functions/Private/Authorization/Get-MgaDeviceCodeAccessToken.ps1
|
function Get-MgaDeviceCodeAccessToken { try { $ClientId = '1b730954-1685-4b74-9bfd-dac224a7b894' $DeviceCodeRequestParams = @{ Method = 'POST' Uri = 'https://login.microsoftonline.com/common/oauth2/devicecode' Body = @{ client_id = $ClientId resource = 'https://graph.microsoft.com/' } UseBasicParsing = $true } $DeviceCodeRequest = Invoke-RestMethod @DeviceCodeRequestParams Write-Host $DeviceCodeRequest.message $LoggedInTryCount = 0 while ($null -eq $Script:MgaSession.DeviceCode) { try { $TokenRequestParams = @{ Method = 'POST' Uri = 'https://login.microsoftonline.com/organizations/oauth2/token' Body = @{ grant_type = 'urn:ietf:params:oauth:grant-type:device_code' code = $DeviceCodeRequest.device_code client_id = $ClientId } } $Script:MgaSession.DeviceCode = Invoke-RestMethod @TokenRequestParams } catch { if ($LoggedInTryCount -le 890) { Start-Sleep -Seconds 2 $LoggedInTryCount = $LoggedInTryCount + 2 } else { Throw 'The user has not verified the DeviceCode within 15 minutes... Login is aborted...' } } } if ($null -eq $Script:MgaSession.DeviceCode.access_token) { throw 'No AccessToken retrieved... Exiting script...' } else { $Script:MgaSession.headerParameters = @{ Authorization = "$($Script:MgaSession.DeviceCode.token_type) $($Script:MgaSession.DeviceCode.access_token)" 'Content-Type' = 'application/json' } } } catch { throw $_ } } |