Functions/New-GSuiteEndpointConfiguration.ps1
|
<#
.SYNOPSIS This function creates a GSuite Endpoint Configuration given a GSuite application id, client secret and refresh tokens. #> function New-GSuiteEndpointConfiguration { [CmdletBinding(PositionalBinding=$true)] [OutputType([Object])] param ( # The username to be stored in the new endpoint. [Parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] [string]$gSuiteApplicationID, # The client secret of the GSuite application. [Parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] [string]$gSuiteClientSecret, # The refresh token which has a scope of 'https://www.googleapis.com/auth/admin.directory.user' [Parameter(Mandatory=$false)] [ValidateNotNullOrEmpty()] [String]$userRefreshToken, # The refresh token which has a scope of 'https://www.googleapis.com/auth/admin.directory.group' [Parameter(Mandatory=$false)] [ValidateNotNullOrEmpty()] [String]$groupRefreshToken, # The refresh token which has a scope of 'https://www.googleapis.com/auth/admin.directory.orgunit' [Parameter(Mandatory=$false)] [ValidateNotNullOrEmpty()] [String]$organizationalUnitRefreshToken, # The refresh token which has a scope of 'https://www.googleapis.com/auth/admin.directory.userschema' [Parameter(Mandatory=$false)] [ValidateNotNullOrEmpty()] [String]$userSchemaRefreshToken, # The refresh token which has a scope of 'https://www.googleapis.com/auth/admin.directory.device.mobile' [Parameter(Mandatory=$false)] [ValidateNotNullOrEmpty()] [String]$mobileDeviceRefreshToken, # The refresh token which has a scope of 'https://www.googleapis.com/auth/admin.directory.user.security' [Parameter(Mandatory=$false)] [ValidateNotNullOrEmpty()] [String]$securityRefreshToken, # The refresh token which has a scope of 'https://www.googleapis.com/auth/admin.directory.customer' [Parameter(Mandatory=$false)] [ValidateNotNullOrEmpty()] [String]$customerRefreshToken, # The refresh token which has a scope of 'https://www.googleapis.com/auth/admin.directory.domain' [Parameter(Mandatory=$false)] [ValidateNotNullOrEmpty()] [String]$domainRefreshToken ) # Initialize the password $gSuitePassword = "ClientSecret:$($gSuiteClientSecret)" # Declare the scopes for refresh tokens $refreshTokenScopes = @( "User", "Group", "OrganizationalUnit", "UserSchema", "MobileDevice", "Security", "Customer", "Domain" ) # Append the refresh tokens to the client secret foreach ($scope in $refreshTokenScopes) { $refreshToken = Invoke-Expression ("`$" + (Invoke-Expression "`$scope") + "RefreshToken") if (![String]::IsNullOrWhiteSpace($refreshToken)) { $gSuitePassword += " $($scope):$($refreshToken)" } } # Initialize a configuration for GSuite $importConfiguration = New-Object -TypeName ManagementProxy.ManagementService.GenericConfiguration -Property @{ "Url" = "https://admin.google.com"; "Username" = $gSuiteApplicationID; "Password" = $gSuitePassword; "UseAdministrativeCredentials" = $true; } return $importConfiguration } |