Skip to content

Commit

Permalink
Session - Add use of global variable, $tss_ignoreversioncheck, for …
Browse files Browse the repository at this point in the history
…disabling version check
  • Loading branch information
wsmelton committed Sep 28, 2021
1 parent 446b7cf commit 2c0ba2a
Show file tree
Hide file tree
Showing 4 changed files with 31 additions and 20 deletions.
7 changes: 2 additions & 5 deletions src/Thycotic.SecretServer.psm1
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,8 @@ if ($partsDirectory) {
$script:PSModuleRoot = $PSScriptRoot
$script:binRoot = [IO.Path]::Combine($PSModuleRoot,'bin')
$script:clientSdkPath = [IO.Path]::Combine($binRoot,'ClientSdk')
<#
Secret Server does not delete secrets, just disables them.
Remove is a common term though and one used by SecretManagement module from Microsoft.
Creating an alias to map to Disable function of the module to keep things simplified.
#>
$script:ignoreVersion = $tss_ignoreversioncheck

$aliases = @{
'gts' = 'Get-TssSecret'
'nts' = 'New-TssSession'
Expand Down
11 changes: 10 additions & 1 deletion src/Thycotic.SecretServer/cmdlets/private/NewTssApiToken.cs
Original file line number Diff line number Diff line change
Expand Up @@ -49,16 +49,22 @@ protected override void ProcessRecord()
apiClient.BaseUrl = requestUri;
apiClient.Timeout = Timeout;

if (string.IsNullOrEmpty(Proxy))
WriteVerbose("Base URL set to: " + requestUri);
WriteVerbose("Request timeout set to : " + Timeout);

if (MyInvocation.BoundParameters.ContainsKey("Proxy"))
{
apiClient.Proxy = new WebProxy(Proxy);
WriteVerbose("Configuring Proxy for request");
if (ProxyUseDefaultCredentials.IsPresent)
{
apiClient.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials;
WriteVerbose("Default Credentials being used for Proxy");
}
if (MyInvocation.BoundParameters.ContainsKey("ProxyCredential"))
{
apiClient.Proxy.Credentials = new NetworkCredential(ProxyCredential.UserName, ProxyCredential.Password);
WriteVerbose("Proxy credential username being set to: " + ProxyCredential.UserName);
}
}

Expand All @@ -68,12 +74,15 @@ protected override void ProcessRecord()
if (MyInvocation.BoundParameters.ContainsKey("OtpCode"))
{
apiRequest.AddParameter("otp", OtpCode.ToString(), ParameterType.HttpHeader);
WriteVerbose("OTP Code added to request: " + OtpCode.ToString());
}

apiRequest.AddParameter("username", Username);
WriteVerbose("Username: " + Username);
apiRequest.AddParameter("password", Password);
apiRequest.AddParameter("grant_type", "password");

WriteVerbose("Performing the operation " + apiRequest.Method + " " + apiClient.BaseUrl);
IRestResponse apiResponse = apiClient.Execute(apiRequest);
WriteObject(apiResponse);
}
Expand Down
23 changes: 13 additions & 10 deletions src/functions/authentication/New-TssSession.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,6 @@ function New-TssSession {
$newTokenParams = @{}
$newTokenParams.Uri = $outputTssSession.SecretServer.TrimEnd('/'), 'oauth2', 'token' -join '/'


Write-Verbose "Uri configured for OAuth2 request: $($newTokenParams.Uri)"
if ($newTssParams.ContainsKey('OtpCode')) {
Write-Verbose "OtpCode provided"
Expand Down Expand Up @@ -158,7 +157,7 @@ function New-TssSession {
}

if ($restResponse) {
Write-Verbose "Adding values to TssSession object"
Write-Verbose "Configuring TssSession object"
$outputTssSession.AccessToken = $restResponse.access_token
$outputTssSession.RefreshToken = $restResponse.refresh_token
$outputTssSession.ExpiresIn = $restResponse.expires_in
Expand Down Expand Up @@ -236,15 +235,19 @@ function New-TssSession {
}
$outputTssSession.StartTime = [datetime]::Now
Write-Verbose "Setting start time for session: $($outputTssSession.StartTime)"
try {
Write-Verbose "Attempting to retrieve Secret Server host version"
$versionResponse = Get-TssVersion -TssSession $outputTssSession
$outputTssSession.SecretServerVersion = $versionResponse.Version
if ($outputTssSession.SecretServerVersion) {
Write-Verbose "Version info received successfully: $($outputTssSession.SecretServerVersion)"
if ($ignoreVersion -or ((Test-Path variable:tss_ignoreversioncheck) -and $tss_ignoreversioncheck)) {
Write-Verbose "tss_ignoreversioncheck set to true, module will not perform Secret Server version check"
} else {
try {
Write-Verbose "Attempting to retrieve Secret Server host version"
$versionResponse = Get-TssVersion -TssSession $outputTssSession
$outputTssSession.SecretServerVersion = $versionResponse.Version
if ($outputTssSession.SecretServerVersion) {
Write-Verbose "Version info received successfully: $($outputTssSession.SecretServerVersion)"
}
} catch {
Write-Warning "Issue reading version of [$SecretServer], this may be due to Hide Secret Server Version Numbers being disabled. Version support is limited in the module and may affect functionality of some functions."
}
} catch {
Write-Warning "Issue reading version of [$SecretServer], this may be due to Hide Secret Server Version Numbers being disabled. Version support is limited in the module and may affect functionality of some functions."
}
Write-Verbose "SecretServer host: $($outputTssSession.SecretServer)"
Write-Verbose "ApiUrl: $($outputTssSession.ApiUrl)"
Expand Down
10 changes: 6 additions & 4 deletions src/parts/CheckVersion.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,12 @@ param(
$Invocation
)
process {
$source = $Invocation.MyCommand
$currentVersion = $TssSession.SecretServerVersion
if (-not $ignoreVersion -or (Test-Path variable:tss_ignoreversioncheck -and -not $tss_ignoreversioncheck)) {
$source = $Invocation.MyCommand
$currentVersion = $TssSession.SecretServerVersion

if ($currentVersion -lt $MinimumSupported) {
Write-Verbose "[$source] is only supported on [$MinimumSupported]+ of Secret Server. Secret Server host [$($TssSession.SecretServer)] version: [$currentVersion]"
if ($currentVersion -lt $MinimumSupported) {
Write-Verbose "[$source] is only supported on [$MinimumSupported]+ of Secret Server. Secret Server host [$($TssSession.SecretServer)] version: [$currentVersion]"
}
}
}

0 comments on commit 2c0ba2a

Please sign in to comment.