functions/New-AzureADUserAuthenticationMethod.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
function New-AzureADUserAuthenticationMethod {
    <#
    .SYNOPSIS
        Creates a new authentication method for the user.
    .DESCRIPTION
        Creates a new authentication method for the user.
        Use to create a new method type for the user. To modify a method, use Update-AzureADUserAuthenticationMethod.
    .EXAMPLE
        PS C:\>New-AzureADUserAuthenticationMethod user@contoso.com -Phone -PhoneNumber '+61412345678' -PhoneType mobile
        Adds a new mobile phone authentication method to the user.
    #>

    [CmdletBinding()]
    param (
        [Parameter(Mandatory = $True, ParameterSetName = 'pin')]
        [switch]
        $Pin,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'oath')]
        [switch]
        $Oath,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'password')]
        [switch]
        $Password,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'securityQuestion')]
        [switch]
        $SecurityQuestion,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'default')]
        [switch]
        $Default,
        
        [Alias('UserId', 'UPN', 'UserPrincipalName')]
        [Parameter(Mandatory = $True, Position = 1, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]
        [string]
        $ObjectId,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'pin', Position = 2)]
        [string]
        $NewPin,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'oath')]
        [string]
        $SecretKey,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'oath')]
        [int]
        $TimeIntervalInSeconds,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'oath')]
        [string]
        $SerialNumber,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'oath')]
        [string]
        $Manufacturer,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'oath')]
        [string]
        $Model,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'phone')]
        [string]
        $PhoneNumber,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'phone')]
        [ValidateSet("mobile", "alternateMobile", "office")]
        [string]
        $PhoneType,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'email', Position = 2)]
        [string]
        $EmailAddress,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'password')]
        [string]
        $NewPassword,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'securityQuestion')]
        [string]
        $Question,
        
        [Parameter(Mandatory = $True, ParameterSetName = 'securityQuestion')]
        [string]
        $Answer
        
    )
    
    begin {
        Assert-GraphConnection -Cmdlet $PSCmdlet
    }
    process {
        switch ($PSCmdlet.ParameterSetName) {
            "phone" {
                $postParams = @{
                    phoneNumber = $PhoneNumber
                    phoneType = $PhoneType
                }
                $json = $postparams | ConvertTo-Json -Depth 99 -Compress
                Invoke-AzureAdRequest -Method POST -Query "users/$ObjectId/authentication/phoneMethods" -Body $json
                break
            }
            "email" {
                $postParams = @{
                    emailAddress = $EmailAddress
                }
                $json = $postparams | ConvertTo-Json -Depth 99 -Compress
                Invoke-AzureAdRequest -Method POST -Query "users/$ObjectId/authentication/emailMethods" -Body $json
                break
            }
            default {
                throw "Setting the $($PSCmdlet.ParameterSetName) method is not yet supported."
            }
        }
    }
}