SecretManagement.Chromium.Extension/Public/Get-Secret.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
function Get-Secret {
    param (
        [string]$Name,
        [string]$VaultName,
        [hashtable]$AdditionalParameters = (Get-SecretVault -Name $VaultName).VaultParameters
    )
    if (-not $Name) {throw 'You must specify a specific secret name or SecretInformation object to this command. Hint: (Get-SecretInfo)[0]'}

    Test-VaultConfiguration $VaultName

    $getSecretInfoParams = @{
        Filter = $Name
        VaultName = $VaultName
        AdditionalParameters = $AdditionalParameters
        AsCredentialEntry = $true
    }

    $secretInfo = Get-SecretInfo @getSecretInfoParams

    if (-not $secretInfo) {return}
    if ($secretInfo.count -gt 1) {throw 'Your secret search is ambiguous and matched multiple secrets in the vault. Please make your search more specific. Hint: Get-Secret -Name myuser@https://mysite.com/'}

    return [PSCredential]::new(
        $secretInfo.username_value,
        $(Unprotect-ChromiumString -Encrypted $secretinfo.password_value -MasterKey $SCRIPT:__VAULT["$VaultName-Key"] |
            ConvertTo-SecureString -AsPlainText -Force)
    )
}