updates

Author: TehMuffinMoo

Modules/ibPS-Main.ps1

@@ -35,8 +35,10 @@ if ($ENV:IBPSDevelopment -eq "Enabled") {
 }
 if ($ENV:IBPSDebug -eq "Enabled") {
    $DebugPreference = 'Continue'
+   $VerbosePreference = 'Continue'
 } else {
    $DebugPreference = 'SilentlyContinue'
+   $VerbosePreference = 'SilentlyContinue'
 }
 
 Initialize-NIOSConfig

Modules/ibPS/Functions/CSP/Authentication/API/Switch-B1ConnectionProfile.ps1

@@ -42,20 +42,16 @@
             $ContextConfig.CurrentContext = $Name
             $ContextConfig | ConvertTo-Json -Depth 5 | Out-File $Script:B1ConfigFile -Force
 
-            if ($ENV:B1APIKey -or $ENV:B1CSPUrl) {
+            if ($ENV:B1CSPUrl) {
                 $Platform = Detect-OS
                 if ($Platform -eq "Windows") {
-                  [System.Environment]::SetEnvironmentVariable('B1APIKey',$null,[System.EnvironmentVariableTarget]::User)
                   [System.Environment]::SetEnvironmentVariable('B1CSPUrl',$null,[System.EnvironmentVariableTarget]::User)
-                  $ENV:B1APIKey = $null
                   $ENV:B1CSPUrl = $null
                 }
                 if ($Platform -eq "Mac" -or $Platform -eq "Unix") {
                     if (Test-Path ~/.zshenv) {
-                        sed -i '' -e '/B1APIKey/d' ~/.zshenv
                         sed -i '' -e '/B1CSPUrl/d' ~/.zshenv
                     }
-                    $ENV:B1APIKey = $null
                     $ENV:B1CSPUrl = $null
                 }
             }

Modules/ibPS/Functions/CSP/Portal/Get-B1CSPCurrentUser.ps1 renamed to Modules/ibPS/Functions/CSP/Authentication/Get-B1CSPCurrentUser.ps1

@@ -15,8 +15,8 @@ function Connect-B1Account {
     .PARAMETER Email
         The email address of the Infoblox Portal account to use when connecting.
 
-    .PARAMETER Password
-        The password of the Infoblox Portal account to use when connecting.
+    .PARAMETER SecurePassword
+        The password of the Infoblox Portal account to use when connecting, in SecureString format.
 
     .EXAMPLE
         PS> Connect-B1Account -Email "[email protected]" -Password "mySuperSecurePassword"
@@ -33,63 +33,49 @@ function Connect-B1Account {
         Authentication
     #>
     param(
-        [Parameter(Mandatory = $true)]
+        [Parameter(Mandatory = $true,ParameterSetName="JWT")]
         [string]$Email,
+        [Parameter(Mandatory = $true,ParameterSetName="API")]
+        [switch]$APIKey,
         [ValidateSet("US","EU")]
         [String]$CSPRegion = 'US',
-        [String]$CSPUrl,
-        [Parameter(Mandatory = $false)]
-        [SecureString]$SecurePassword
+        [Parameter(Mandatory = $false,ParameterSetName="JWT")]
+        [SecureString]$SecurePassword,
+        [Parameter(Mandatory = $false,ParameterSetName="API")]
+        [SecureString]$SecureAPIKey
     )
 
-    if (-not $SecurePassword) {
-        $Password = Read-Host -Prompt "Enter your password for $Email" -AsSecureString
-    } else {
-        $Password = $SecurePassword
-    }
-
-    switch ($CSPRegion) {
-        "US" {
-            $CSPUrl = "https://csp.infoblox.com"
-        }
-        "EU" {
-            $CSPUrl = "https://csp.eu.infoblox.com"
-        }
-    }
-    $ENV:B1CSPUrl = $CSPUrl
-
-    $Body = @{
-        email = $Email
-        password = ConvertFrom-SecureString -SecureString $Password -AsPlainText
-    } | ConvertTo-Json
-
-    $Headers = @{
-        "Content-Type" = "application/json"
-    }
-
     try {
-        $Result = Invoke-RestMethod -Method POST -Uri "$($CSPUrl)/v2/session/users/sign_in" -Body $Body -Headers $Headers -ContentType "application/json"
-        if ($Result.jwt -ne $null) {
-            $ENV:B1Bearer = $Result.jwt
-            if ($CU = Get-B1CSPCurrentUser) {
-                $CA = Get-B1CSPCurrentUser -Account
-                Write-Host "Successfully connected to $($CA.name) using: $($CU.email)." -ForegroundColor Green
+        $AuthManager = [AuthManager]::new($CSPRegion)
+        if ($Email) {
+            if (-not $SecurePassword) {
+                $Password = Read-Host -Prompt "Enter your password for $Email" -AsSecureString
             } else {
-                Write-Error "Successfully retrieved JWT but no active user details were returned."
+                $Password = $SecurePassword
             }
-        } else {
-            if ($Result.error.message) {
-                Write-Error "$($Result.error.message)"
-            } else {
-                Write-Error "An unknown error occurred while connecting to the Infoblox Portal. Please check your credentials and try again."
+            $AuthManager.ConnectJWT($Email,$Password)
+            if ($AuthManager.JWT) {
+                $Script:AuthManager = $AuthManager
+            }
+        } elseif ($APIKey) {
+            if (-not $SecureAPIKey) {
+                $SecureAPIKey = Read-Host -Prompt "Enter your API Key" -AsSecureString
+            }
+            $AuthManager.ConnectAPIKey($SecureAPIKey)
+            if ($AuthManager.APIKey) {
+                $Script:AuthManager = $AuthManager
+                $CU = Get-B1CSPCurrentUser -ErrorAction SilentlyContinue
+                if ($CU) {
+                    Write-Host "Connected using API Key as: $($CU.name)" -ForegroundColor Green
+                } else {
+                    Write-Error "Failed to connect using API Key. Please check your API Key and try again."
+                    $Script:AuthManager = $null
+                    return
+                }
             }
         }
     } catch {
-        $json = $_ | ConvertFrom-Json -ErrorAction SilentlyContinue
-        if ($json.error) {
-            Write-Error "$($json.error.message)"
-        } else {
-            Write-Error "An unknown error occurred while connecting to the Infoblox Portal. Please check your credentials and try again."
-        }
+        Write-Error $_
+        $Script:AuthManager = $null
     }
 }

Modules/ibPS/Functions/CSP/Authentication/JWT/Connect-B1Account.ps1

@@ -21,32 +21,13 @@ function Disconnect-B1Account {
         Authentication
     #>
     [CmdletBinding()]
-    [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseDeclaredVarsMoreThanAssignments', '')]
     param()
-    if ($ENV:B1Bearer) {
-        $CU = Get-B1CSPCurrentUser
-        $CA = Get-B1CSPCurrentUser -Account
-        if ($CU -and $CA) {
-            Write-Host "Disconnecting from $($CA.name) using: $($CU.email)." -ForegroundColor Green
-        } else {
-            Write-Host "Already disconnected from the Infoblox Portal." -ForegroundColor Green
-            return
-        }
+    if ($Script:AuthManager) {
+        $AuthManager = $Script:AuthManager
+        $AuthManager.Disconnect()
+        $Script:AuthManager = $null
     } else {
         Write-Error "You are not currently connected to the Infoblox Portal. Please use Connect-B1Account first."
         return
     }
-
-    $Headers = @{
-        "Authorization" = "Bearer $($ENV:B1Bearer)"
-    }
-
-    try {
-        $ENV:B1Bearer = $null
-        $Result = Invoke-RestMethod -Method DELETE -Uri "$($ENV:B1CSPUrl)/v2/session/users/sign_out" -Headers $Headers
-        Write-Host "Disconnected Successfully." -ForegroundColor Green
-    } catch {
-        Write-Error "An unknown error occurred while disconnecting from the Infoblox Portal."
-        return $_
-    }
 }

Modules/ibPS/Functions/CSP/Authentication/JWT/Disconnect-B1Account.ps1

@@ -0,0 +1,30 @@
+function Get-B1AccountSession {
+    <#
+    .SYNOPSIS
+        
+
+    .DESCRIPTION
+        
+
+    .EXAMPLE
+        PS> Get-B1AccountSession
+
+    .FUNCTIONALITY
+        Infoblox Portal
+
+    .FUNCTIONALITY
+        Core
+
+    .FUNCTIONALITY
+        Authentication
+    #>
+    [CmdletBinding()]
+    param()
+    if ($Script:AuthManager) {
+        $AuthManager = $Script:AuthManager
+        $AuthManager.GetSessionInfo()
+    } else {
+        Write-Error "You are not currently connected to the Infoblox Portal. Please use Connect-B1Account first."
+        return
+    }
+}

Modules/ibPS/Functions/CSP/Authentication/JWT/Get-B1AccountSession.ps1

@@ -1,10 +1,12 @@
 function Switch-B1Account {
     <#
     .SYNOPSIS
-        Switches the interactive JWT session token to a different Infoblox Portal account.
+        Switches an interactive JWT session token to a different Infoblox Portal account.
 
     .DESCRIPTION
-        Switches the interactive JWT session token to a different Infoblox Portal account. This can be used to switch into the context of Sandboxes/Subtenants using the parent account's JWT session token.
+        Switches an interactive JWT session token to a different Infoblox Portal account. This can be used to switch into the context of Sandboxes/Subtenants using the parent account's JWT session token.
+
+        This only works when connected to the Infoblox Portal using Connect-B1Account and an Email / Password. API Keys do not support account switching.
 
     .PARAMETER Name
         The name of the Infoblox Portal account to switch to. This is the name as displayed in the Infoblox Portal.
@@ -33,8 +35,8 @@ function Switch-B1Account {
         [string]$id
     )
 
-    if (!$ENV:B1Bearer) {
-        Write-Error "You must be connected to a BloxOne account before switching accounts. Please use Connect-B1Account first."
+    if (!$Script:AuthManager) {
+        Write-Error "You must be connected to the Infoblox Portal before switching accounts. Please use Connect-B1Account first."
         return
     }
 
@@ -47,38 +49,13 @@ function Switch-B1Account {
         $id = $Account.id
     }
 
-    $Body =  @{
-      id = $id
-    } | ConvertTo-Json
-
-    $Headers = @{
-        "Authorization" = "Bearer $ENV:B1Bearer"
-    }
-
     try {
-        $Result = Invoke-RestMethod -Method POST -Uri "https://csp.infoblox.com/v2/session/account_switch" -Body $Body -Headers $Headers -ContentType "application/json"
-
-        if ($Result.jwt -ne $null) {
-            $ENV:B1Bearer = $Result.jwt
-            if ($CU = Get-B1CSPCurrentUser) {
-                $CA = Get-B1CSPCurrentUser -Account
-                Write-Host "Successfully switched to $($CA.name) using: $($CU.email)." -ForegroundColor Green
-            } else {
-                Write-Error "Successfully retrieved new JWT but no active user details were returned."
-            }
-        } else {
-            if ($Result.error) {
-                Write-Error "$($Result.error)"
-            } else {
-                Write-Error "An unknown error occurred while switching accounts."
-            }
+        if (!($Script:AuthManager).SwitchSession($id)) {
+            Write-Error "Failed to switch accounts. Please check the account ID and try again."
+            return
         }
     } catch {
-        $json = $_ | ConvertFrom-Json
-        if ($json.error) {
-            Write-Error "$($json.error.message)"
-        } else {
-            Write-Error "An unknown error occurred while switching accounts."
-        }
+        Write-Error $_
+        return
     }
 }

Modules/ibPS/Functions/CSP/Authentication/JWT/Switch-B1Account.ps1

@@ -37,8 +37,8 @@ Register-ArgumentCompleter -CommandName Get-B1Service,New-B1Service -ParameterNa
 
 $B1Accounts = {
     param($commandName, $parameterName, $wordToComplete, $commandAst, $fakeBoundParameters)
-    if (!$ENV:B1Bearer) {
-        Write-Host "`nYou must be connected to a BloxOne account before switching accounts. Please use Connect-B1Account first." -ForegroundColor Red
+    if (!$Script:AuthManager) {
+        Write-Host "`nYou must be connected to the Infoblox Portal before switching accounts. Please use Connect-B1Account first." -ForegroundColor Red
         return
     }
     (Get-B1CSPCurrentUser -Accounts | Where-Object {$_.name -like "$wordToComplete*"}).name