Private/Get-iPilotDirectorySyncCredentials.ps1

Function Get-iPilotDirectorySyncCredentials {
    Param (
        [System.String]
            $iPilotDataDirectory = "${env:APPDATA}\NuWave"
    )

    if (Test-Path "$iPilotDataDirectory\NuWaveiPilotDirectorySyncCredential.cred") {

        # Decrypt credential from file
        Write-Output "Decrypting NuWave iPilot Directory Sync Tenant ID, Client ID, and Client Secret from $iPilotDataDirectory\NuWaveiPilotDirectorySyncCredential.cred"

        # Retrieve TenantID, ClientID and ClientSecret from encrypted credential
        $NuWaveiPilotDirectorySyncCredential = Import-Clixml -Path "$iPilotDataDirectory\NuWaveiPilotDirectorySyncCredential.cred"
        $global:iPilotTenantID = $NuWaveiPilotDirectorySyncCredential.GetNetworkCredential().Domain
        $global:iPilotClientID = $NuWaveiPilotDirectorySyncCredential.GetNetworkCredential().UserName
        $global:iPilotClientSecret = $NuWaveiPilotDirectorySyncCredential.GetNetworkCredential().Password

    } else {

        Write-Output "Save NuWave iPilot Directory Sync Tenant ID, Client ID, and Client Secret to $iPilotDataDirectory\NuWaveiPilotDirectorySyncCredential.cred"
        
        # Read Tenant ID, Client ID, and Client Secret from prompt
        $global:iPilotTenantID = Read-Host -Prompt "Enter the Azure Tenant ID (https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Properties):"
        $global:iPilotClientID = Read-Host -Prompt "Enter the Client ID"
        $global:iPilotClientSecret = Read-Host -Prompt "Enter the Client Secret"

        # Save Tenant ID, Client ID, and Client Secret to $iPilotDataDirectory\NuWaveiPilotDirectorySyncCredential.cred
        #$NuWaveiPilotDirectorySyncCredential = $global:iPilotTenantID + '============' + $global:iPilotClientID + '============' + $global:iPilotClientSecret
        #$NuWaveiPilotDirectorySyncCredential | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString | Out-File "$iPilotDataDirectory\NuWaveiPilotDirectorySyncCredential.cred"
        $NuWaveiPilotDirectorySyncCredential = New-Object System.Management.Automation.PSCredential ("$($global:iPilotTenantID)\$($global:iPilotClientID)", ($global:iPilotClientSecret | ConvertTo-SecureString -AsPlainText -Force))
        $NuWaveiPilotDirectorySyncCredential | Export-Clixml -Path "$iPilotDataDirectory\NuWaveiPilotDirectorySyncCredential.cred" -Force

    }

    # Output values
    Write-Verbose "Tenant ID: $global:iPilotTenantID"
    Write-Verbose "Client ID: $global:iPilotClientID"
    #Write-Debug "Client Secret: $ClientSecret"
    $PrintableClientSecret = "..." + $global:iPilotClientSecret.SubString($global:iPilotClientSecret.length - 6) # only grab last 6
    Write-Verbose "Client Secret: $PrintableClientSecret" -Verbose
}