powershell-pulp

2.1.0

public/Get-PulpCertificate.ps1

                                # .ExternalHelp powershell-pulp-help.xml

Function Get-PulpCertificate{

  [Cmdletbinding()]

  Param(

    [Parameter(Mandatory=$false)]

    [string]$Server = (Get-PulpLocalConfig -Server).Server,

    [Parameter(Mandatory=$false)]

    [int]$Port = (Get-PulpLocalConfig -Port).Port,

    [Parameter(Mandatory=$false)]

    [string]$Protocol = (Get-PulpLocalConfig -Protocol).Protocol,

    [Parameter(Mandatory=$false)]

    [string]$Username = (Get-PulpLocalConfig -Username).Username,

    [Parameter(Mandatory=$false)]

    [switch]$Force

  )

  $uri = "${Protocol}://${Server}:${Port}/pulp/api/v2/actions/login/"

  $certFriendlyName = "Pulp on $server"

  $certStorePath = "Cert:\CurrentUser\My"

  $storedCertificates = (Get-ChildItem $certStorePath |

                         Where-Object {$_.FriendlyName -eq $certFriendlyName} |

                         Where-Object {$_.NotAfter -gt (Get-Date)} |

                         Sort-Object NotAfter -Descending)

  if (($storedCertificates.Count -gt 0) -and (!$Force)) {

    return $storedCertificates[0]

  } else {

    $config = Get-PulpLocalConfig

    while (!$authResponse){

      if (!$Password){

        $credential = Get-Credential -user $Username -Message `

          "Enter Pulp username and password to obtain certificate"

        $Password = $credential.GetNetworkCredential().password

        $Username = $credential.UserName

      }

      $base64Cred = [System.Convert]::ToBase64String(

        [Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $Username,$Password)))

      try {

        $authResponse = Invoke-RestMethod -Uri $uri -Method Post `

                        -Headers @{Authorization=("Basic {0}" -f $base64Cred)} `

                        -ErrorAction Continue

      } catch {

        $Password = $null

      }

    }

    $certBytes = [System.Convert]::FromBase64String(

      $authResponse.certificate.Substring(

        28, $authResponse.certificate.Length - 55))

    $keyBytes = [System.Convert]::FromBase64String(

      $authResponse.key.Substring(32, $authResponse.key.Length-63))

    $decodedKey = [PowershellPulp.Crypto]::DecodeRsaPrivateKey($keyBytes)

    $certificate = New-Object `

    System.Security.Cryptography.X509Certificates.X509Certificate2(

      $certBytes,'')

    $certificate.FriendlyName = $certFriendlyName

    $certificate.PrivateKey = $decodedKey

    $certStore = Get-Item $certStorePath

    $certStore.Open('ReadWrite')

    $certStore.Add($certificate)

    # Recursion!

    return (Get-PulpCertificate -Server $Server -Port $Port `

                                -Protocol $Protocol -Username $Username)

  }

}