iPilot

1.1.9

Private/Get-iPilotDirectorySyncCredentials.ps1

                                Function Get-iPilotDirectorySyncCredentials {

    Param (

        [System.String]

            $iPilotDataDirectory = "${env:APPDATA}\iPilot"

    )

    # Rename old credential if detected

    if ( (Test-Path "${env:APPDATA}\iPilot\iPilotDirectorySyncCredential.cred") -and $iPilotDataDirectory -ne "${env:APPDATA}\iPilot") {

        Write-Output "Moving iPilot AppData files to $iPilotDataDirectory directory"

        New-Item -ItemType Directory -Path "${env:APPDATA}\iPilot" -Force

        Get-ChildItem -Path "${env:APPDATA}\NuWave" -Exclude *.log | Move-Item -Destination "${env:APPDATA}\iPilot" -Force -Verbose

        Rename-Item -Path "$iPilotDataDirectory\iPilotDirectorySyncCredential.cred" -NewName "iPilotDirectorySyncCredential.cred" -Verbose

    } else {

        Write-Verbose "iPilotDataDirectory is set to $iPilotDataDirectory and iPilotDirectorySyncCredential.cred has been migrated or recreated."

    }

    if (Test-Path "$iPilotDataDirectory\iPilotDirectorySyncCredential.cred") {

        # Decrypt credential from file

        Write-Output "Decrypting iPilot Directory Sync Tenant ID, Client ID, and Client Secret from $iPilotDataDirectory\iPilotDirectorySyncCredential.cred"

        # Retrieve TenantID, ClientID and ClientSecret from encrypted credential

        $global:IP_DirectorySyncCredential = Import-Clixml -Path "$iPilotDataDirectory\iPilotDirectorySyncCredential.cred"

        $global:IP_iPilotTenantID = $global:IP_DirectorySyncCredential.GetNetworkCredential().Domain

        $global:IP_iPilotClientID = $global:IP_DirectorySyncCredential.GetNetworkCredential().UserName

        $global:IP_iPilotClientSecret = $global:IP_DirectorySyncCredential.GetNetworkCredential().Password

    } else {

        Write-Output "Save iPilot Directory Sync Tenant ID, Client ID, and Client Secret to $iPilotDataDirectory\iPilotDirectorySyncCredential.cred"

        # Read Tenant ID, Client ID, and Client Secret from prompt unless set already

        if (!$global:IP_iPilotTenantID) {$global:IP_iPilotTenantID = Read-Host -Prompt "Enter the Azure Tenant ID (https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Properties):"}

        if (!$global:IP_iPilotClientID) {$global:IP_iPilotClientID = Read-Host -Prompt "Enter the Client ID"}

        if (!$global:IP_iPilotClientSecret) {$global:IP_iPilotClientSecret = Read-Host -Prompt "Enter the Client Secret" -AsSecureString}

        # Save Tenant ID, Client ID, and Client Secret to $iPilotDataDirectory\iPilotDirectorySyncCredential.cred

        $global:IP_DirectorySyncCredential = New-Object System.Management.Automation.PSCredential ("$($global:IP_iPilotTenantID)\$($global:IP_iPilotClientID)", $global:IP_iPilotClientSecret)

        $global:IP_DirectorySyncCredential | Export-Clixml -Path "$iPilotDataDirectory\iPilotDirectorySyncCredential.cred" -Force

    }

    # Output values

    Write-Verbose "Tenant ID: $global:IP_iPilotTenantID"

    Write-Verbose "Client ID: $global:IP_iPilotClientID"

    Write-Debug "Client Secret: $($global:IP_DirectorySyncCredential.GetNetworkCredential().Password)"

    $PrintableClientSecret = "..." + $global:IP_DirectorySyncCredential.GetNetworkCredential().Password.SubString($global:IP_DirectorySyncCredential.GetNetworkCredential().Password.length - 6) # only grab last 6

    Write-Verbose "Client Secret: $PrintableClientSecret" -Verbose

}