SecretManagement.DevolutionsHub.Extension/public/Get-SecretInfo.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
using namespace Microsoft.PowerShell.SecretManagement
using namespace Devolutions.Hub.PowerShell

function Get-SecretInfo
{
    [CmdletBinding()]
    param(
        [string] $Filter,
        [string] $VaultName,
        [hashtable] $AdditionalParameters
    )
    
    $verboseEnabled = $AdditionalParameters.ContainsKey('Verbose') -and ($AdditionalParameters['Verbose'] -eq $true)
    Write-Verbose "Get-SecretInfo Vault: $VaultName" -Verbose:$verboseEnabled
    
    $hubParameters = (Get-SecretVault -Name $VaultName).VaultParameters
    try{
        Connect-DevolutionsHub($VaultName, $hubParameters);
    
        $vaultId = $hubParameters.VaultId;
        Write-Verbose "Parsing VaultId" -Verbose:$verboseEnabled
        try {
            $vaultId = [System.Guid]::Parse($Vault)
            Write-Verbose "$vaultId" -Verbose:$verboseEnabled
        }
        catch {
            Write-Verbose "VaultId is not a valid GUID. Looking for Vault with name: $Vault" -Verbose:$verboseEnabled

            foreach ($hubVault in Get-HubVault) {
                if ($hubVault.Name -eq $vaultId) {
                    $vaultId = $hubVault.Id
                    $vaultFound = $true
                    break;
                }
            }

            if (-not $vaultFound) {
                throw [System.Exception] "Vault $($vauldId) not found."
            }
        }
    
        $hubEntries = [System.Collections.ArrayList]::new();
        foreach ($entry in (Get-HubEntry -VaultId $vaultId)) {
            if ($Filter -eq "*" -or $entry.Connection.Name -match $Filter) {
                $hubEntries.Add($entry);
                Write-Verbose "Added: $($entry.Connection.Name)" -Verbose:$verboseEnabled
            }
        }
    
        Write-Verbose "Found Entries: $($hubEntries.Count)" -Verbose:$verboseEnabled
    
        return $hubEntries | ForEach-Object {
            if ($_.Connection.Group -eq "") {
                $entryName = $_.Connection.Name
            }
            else {
                $entryName = $_.Connection.Group + "\" + $_.Connection.Name
            }

            [Microsoft.PowerShell.SecretManagement.SecretInformation]::new(
                $entryName, 
                [Microsoft.PowerShell.SecretManagement.SecretType]::PSCredential, # Get-Secret always returns PSCredential
                $VaultName,
                @{
                    EntryId = $_.Connection.ID
                }
            )
        } | Sort-Object -Property Name -Unique # Multiple entries with the same name are trimmed to prevent issue with SecretManagement
    }
    catch {
        Write-Error $_.Exception.Message
    }
    finally {
        Disconnect-DevolutionsHub($hubParameters);
    }
}