-AccessToken does not decrypt supplied PSCredential

[wilddev65]

VenafiTppPS version: 20.4
PowerShell version: 5.1

# Steps to reproduce

$AccessToken = New-Object System.Management.Automation.PSCredential('AccessToken', ($token.AccessToken | ConvertTo-SecureString -AsPlainText -Force))
Revoke-TppToken -AuthServer $AuthUrl -AccessToken $AccessToken

# Expected behavior

Token is revoked in TPP

# Actual behavior

StatusCode        : 202
StatusDescription : Invalid token format
Content           : {}
RawContent        : HTTP/1.1 202 Invalid token format
                    Access-Control-Allow-Origin: *
                    X-Frame-Options: SAMEORIGIN
                    X-Content-Type-Options: nosniff
                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                    Content...
Headers           : {[Access-Control-Allow-Origin, *], [X-Frame-Options, SAMEORIGIN], [X-Content-Type-Options, nosniff], [Strict-Transport-Security,     
                    max-age=31536000; includeSubDomains]...}
RawContentLength  : 0

# Fix

Revoke-TppToken, line 98
-$params.Header = @{'Authorization' = 'Bearer {0}' -f $AccessToken }
+$params.Header = @{'Authorization' = 'Bearer {0}' -f $AccessToken.GetNetworkCredential().password }

[gdbarron]

@wilddev65, since it's not being stored and security isn't an issue, would it make more sense for -AccessToken to accept a string instead of a credential? I think the original idea was to have a mechanism to revoke a token if it was obtained from another source and converting it to a credential in this case is probably not needed. Thoughts?

Out of curiosity, what is $token.AccessToken in your steps to reproduce, not from New-TppToken?

[wilddev65]

Sorry, $token.AccessToken is just a token string to feed Revoke-Token a PSCredential object. Should have been more clear about that.