PowerBI-Metadata

0.2.4

functions/Get-PBIAuthTokenPrompt.ps1

                                <#

.SYNOPSIS

Authenticate against the Power BI API using a "Native" app type which prompts for login

credentials. This function provides an auth token that can be added to an Auth header 

when making an API call.

.DESCRIPTION

This is an authentication function. 

# Prerequisites

#-------------------------------------------------------------------------------

# Client ID can be obtained from creating a Power BI app:

# https://dev.powerbi.com/apps

# App Type: Native

#-------------------------------------------------------------------------------

.PARAMETER clientId

This is the ID generated by the Power BI App created above. It can also be found from

within Azure

.PARAMETER redirectUrl

This is the redirect URL set when creating the app.

.PARAMETER Prompt

Flag to force Azure to prompt for credentials. This allows you to change user. Function may

still prompt if flag is not set due to current user not being authenticated

.EXAMPLE

$authtoken = Get-PBIAuthTokenPrompt -clientId "f40daa92-XXXX-XXXX-XXXX-7e027fe03e2e"

$authtoken = Get-PBIAuthTokenPrompt -clientId "f40daa92-XXXX-XXXX-XXXX-7e027fe03e2e" -Prompt

#>

function Get-PBIAuthTokenPrompt

{

    [CmdletBinding()]

    param

    (        

        [Parameter(Mandatory=$true)]  

        [string]

        $clientId,

        [Parameter(Mandatory=$true)]  

        [string]

        $redirectUrl,

        [switch]

        $Prompt

    )

    begin {

        $resourceAppIdURI = "https://analysis.windows.net/powerbi/api"        

        $authority = "https://login.windows.net/common/oauth2/authorize"

        Write-Verbose 'Test if ADAL module is installed & install if not found'

        $moduleName = 'Microsoft.ADAL.PowerShell'        

        Try

        {

            if (Get-Module -ListAvailable -Name $moduleName)

            {

                Import-Module -Name $moduleName -ErrorAction SilentlyContinue

            }        

            else

            {

                Install-Module -Name $moduleName -ErrorAction SilentlyContinue

            }

        }

        Catch

        {

            throw "$($moduleName) module is not installed and could not be added"

        }

    }

    Process{

        try {       

            $authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList $authority

            if($prompt){

                Write-Verbose 'Authentication will prompt for credentials'

                $promptBehaviour = 'Always'

            }

            else {

                Write-Verbose 'Authentication will only prompt for credentials if user is not already authenticated'

                $promptBehaviour = 'Auto'

            }

            Write-Verbose 'Getting auth Token'

            $auth = $authContext.AcquireToken($resourceAppIdURI, $clientId, $redirectUrl, $promptBehaviour)

        }

        catch {

            throw "Authentication or Connection failure: $_.Exception.Message"            

        }

        return $auth.AccessToken

    }

}