SecretManagement.Chromium.Extension/Public/Get-SecretInfo.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
using namespace Microsoft.Powershell.SecretManagement
function Get-SecretInfo {
    param(
        [string]$Filter,
        [string]$VaultName,
        [hashtable]$AdditionalParameters = (Get-SecretVault -Name $VaultName).VaultParameters,
        #For internal use from other internal cmdlets
        [switch]$AsCredentialEntry
    )
    Test-VaultConfiguration $VaultName

    if ($AdditionalParameters.Delimiter) {
        $VaultDelimiter = $AdditionalParameters.Delimiter
    } else {
        $VaultDelimiter = $SCRIPT:SecretNameDelimiter
    }
    $db = $__VAULT[$vaultName]

    #First check for our special delimiter, so we know if this is an "easy" search
    [String[]]$FilterParts = $filter.Split($VaultDelimiter)
    if ($filterParts.count -gt 1) {
        $filterQueryParts = "id = $($filter.Split($VaultDelimiter)[2])"
    } elseif ($Filter -and $Filter -ne '*') {
        [String[]]$filterParts = $Filter.split("|")
        [String[]]$filterQueryParts = @()
        #Default is to search by URL
        #TODO: Escape _ and %
        if ($filterParts.count -eq 1) {
            $filterQueryParts += "origin_url LIKE '{0}'" -f $filterParts[0].replace('*','%')
        } elseif ($filterParts.count -eq 2) {
            $filterQueryParts += "username_value LIKE '{0}'" -f $filterParts[0].replace('*','%')
            if ($filterParts[1].ToCharArray().Count -gt 0) {
                $filterQueryParts += "origin_url LIKE '{0}'" -f $filterParts[1].replace('*','%')
            }
        }
    }

    #Build the fitler part of the query string
    [String]$filterQuery = $null
    if ($filterQueryParts.count -ge 1) {
        [String]$filterQuery = ' WHERE ' + ($filterQueryParts -join ' AND ')
    }

    [String]$secretInfoQuery = "SELECT * FROM logins" + $filterQuery
    try {
        $secretInfoResult = $db.InvokeSQL($secretInfoQuery) 
    } catch {
        throw
    } finally {
        $db.close()
    }

    if (-not $secretInfoResult) {
        return @()
    }

    #TODO: Cast this to chromiumCredentialEntry
    if ($AsCredentialEntry) {
        return $secretInfoResult
    } else {
        return $secretInfoResult | Foreach-Object {
            [SecretInformation]::new(
                [string](
                    $PSItem.username_value + 
                    $SecretNameDelimiter + 
                    $PSItem.origin_url + 
                    $SecretNameDelimiter +
                    $PSItem.id
                ), #Name
                [SecretType]::PSCredential,
                $VaultName
            )
        }
    }
}