Functions/Authentication/Close-PASSAMLSession.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
function Close-PASSAMLSession {
    <#
.SYNOPSIS
Logoff from CyberArk Vault SAML Session.

.DESCRIPTION
Performs Vault Logoff from SAML session and removes the Vault session.

.PARAMETER sessionToken
Hashtable containing the session token returned from New-PASSAMLSession

.PARAMETER WebSession
WebRequestSession object returned from New-PASSession

.PARAMETER BaseURI
A string containing the base web address to send te request to.
Pass the portion the PVWA HTTP address.
Do not include "/PasswordVault/"

.PARAMETER PVWAAppName
The name of the CyberArk PVWA Virtual Directory.
Defaults to PasswordVault

.EXAMPLE
$token | Close-PASSAMLSession

Logs off from the SAML session related to the authorisation token

.INPUTS

.OUTPUTS

.NOTES
Not Tested nor confirmed as working.
New-PASSAMLSession function needs to be fixed first.

.LINK
#>

    [CmdletBinding()]
    param(
        [parameter(
            Mandatory = $true,
            ValueFromPipelinebyPropertyName = $true
        )]
        [ValidateNotNullOrEmpty()]
        [hashtable]$sessionToken,

        [parameter(
            ValueFromPipelinebyPropertyName = $true
        )]
        [Microsoft.PowerShell.Commands.WebRequestSession]$WebSession,

        [parameter(
            Mandatory = $true,
            ValueFromPipelinebyPropertyName = $true
        )]
        [string]$BaseURI,

        [parameter(
            Mandatory = $false,
            ValueFromPipelinebyPropertyName = $true
        )]
        [string]$PVWAAppName = "PasswordVault"
    )

    BEGIN {

    }#begin

    PROCESS {

        #Construct URL for request
        $URI = "$baseURI/$PVWAAppName/WebServices/auth/SAML/SAMLAuthenticationService.svc/Logoff"

        $Body = @{} | ConvertTo-Json

        #Send Logon Request
        Invoke-PASRestMethod -Uri $URI -Method POST -Body $Body -Header $sessionToken -WebSession $WebSession

    }#process

    END {}#end
}