first test for zvma

This commit is contained in:
2023-06-22 17:47:49 -07:00
parent ad8b61e19f
commit 05253026e4
4 changed files with 91 additions and 19 deletions
+25 -13
View File
@@ -1,4 +1,3 @@
<# .ExternalHelp ./en-us/ZertoApiWrapper-help.xml #>
function Connect-ZertoServer {
[cmdletbinding()]
[OutputType([hashtable])]
@@ -18,26 +17,31 @@ function Connect-ZertoServer {
)]
[System.Management.Automation.PSCredential]$credential,
[Parameter(
HelpMessage = "Zerto Virtual Manager management port. Default value is 9669."
HelpMessage = "Zerto Virtual Manager management port. Default value is 443."
)]
[ValidateNotNullOrEmpty()]
[ValidateRange(1024, 65535)]
[Alias("port")]
[string]$zertoPort = "9669",
[string]$zertoPort = "443",
[Parameter(
HelpMessage = "Zerto Keycloak client id. Default value is zerto-client."
)]
[ValidateNotNullOrEmpty()]
[Alias("clientid")]
[string]$zertoClientId = "zerto-client",
[Parameter(
HelpMessage = "Use this switch to indicate that you would like the module to take care of auto re-authorization and reconnection to the ZVM should the token expire. This option will cache your PSCredential object to be reused"
)]
[switch]$AutoReconnect,
[Parameter(
HelpMessage = "Use this switch to return the headers to a specified variable or to the default output."
HelpMessage = "Use this switch to return the Bearer Token to a specified variable or to the default output."
)]
[switch]$returnHeaders
[switch]$returnToken
)
begin {
$body = '{"AuthenticationMethod": "1"}'
$uri = "session/add"
$uri = "auth/realms/zerto/protocol/openid-connect/token"
# Set Script Scope Variables for Use in all functions in the module; Server and Port Information
Set-Variable -Name zvmServer -Scope Script -Value $zertoServer
Set-Variable -Name zvmPort -Scope Script -Value $zertoPort
@@ -45,26 +49,34 @@ function Connect-ZertoServer {
Set-Variable -Name zvmLastAction -Scope Script -Value $(Get-Date).Ticks
# Set / Clear the zvmHeaders to clear any existing token
Set-Variable -Name zvmHeaders -Scope Script -Value @{
"Accept" = "application/json"
#"Accept" = "application/json"
"zerto-triggered-by" = "PowershellWes"
}
Set-Variable -Name Reconnect -Scope Script -Value $AutoReconnect.IsPresent
if ($Script:Reconnect) {
Set-Variable -Name CachedCredential -Scope Script -Value $credential
}
Set-Variable -Name zertoClientId -Scope Script -Value $zertoClientId
$body = @{
'client_id' = $script:zertoClientId
'username' = $credential.GetNetworkCredential().Username
'password' = $credential.GetNetworkCredential().Password
'grant_type' = 'password'
}
}
process {
# Send authorization request to the function and send back the results including headers
$results = Invoke-ZertoRestRequest -uri $uri -credential $credential -returnHeaders -body $body -method POST -ErrorAction Stop
# Send authorization request to the function and send back the results including headers -returnHeaders
$results = Invoke-ZertoRestRequest -uri $uri -credential $credential -body $body -method POST -ErrorAction Stop
}
end {
# Build Headers Hashtable with Authorization Token
$Script:zvmHeaders['x-zerto-session'] = $results.Headers['x-zerto-session'][0].ToString()
$script:zvmHeaders['Authorization'] = "Bearer " + $results.access_token.ToString()
# Have the option to return the headers to a variable
if ($returnHeaders) {
if ($returnToken) {
return $Script:zvmHeaders
}
}
+2 -1
View File
@@ -1,4 +1,5 @@
<# .ExternalHelp ./en-us/ZertoApiWrapper-help.xml #>
<# .ExternalHelp ./en-us/ZertoApiWrapper-help.xml
#>
function Get-ZertoVpg {
[cmdletbinding( DefaultParameterSetName = "main" )]
param(
@@ -1,4 +1,3 @@
<# .ExternalHelp ./en-us/ZertoApiWrapper-help.xml #>
function Invoke-ZertoRestRequest {
[cmdletbinding()]
param(
@@ -54,7 +53,35 @@ function Invoke-ZertoRestRequest {
$script:zvmLastAction = (Get-Date).Ticks
# If running PwSh - Use this Invoke-RestMethod with passed Variables
if ($PSVersionTable.PSVersion.Major -ge 6) {
$apiRequestResults = Invoke-RestMethod -Uri $submittedURI -Headers $script:zvmHeaders -Method $method -Body $body -ContentType $contentType -Credential $credential -SkipCertificateCheck -ResponseHeadersVariable responseHeaders -TimeoutSec 100
# If we are authenticating to the ZVM, Use this block to use Invoke-WebRequest and format the Headers as expected.
if ($uri -eq "auth/realms/zerto/protocol/openid-connect/token" -and $method -eq "POST") {
write-host "in the loop"
$data = @{
'client_id' = 'zerto-client'
'username' = 'admin'
'password' = 'Zertodata987!'
'grant_type' = 'password'
}
$params = @{
'Uri' = 'https://192.168.50.60/auth/realms/zerto/protocol/openid-connect/token'
'Method' = 'Post'
'Body' = $data
'ContentType' = 'application/x-www-form-urlencoded'
}
$apiRequestResults = Invoke-RestMethod @params -SkipCertificateCheck
$ExpiresIn = $apiRequestResults.expires_in
$script:AuthExpiresAt = (Get-Date).AddSeconds($ExpiresIn)
$script:refreshToken = $apiRequestResults.refresh_token
$responseHeaders = @{ }
$responseHeaders['Authorization'] = "Bearer " + @($apiRequestResults.access_token)
} else {
$apiRequestResults = Invoke-RestMethod -Uri $submittedURI -Headers $script:zvmHeaders -Method $method -Body $body -ContentType $contentType -Credential $credential -SkipCertificateCheck -ResponseHeadersVariable responseHeaders -TimeoutSec 100
Write-Host $apiRequestResults
}
} else {
# If running PowerShell 5.1 --> Do the Following
# Check to see if All Certs are Trusted. If not, Create the Policy to Trust All Certificates
@@ -79,10 +106,20 @@ public class TrustAllCertsPolicy : ICertificatePolicy {
}
# If we are authenticating to the ZVM, Use this block to use Invoke-WebRequest and format the Headers as expected.
if ($uri -eq "session/add" -and $method -eq "POST") {
if ($uri -eq "auth/realms/zerto/protocol/openid-connect/token" -and $method -eq "POST") {
$submittedURI = "https://{0}:{1}/{2}" -f $script:zvmServer, $script:zvmPort, $uri
$body = @{
'client_id' = $script:zertoClientId
'username' = $credential.GetNetworkCredential().Username
'password' = $credential.GetNetworkCredential().Password
'grant_type' = 'password'
}
$contentType = 'application/x-www-form-urlencoded'
$apiRequestResults = Invoke-WebRequest -Uri $submittedURI -Headers $script:zvmHeaders -Method $method -Body $body -ContentType $contentType -Credential $credential -TimeoutSec 100
$responseHeaders = @{ }
$responseHeaders['x-zerto-session'] = @($apiRequestResults.Headers['x-zerto-session'])
Write-Host $apiRequestResults
#$responseHeaders = @{ }
#$responseHeaders['x-zerto-session'] = @($apiRequestResults.Headers['x-zerto-session'])
} elseif ($method -ne "GET") {
# If the Method is something other than 'GET' use this call with a body parameter
$apiRequestResults = Invoke-RestMethod -Uri $submittedURI -Headers $script:zvmHeaders -Method $method -Body $body -ContentType $contentType -Credential $credential -TimeoutSec 100
+22
View File
@@ -0,0 +1,22 @@
$Body = @{
'client_id' = 'zerto-client'
'username' = 'admin'
'password' = 'Zertodata987!'
'grant_type' = 'password'
}
$Params = @{
'Uri' = 'https://192.168.50.60/auth/realms/zerto/protocol/openid-connect/token'
'Method' = 'Post'
'Body' = $Body
'ContentType' = 'application/x-www-form-urlencoded'
}
$Result = Invoke-RestMethod @Params -SkipCertificateCheck
Write-Host $Result
$ExpiresIn = $Result.expires_in
$ExpiresAt = (Get-Date).AddSeconds($ExpiresIn)
Write-Host $ExpiresAt
Write-Host $Result