Public/Invoke-OriAzBopUseAzCredential.ps1

<#
.SYNOPSIS
    Create Credential based on token hidden in Profile when user is connected to Azure.
.DESCRIPTION
    When is:
    - installed proper modules for connect to Azure
    - powershell is executed with profile
    - user with proper rights is conneted to Azure
    than is possible use the existing user token from Azure profile
    to Oriflame Powershell Module repository.
 
.PARAMETER InstallModuleWhenRequired
    When the parameter is set Az.Account nor AzureRm.Profile is missing, Az.Account will be installed.
     
.PARAMETER ConnectAzureWhenRequired
    When the parameter is set and Azure is not connnect it initate connection. Interaction may required.
 
.EXAMPLE
    # Silent login
    $User = "xxx@xxxx.onmicrosoft.com"
    $PWord = ConvertTo-SecureString -String "<Password>" -AsPlainText -Force
    $tenant = "<tenant id>"
    $subscription = "<subscription id>"
    $Credential = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList $User,$PWord
    $ConnectAzureParam = @{
        Credential = $Credential
        Tenant = $tenant
        Subscription = subscription
    }
    [PSCredential] $RepoCredentail = Invoke-OriAzBopGetAzCredential `
    -InstallModuleWhenRequired `
    -ConnectAzureWhenRequired `
    -ConnectAzureParam $ConnectAzureParam
.EXAMPLE
    # When is not logged it ask for Credentils on Classic powershell.
    # Note: On Powershell Core it shows the url and CODE for autentication via browser
    [PSCredential] $RepoCredentail = Invoke-OriAzBopGetAzCredentia `
    -InstallModuleWhenRequired `
    -ConnectAzureWhenRequired
 
#>

function Invoke-OriAzBopGetAzCredential {
    [CmdLetBinding()]
    [Outputtype("PSCredential")]
    param (
        [Parameter(Mandatory = $false, HelpMessage = "When the parameter is set Az.Account nor AzureRm.Profile is missing, Az.Account will be installed.")]
        [switch] $InstallModuleWhenRequired,

        [Parameter(Mandatory = $false, HelpMessage = "When the parameter is set and Azure is not connnect it initate connection. Interaction may required.")]
        [switch] $ConnectAzureWhenRequired,

        [Parameter(Mandatory = $false, HelpMessage = "Parameters for Connect Azure if needed")]
        [Hashtable] $ConnectAzureParam = @{}

    )
    $ErrorActionPreference = 'Stop'
    Write-Verbose -Message ("[ START: {0}:{1} (v.{2}) ]" -f $Local:MyInvocation.MyCommand.Source, $Local:MyInvocation.MyCommand.Name, $Local:MyInvocation.MyCommand.Version)
    foreach ($arg in $PSBoundParameters.GetEnumerator()) {
        if ([string]::IsNullOrEmpty($arg.Value)) {
            Write-Debug -Message ("[null] {0}: {1}" -f $arg.Key, $arg.Value) -ErrorAction SilentlyContinue 
        }
        else {
            Write-Debug -Message ("[{2}] {0}: {1}" -f $arg.Key, $arg.Value, $arg.Value.GetType().Name) -ErrorAction SilentlyContinue 
        }
    }

    $InstalledAzureConnect = Get-InstalledModuleForAzureToken
    if ($InstalledAzureConnect -eq 'none') {
        if ($InstallModuleWhenRequired) {
            Write-Debug "Az.Account will be installed"
            Install-OriAzBopPrerequisite -Name Az.Account -AllowClobber -SkipPublisherCheck
            $InstalledAzureConnect = 'Az'
        }
        else {
            Throw "Module Az.Account nor AzureRm.Profile is installed. Use this command with switch 'Invoke-OriAzBopUseAzCredential -InstallModuleWhenRequired:`$true ... ' or 'Install-Module -Name Az.Account -Repository PSGallery'"
        }
    }

    $IsAlreadyConnected = $false
    switch ($InstalledAzureConnect) {
        'Az' { $IsAlreadyConnected = Test-IsAzConnected; break }
        'Rm3' { $IsAlreadyConnected = Test-IsRmConnected; break }
        'RmOld' { $IsAlreadyConnected = Test-IsRmOldConnected; break }
    }

    if (!$IsAlreadyConnected) {
        if ($ConnectAzureWhenRequired) {
            switch ($InstalledAzureConnect) {
                'Az' { Connect-AzAccount @ConnectAzureParam | Out-Null; break }
                'Rm3' { Connect-AzureRmAccount @ConnectAzureParam | Out-Null; break }
                'RmOld' { Connect-AzureRmAccount @ConnectAzureParam | Out-Null; break }
            }
        }
        else {
            Throw "The Azure is not connected. Use this command with switch 'Invoke-OriAzBopUseAzCredential -ConnectAzureWhenRequired:`$true ... ' or use for Az.Account 'Connect-AzAccount' or use for AzureRM.Profile 'Connect-AzureRmAccount' "
        }
    }

    $toReturn = $null
    switch ($InstalledAzureConnect) {
        'Az' { $toReturn = Get-AzCredential; break }
        'Rm3' { $toReturn = Get-AzureRmCredential; break }
        'RmOld' { $toReturn = Get-AzureRmOldCredential; break }
    }

    Write-Verbose -Message ("[ END: {0} ]" -f $Local:MyInvocation.MyCommand.Name)
    return $toReturn
}