Update authentication token retrival

nicolonsky · Jul 29, 2020 · b02b672 · b02b672
1 parent 29313a3
commit b02b672
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 66 deletions.
diff --git a/AzureADLicensing/AzureADLicensing.psd1 b/AzureADLicensing/AzureADLicensing.psd1
diff --git a/AzureADLicensing/AzureADLicensing.psm1 b/AzureADLicensing/AzureADLicensing.psm1
@@ -1,18 +1,14 @@
 function Get-AADLicenseSku {
     [cmdletbinding()]
     param()
-    begin{
-        Test-AuthToken
-    }
+
     process {
 
         $baseUrl = "https://main.iam.ad.ext.azure.com/api/"
 
         try {
-            $request = Invoke-WebRequest -Method Get -Uri $($baseUrl + "AccountSkus") -Headers $global:header
-
+            $request = Invoke-WebRequest -Method Get -Uri $($baseUrl + "AccountSkus") -Headers $(Get-AuthToken)
             $requestContent = $request | ConvertFrom-Json
-
             return $requestContent
         }
         catch {
@@ -27,28 +23,25 @@ function Get-AADLicenseSku {
                 }
             }
             else {
-                Write-Error $_.ErrorDetails.Message
+                Write-Error $_
             }
         }
     }
-}
+}           
 
 function Get-AADGroupLicenseAssignment {
     [cmdletbinding()]
     param(
         [Parameter(Mandatory, HelpMessage = "ID of the Azure AD group")]
         [String]$groupId
     )
-    begin{
-        Test-AuthToken
-    }
     process {
 
         $baseUrl = "https://main.iam.ad.ext.azure.com/api/"
 
         try {
 
-            $request = Invoke-WebRequest -Method Get -Uri $($baseUrl + "AccountSkus/Group/$groupId") -Headers $global:header
+            $request = Invoke-WebRequest -Method Get -Uri $($baseUrl + "AccountSkus/Group/$groupId") -Headers $(Get-AuthToken)
 
             $requestContent = $request | ConvertFrom-Json
 
@@ -67,7 +60,7 @@ function Get-AADGroupLicenseAssignment {
                 }
             }
             else {
-                Write-Error $_.ErrorDetails.Message
+                Write-Error $_
             }
         }
     }
@@ -84,9 +77,6 @@ function Add-AADGroupLicenseAssignment {
         [Parameter(HelpMessage = "Excluded features for the specified SKU")]
         [String[]]$disabledServicePlans = @()
     )
-    begin{
-        Test-AuthToken
-    }
     process {
 
         $licenceAssignmentConfig = @{
@@ -110,7 +100,7 @@ function Add-AADGroupLicenseAssignment {
         $baseUrl = "https://main.iam.ad.ext.azure.com/api/"
 
         try {
-            $response = Invoke-WebRequest -Method Post -Uri $($baseUrl + "AccountSkus/assign") -Headers $global:header -Body $requestBody
+            $response = Invoke-WebRequest -Method Post -Uri $($baseUrl + "AccountSkus/assign") -Headers $(Get-AuthToken) -Body $requestBody
 
             $responseContent = $response | ConvertFrom-Json
 
@@ -128,7 +118,7 @@ function Add-AADGroupLicenseAssignment {
                 }
             }
             else {
-                Write-Error $_.ErrorDetails.Message
+                Write-Error $_
             }
         }
     }
@@ -145,9 +135,6 @@ function Update-AADGroupLicenseAssignment {
         [Parameter(HelpMessage = "Excluded features for the specified SKU")]
         [String[]]$disabledServicePlans = @()
     )
-    begin{
-        Test-AuthToken
-    }
     process {
 
         $licenceAssignmentConfig = @{
@@ -172,7 +159,7 @@ function Update-AADGroupLicenseAssignment {
 
         try {
 
-            $response = Invoke-WebRequest -Method Post -Uri $($baseUrl + "AccountSkus/assign") -Headers $global:header -Body $requestBody
+            $response = Invoke-WebRequest -Method Post -Uri $($baseUrl + "AccountSkus/assign") -Headers $(Get-AuthToken) -Body $requestBody
             $responseContent = $response | ConvertFrom-Json
             return $responseContent
         }
@@ -188,7 +175,7 @@ function Update-AADGroupLicenseAssignment {
                 }
             }
             else {
-                Write-Error $_.ErrorDetails.Message
+                Write-Error $_
             }
         }
     }
@@ -202,9 +189,6 @@ function Remove-AADGroupLicenseAssignment {
         [Parameter(Mandatory, HelpMessage = "License SKU to remove")]
         [String]$accountSkuId
     )
-    begin{
-        Test-AuthToken
-    }
     process {
 
         $licenceAssignmentConfig = @{
@@ -224,7 +208,7 @@ function Remove-AADGroupLicenseAssignment {
 
         try {
 
-            $response = Invoke-WebRequest -Method Post -Uri $($baseUrl + "AccountSkus/remove") -Headers $global:header -Body $requestBody
+            $response = Invoke-WebRequest -Method Post -Uri $($baseUrl + "AccountSkus/remove") -Headers $(Get-AuthToken) -Body $requestBody
             $responseContent = $response | ConvertFrom-Json
             return $responseContent
 
@@ -241,7 +225,7 @@ function Remove-AADGroupLicenseAssignment {
                 }
             }
             else {
-                Write-Error $_.ErrorDetails.Message
+                Write-Error $_
             }
         }
     }
@@ -251,48 +235,27 @@ function Get-AuthToken {
     [Cmdletbinding()]
     param()
 
-    process {
-
-        try {
-
-            $context = (Get-AzContext -ErrorAction SilentlyContinue | Select-Object -First 1)
-
-            if ([string]::IsNullOrEmpty($context)) {
-                $null = Connect-AZAccount
-                $context = (Get-AzContext | Select-Object -First 1)
-            }
+    process {    
 
-            $apiToken = [Microsoft.Azure.Commands.Common.Authentication.AzureSession]::Instance.AuthenticationFactory.Authenticate($context.Account, $context.Environment, $context.Tenant.Id, $null, "Never", $null, "74658136-14ec-4630-ad9b-26e160ff0fc6")
+        $context = Get-AzContext
 
-            Write-Output "Connected to tenant: '$($context.Tenant.Id)' as: '$($context.Account)'"
-            $global:header = @{
-                'Authorization'          = 'Bearer ' + $apiToken.AccessToken.ToString()
-                'Content-Type'           = 'application/json'
-                'X-Requested-With'       = 'XMLHttpRequest'
-                'x-ms-client-request-id' = [guid]::NewGuid()
-                'x-ms-correlation-id'    = [guid]::NewGuid()
-            }
+        if ($null -eq $context) {
+            $null = Connect-AZAccount -EA stop
+            $context = Get-AzContext  
         }
-        catch {
-
-            Write-Error $_
-        }
-    }
-}
-function Test-AuthToken {
 
-    [Cmdletbinding()]
-    param()
-
-    process {
+        $apiToken = [Microsoft.Azure.Commands.Common.Authentication.AzureSession]::Instance.AuthenticationFactory.Authenticate($context.Account, $context.Environment, $context.Tenant.Id, $null, "Never", $null, "74658136-14ec-4630-ad9b-26e160ff0fc6")
 
-        $context = (Get-AzContext -ErrorAction SilentlyContinue | Select-Object -First 1)
+        $header = @{
+            'Authorization'          = 'Bearer ' + $apiToken.AccessToken.ToString()
+            'Content-Type'           = 'application/json'
+            'X-Requested-With'       = 'XMLHttpRequest'
+            'x-ms-client-request-id' = [guid]::NewGuid()
+            'x-ms-correlation-id'    = [guid]::NewGuid()
+        }
 
-        if ([string]::IsNullOrEmpty($context) -or $null -eq $global:header) {
+        Write-Verbose "Connected to tenant: '$($context.Tenant.Id)' as: '$($context.Account)'"
 
-            Throw "Not authenticated.  Please use the `"Get-AuthToken`" command to authenticate."
-        }else{
-            Write-Verbose "Connected to tenant: '$($context.Tenant.Id)' as: '$($context.Account)'"
-        }
+        return $header
     }
-}
+}
diff --git a/README.md b/README.md
@@ -8,7 +8,7 @@ PowerShell Cmdlets to manage Azure AD Group based Licensing.
 
 1. Install the module: ```Install-Module -Name AzureADLicensing -AllowClobber```
 2. If you hav the deprecated AzureRM module installed, uninstall it first ```Uninstall-AzureRm```
-3. Authenticate to Azure: ```Get-AuthToken```
+3. Authenticate to Azure: ```Connect-AzAccount```
 
 ## Available commands