search

devblackops / PasswordState

PowerShell module for interacting with ClickStudio's PasswordState password management application
Apache License 2.0
40 stars 14 forks source link

Module Support for PasswordState 8 Active Directory Authentication #9

Open ephos opened 7 years ago

ephos commented 7 years ago

Module Support for PasswordState 8 Active Directory Authentication

Topic

Hello - I wanted to start a discussion topic on support for AD auth now that it is a feature that PasswordState 8 supports.

I would imagine there would need to be support for both methods (both API keys and the newer AD auth) as some organizations might use them side by side, or opt to stick with API keys possibly in an environment without AD. I wasn't sure if there was any plans to add the new functionality to this module but it seems to be the most popular one for PasswordState (and my favorite as well :) ).

High Level Solution

Unless I'm over simplifying it I would think this could be accomplished with parameter sets on the functions. One that takes the API key still and another that would take -Credential, and possibly a 3rd that would take -UseDefaultCredentials.

In the past for other Invoke-RestMethod based API wrappers I've built a splat based on the parameter sets to feed a single command and could maybe leverage that design.

Overall just wanted to start a convorsation on the idea!

devblackops commented 7 years ago

I think that's a great idea!

Yes, multiple parameters sets like you mentioned would be the way to go. Probably also create a private function that actually implements Invoke-RestMethod to centralize any logic needed. All public functions would call the private one. That is the model I use for my NetScaler module.

Is this something you'd like to tackle?

ephos commented 7 years ago

Great! I'd be willing to give it a go. I do like the model you use with the private function to centralize the logic.

ephos commented 6 years ago

I've had some time to start digging into this lately. One thing that is a little tricky especially regarding implementing a private function to feed Invoke-RestMethod is the compatibility for the V6 API. I have never used it myself, we've been at v7 since we've had the product. I can implement it, I'll just need to try and figure out the most graceful way to handle WinAPI vs APIKey vs v6APIKey.

Maybe 3 separate parameter sets on the private function? I was also wondering if it made sense to store them as different option sets in the options file and have _GetDefault return a little more possibly?

Wanted to bounce if off you / whoever else uses this module to see what your thoughts were!