Private/Get-iPilotDirectorySyncCredentials.ps1
Function Get-iPilotDirectorySyncCredentials { Param ( [System.String] $iPilotDataDirectory = "${env:APPDATA}\iPilot" ) # Rename old credential if detected if ( (Test-Path "${env:APPDATA}\iPilot\iPilotDirectorySyncCredential.cred") -and $iPilotDataDirectory -ne "${env:APPDATA}\iPilot") { Write-Output "Moving iPilot AppData files to $iPilotDataDirectory directory" New-Item -ItemType Directory -Path "${env:APPDATA}\iPilot" -Force Get-ChildItem -Path "${env:APPDATA}\NuWave" -Exclude *.log | Move-Item -Destination "${env:APPDATA}\iPilot" -Force -Verbose Rename-Item -Path "$iPilotDataDirectory\iPilotDirectorySyncCredential.cred" -NewName "iPilotDirectorySyncCredential.cred" -Verbose } else { Write-Verbose "iPilotDataDirectory is set to $iPilotDataDirectory and iPilotDirectorySyncCredential.cred has been migrated or recreated." } if (Test-Path "$iPilotDataDirectory\iPilotDirectorySyncCredential.cred") { # Decrypt credential from file Write-Output "Decrypting iPilot Directory Sync Tenant ID, Client ID, and Client Secret from $iPilotDataDirectory\iPilotDirectorySyncCredential.cred" # Retrieve TenantID, ClientID and ClientSecret from encrypted credential $global:IP_DirectorySyncCredential = Import-Clixml -Path "$iPilotDataDirectory\iPilotDirectorySyncCredential.cred" $global:IP_iPilotTenantID = $global:IP_DirectorySyncCredential.GetNetworkCredential().Domain $global:IP_iPilotClientID = $global:IP_DirectorySyncCredential.GetNetworkCredential().UserName $global:IP_iPilotClientSecret = $global:IP_DirectorySyncCredential.GetNetworkCredential().Password } else { Write-Output "Save iPilot Directory Sync Tenant ID, Client ID, and Client Secret to $iPilotDataDirectory\iPilotDirectorySyncCredential.cred" # Read Tenant ID, Client ID, and Client Secret from prompt unless set already if (!$global:IP_iPilotTenantID) {$global:IP_iPilotTenantID = Read-Host -Prompt "Enter the Azure Tenant ID (https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Properties):"} if (!$global:IP_iPilotClientID) {$global:IP_iPilotClientID = Read-Host -Prompt "Enter the Client ID"} if (!$global:IP_iPilotClientSecret) {$global:IP_iPilotClientSecret = Read-Host -Prompt "Enter the Client Secret" -AsSecureString} # Save Tenant ID, Client ID, and Client Secret to $iPilotDataDirectory\iPilotDirectorySyncCredential.cred $global:IP_DirectorySyncCredential = New-Object System.Management.Automation.PSCredential ("$($global:IP_iPilotTenantID)\$($global:IP_iPilotClientID)", $global:IP_iPilotClientSecret) $global:IP_DirectorySyncCredential | Export-Clixml -Path "$iPilotDataDirectory\iPilotDirectorySyncCredential.cred" -Force } # Output values Write-Verbose "Tenant ID: $global:IP_iPilotTenantID" Write-Verbose "Client ID: $global:IP_iPilotClientID" Write-Debug "Client Secret: $($global:IP_DirectorySyncCredential.GetNetworkCredential().Password)" $PrintableClientSecret = "..." + $global:IP_DirectorySyncCredential.GetNetworkCredential().Password.SubString($global:IP_DirectorySyncCredential.GetNetworkCredential().Password.length - 6) # only grab last 6 Write-Verbose "Client Secret: $PrintableClientSecret" -Verbose } |