Get-MsalClientApplication.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
<#
.SYNOPSIS
    Get client applications from local session cache.
.DESCRIPTION
    This cmdlet will return client applications from the local session cache.
.EXAMPLE
    PS C:\>Get-MsalClientApplication
    Get all client applications in the local session cache.
.EXAMPLE
    PS C:\>Get-MsalClientApplication -ClientId '00000000-0000-0000-0000-000000000000'
    Get client application with specific ClientId from local session cache.
#>

function Get-MsalClientApplication {
    [CmdletBinding(DefaultParameterSetName='PublicClient')]
    [OutputType([Microsoft.Identity.Client.PublicClientApplication],[Microsoft.Identity.Client.ConfidentialClientApplication])]
    param
    (
        # Identifier of the client requesting the token.
        [Parameter(Mandatory=$false, ValueFromPipeline=$true, ValueFromPipelineByPropertyName=$true)]
        [string] $ClientId,
        # Secure secret of the client requesting the token.
        [Parameter(Mandatory=$false, ParameterSetName='ConfidentialClientSecret', ValueFromPipelineByPropertyName=$true)]
        [securestring] $ClientSecret,
        # Client assertion certificate of the client requesting the token.
        [Parameter(Mandatory=$false, ParameterSetName='ConfidentialClientCertificate', ValueFromPipelineByPropertyName=$true)]
        [System.Security.Cryptography.X509Certificates.X509Certificate2] $ClientCertificate,
        # Address to return to upon receiving a response from the authority.
        [Parameter(Mandatory=$false, ValueFromPipelineByPropertyName=$true)]
        [uri] $RedirectUri,
        # Tenant identifier of the authority to issue token.
        [Parameter(Mandatory=$false, ValueFromPipelineByPropertyName=$true)]
        [string] $TenantId,
        # Address of the authority to issue token.
        [Parameter(Mandatory=$false, ValueFromPipelineByPropertyName=$true)]
        [uri] $Authority
    )

    [System.Collections.Generic.List[Microsoft.Identity.Client.IClientApplicationBase]] $listClientApplications = New-Object System.Collections.Generic.List[Microsoft.Identity.Client.IClientApplicationBase]

    switch -Wildcard ($PSCmdlet.ParameterSetName) {
        "PublicClient*" {
            foreach ($PublicClientApplication in $PublicClientApplications) {
                if ((!$ClientId -or $PublicClientApplication.ClientId -eq $ClientId) -and (!$RedirectUri -or $PublicClientApplication.AppConfig.RedirectUri -eq $RedirectUri) -and (!$TenantId -or $PublicClientApplication.AppConfig.TenantId -eq $TenantId) -and (!$Authority -or $PublicClientApplication.Authority -eq $Authority)) {
                    $listClientApplications.Add($PublicClientApplication)
                }
            }

            #$listClientApplications.AddRange(($PublicClientApplications | Where-Object ClientId -eq $ClientId))
        }
        "*" {
            foreach ($ConfidentialClientApplication in $ConfidentialClientApplications) {
                if ((!$ClientId -or $ConfidentialClientApplication.ClientId -eq $ClientId) -and (!$RedirectUri -or $ConfidentialClientApplication.AppConfig.RedirectUri -eq $RedirectUri) -and (!$TenantId -or $ConfidentialClientApplication.AppConfig.TenantId -eq $TenantId) -and (!$Authority -or $ConfidentialClientApplication.Authority -eq $Authority)) {
                    # if ($PSCmdlet.ParameterSetName -eq 'ConfidentialClientSecret') {
                    # if ($ConfidentialClientApplication.ClientSecret -eq $ClientSecret) {
                    # $listClientApplications.Add($ConfidentialClientApplication)
                    # }
                    # }
                    # elseif ($PSCmdlet.ParameterSetName -eq 'ConfidentialClientCertificate') {
                    # if ($ConfidentialClientApplication.ClientCertificate -eq $ClientCertificate) {
                    # $listClientApplications.Add($ConfidentialClientApplication)
                    # }
                    # }
                    # else {
                    # $listClientApplications.Add($ConfidentialClientApplication)
                    # }
                    switch ($PSCmdlet.ParameterSetName) {
                        "ConfidentialClientSecret" {
                            if ($ConfidentialClientApplication.AppConfig.ClientSecret -eq $ClientSecret) {
                                $listClientApplications.Add($ConfidentialClientApplication)
                            }
                            break
                        }
                        "ConfidentialClientCertificate" {
                            if ($ConfidentialClientApplication.AppConfig.ClientCredentialCertificate -eq $ClientCertificate) {
                                $listClientApplications.Add($ConfidentialClientApplication)
                            }
                            break
                        }
                        Default {
                            $listClientApplications.Add($ConfidentialClientApplication)
                        }
                    }
                }
            }
        }
    }

    return $listClientApplications
}