Variable $(Get-Variable sessionVariable).Value).Value -Scope Script
+				$ISPSSSession.WebSession = $(Get-Variable $(Get-Variable sessionVariable).Value).Value
 
 			}
 

IdentityCommand/Private/Out-QRImage.ps1

@@ -44,7 +44,7 @@ function Out-QRImage {
         }
 
         #Get filename from Content-Disposition Header element.
-        $FileName = "$Script:SessionId.html"
+        $FileName = "$($ISPSSSession.SessionId).html"
 
         #Define output path
         $OutputPath = Join-Path $Path $FileName

IdentityCommand/Private/Start-AdvanceAuthentication.ps1

@@ -57,15 +57,15 @@ Function Start-AdvanceAuthentication {
 
     Process {
 
-        $LogonRequest['Uri'] = "$Script:tenant_url/Security/AdvanceAuthentication"
+        $LogonRequest['Uri'] = "$($ISPSSSession.tenant_url)/Security/AdvanceAuthentication"
 
         $Body = @{
-            TenantId    = $Script:TenantId
-            SessionId   = $Script:SessionId
+            TenantId    = $ISPSSSession.TenantId
+            SessionId   = $ISPSSSession.SessionId
             MechanismId = $($Mechanism.MechanismId)
         }
 
-        if ($PSCmdlet.ShouldProcess($Script:tenant_url, 'Advance Authentication')) {
+        if ($PSCmdlet.ShouldProcess($($ISPSSSession.tenant_url), 'Advance Authentication')) {
 
             try {
 
@@ -138,7 +138,7 @@ Function Start-AdvanceAuthentication {
     End {
 
         #Maybe there is a QR Image to clear up
-        Remove-Item $(Join-Path $([System.IO.Path]::GetTempPath()) "$Script:SessionId.html") -ErrorAction SilentlyContinue
+        Remove-Item $(Join-Path $([System.IO.Path]::GetTempPath()) "$($ISPSSSession.SessionId).html") -ErrorAction SilentlyContinue
 
     }
 

IdentityCommand/Private/Start-Authentication.ps1

@@ -45,7 +45,7 @@ Function Start-Authentication {
 
     process {
 
-        $LogonRequest['Uri'] = "$Script:tenant_url/Security/StartAuthentication"
+        $LogonRequest['Uri'] = "$($ISPSSSession.tenant_url)/Security/StartAuthentication"
 
         $LogonRequest['Body'] = @{
 
@@ -54,7 +54,7 @@ Function Start-Authentication {
 
         } | ConvertTo-Json
 
-        if ($PSCmdlet.ShouldProcess($Script:tenant_url, 'Start Authentication')) {
+        if ($PSCmdlet.ShouldProcess($($ISPSSSession.tenant_url), 'Start Authentication')) {
 
             try {
 
@@ -65,11 +65,11 @@ Function Start-Authentication {
 
                     #Redirect URL has been returned
                     #update module scope variables
-                    Clear-Variable -Name tenant_url -Scope Script
-                    Remove-Variable -Name WebSession -Scope Script
-                    Set-Variable -Name tenant_url -Value "https://$($IDSession.PodFqdn)" -Scope Script
+                    $ISPSSSession.tenant_url = $null
+                    $ISPSSSession.WebSession = $null
+                    $ISPSSSession.tenant_url = "https://$($IDSession.PodFqdn)"
 
-                    $LogonRequest['Uri'] = "$Script:tenant_url/Security/StartAuthentication"
+                    $LogonRequest['Uri'] = "$($ISPSSSession.tenant_url)/Security/StartAuthentication"
 
                     #Perform Start Authentication with new URL
                     $IDSession = Invoke-IDRestMethod @LogonRequest

IdentityCommand/Private/Start-SamlAuthentication.ps1

@@ -48,15 +48,15 @@ Function Start-SamlAuthentication {
         #Setup request. This command will return html, so supress output/html error detection
         $Script:ExpectHtml = $true
         $LogonRequest['ContentType'] = 'application/x-www-form-urlencoded'
-        $LogonRequest['Uri'] = "$Script:tenant_url/my"
+        $LogonRequest['Uri'] = "$($ISPSSSession.tenant_url)/my"
 
         $LogonRequest['Body'] = @{
 
             SAMLResponse = $SAMLResponse
 
         }
 
-        if ($PSCmdlet.ShouldProcess($Script:tenant_url, 'Send SAML Assertion')) {
+        if ($PSCmdlet.ShouldProcess($($ISPSSSession.tenant_url), 'Send SAML Assertion')) {
 
             try {
 

IdentityCommand/Public/Clear-IDUserSession.ps1

@@ -15,7 +15,7 @@ function Clear-IDUserSession {
 
     PROCESS {
 
-        $URI = "$Script:tenant_url/UserMgmt/SignOutEverywhere?$($PSBoundParameters | Get-Parameter | ConvertTo-QueryString)"
+        $URI = "$($ISPSSSession.tenant_url)/UserMgmt/SignOutEverywhere?$($PSBoundParameters | Get-Parameter | ConvertTo-QueryString)"
 
         #Send Logoff Request
         Invoke-IDRestMethod -Uri $URI -Method POST