Functions/Authentication/Close-PASSession.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
function Close-PASSession {
    <#
    .SYNOPSIS
    Logoff from CyberArk Vault.
 
    .DESCRIPTION
    Performs Logoff and removes the Vault session.
 
    .PARAMETER UseClassicAPI
    Specify the UseClassicAPI switch to send the logoff request via the Classic (v9) API endpoint.
    Relevant for CyberArk versions earlier than 10.4
 
    .PARAMETER SharedAuthentication
    Specify the SharedAuthentication switch to logoff from a shared authentication session
 
    .PARAMETER SAMLAuthentication
    Specify the SAMLAuthentication switch to logoff from a session authenticated to with SAML
 
    .EXAMPLE
    Close-PASSession
 
    Logs off from the session related to the authorisation token.
 
    .EXAMPLE
    Close-PASSession -SAMLAuthentication
 
    Logs off from the session related to the authorisation token using the SAML Authentication API endpoint.
 
    .EXAMPLE
    Close-PASSession -SharedAuthentication
 
    Logs off from the session related to the authorisation token using the Shared Authentication API endpoint.
 
    .EXAMPLE
    Close-PASSession -UseClassicAPI
 
    Logs off from the session related to the authorisation token using the Classic API endpoint.
 
    #>

    [CmdletBinding(DefaultParameterSetName = "V10")]
    param(

        [parameter(
            Mandatory = $false,
            ValueFromPipelinebyPropertyName = $false,
            ParameterSetName = "v9"
        )]
        [switch]$UseClassicAPI,

        [Parameter(
            Mandatory = $false,
            ValueFromPipeline = $false,
            ValueFromPipelinebyPropertyName = $true,
            ParameterSetName = "shared"
        )]
        [switch]$SharedAuthentication,

        [Parameter(
            Mandatory = $false,
            ValueFromPipeline = $false,
            ValueFromPipelinebyPropertyName = $true,
            ParameterSetName = "saml"
        )]
        [switch]$SAMLAuthentication

    )

    BEGIN {

        Switch ($PSCmdlet.ParameterSetName) {

            "v9" {

                $URI = "$Script:BaseURI/WebServices/auth/Cyberark/CyberArkAuthenticationService.svc/Logoff"
                break

            }

            "saml" {

                $URI = "$Script:BaseURI/WebServices/auth/SAML/SAMLAuthenticationService.svc/Logoff"
                break

            }

            "shared" {

                $URI = "$Script:BaseURI/WebServices/auth/Shared/RestfulAuthenticationService.svc/Logoff"
                break

            }

            "V10" {

                $URI = "$Script:BaseURI/API/Auth/Logoff"
                break

            }

        }

    }#begin

    PROCESS {

        #Send Logoff Request
        Invoke-PASRestMethod -Uri $URI -Method POST -WebSession $Script:WebSession | Out-Null

    }#process

    END {

        #Set ExternalVersion to 0.0
        [System.Version]$Version = "0.0"
        Set-Variable -Name ExternalVersion -Value $Version -Scope Script -ErrorAction SilentlyContinue

        #Clear Module scope variables on logoff
        Clear-Variable -Name BaseURI -Scope Script -ErrorAction SilentlyContinue
        Clear-Variable -Name WebSession -Scope Script -ErrorAction SilentlyContinue

    }#end
}