Private/Get-PANRCTagData.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
Function Get-PANRCTagData {
<#
.SYNOPSIS
  This will return the portion of the uri to authenticate based on a tag
 
.DESCRIPTION
  This will return the portion of the uri to authenticate based on a tag
 
 StorageMeathod:
   API_Key - Clear key like pan-python
   SecureAPI_Key - Secured with Windows secure string tied to the user/pc
   <not implemented> SharedSecureAPI_Key - Secured, but using a shared secret that can be stored for the user/pc combination
 
.PARAMETER Tag
    This is the shortname to use to reference auth information and addresses
 
.PARAMETER Path
   Path to the file to store data, check current directory, otherwise use profile directory
 
.NOTES
    Author: Steve Borba https://github.com/sjborbajr/PAN-Power
    Last Edit: 2019-04-05
    Version 1.0 - initial release
    Version 1.0.1 - Updating descriptions and formatting
    Version 1.0.4 - Update to use HOME on linux
 
#>


  [CmdletBinding()]
  Param (
    [Parameter(Mandatory=$False)]    [string]    $Tag,
    [Parameter(Mandatory=$False)]    [string]    $Path = ''
  )

  #Get the Path if not supplied
  if ($Path -eq '' -or $Path.Length -le 0) {
    if (Test-Path "panrc.xml") {
      $Path = "panrc.xml"
    } else {
      if ($env:USERPROFILE) {
        $Path = $env:USERPROFILE+"\panrc.xml"
      } elseif ($env:HOME) {
        $Path = $env:HOME+"\panrc.xml"
      } else {
        $Path = (pwd).path+"\panrc.xml"
      }
    }
  }

  #Get data out of file
  $Data = ((Import-Clixml $Path)['Tags'])[$Tag]

  If ($Data) {
    #Format
    Switch ($Data.Type){
      'API_Key' {
        $Return = @{'Auth' = 'key='+$Data.API_Key; 'Addresses'=$Data.Addresses}
      }
      'SecureAPI_Key' {
        If ($env:COMPUTERNAME) {$ComputerName=$env:COMPUTERNAME} elseif ($env:HOSTNAME) {$ComputerName=$env:HOSTNAME} else {$ComputerName=''}
        if ($Data.Combo.USERNAME -eq $env:USERNAME -and $Data.Combo.COMPUTERNAME -eq $ComputerName ) {
          $Return = @{'Auth' = 'key='+$Data.API_Key.GetNetworkCredential().password; 'Addresses'=$Data.Addresses}
        } else {
          #Key stored by different computer/user
        }
      }
      'SharedSecureAPI_Key' {
        #not implemented
      }
    }
    $Return
  } Else {
    "Tag Not found in panrc"
    return
  }
}