Session - Add use of global variable, $tss_ignoreversioncheck, for …

…disabling version check
thycotic-ps · Sep 28, 2021 · 2c0ba2a · 2c0ba2a
1 parent 446b7cf
commit 2c0ba2a
Show file tree

Hide file tree

Showing 4 changed files with 31 additions and 20 deletions.
diff --git a/src/Thycotic.SecretServer.psm1 b/src/Thycotic.SecretServer.psm1
@@ -36,11 +36,8 @@ if ($partsDirectory) {
 $script:PSModuleRoot = $PSScriptRoot
 $script:binRoot = [IO.Path]::Combine($PSModuleRoot,'bin')
 $script:clientSdkPath = [IO.Path]::Combine($binRoot,'ClientSdk')
-<#
-    Secret Server does not delete secrets, just disables them.
-    Remove is a common term though and one used by SecretManagement module from Microsoft.
-    Creating an alias to map to Disable function of the module to keep things simplified.
-#>
+$script:ignoreVersion = $tss_ignoreversioncheck
+
 $aliases = @{
     'gts' = 'Get-TssSecret'
     'nts' = 'New-TssSession'

diff --git a/src/Thycotic.SecretServer/cmdlets/private/NewTssApiToken.cs b/src/Thycotic.SecretServer/cmdlets/private/NewTssApiToken.cs
@@ -49,16 +49,22 @@ protected override void ProcessRecord()
             apiClient.BaseUrl = requestUri;
             apiClient.Timeout = Timeout;
 
-            if (string.IsNullOrEmpty(Proxy))
+            WriteVerbose("Base URL set to: " + requestUri);
+            WriteVerbose("Request timeout set to : " + Timeout);
+
+            if (MyInvocation.BoundParameters.ContainsKey("Proxy"))
             {
                 apiClient.Proxy = new WebProxy(Proxy);
+                WriteVerbose("Configuring Proxy for request");
                 if (ProxyUseDefaultCredentials.IsPresent)
                 {
                     apiClient.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials;
+                    WriteVerbose("Default Credentials being used for Proxy");
                 }
                 if (MyInvocation.BoundParameters.ContainsKey("ProxyCredential"))
                 {
                     apiClient.Proxy.Credentials = new NetworkCredential(ProxyCredential.UserName, ProxyCredential.Password);
+                    WriteVerbose("Proxy credential username being set to: " + ProxyCredential.UserName);
                 }
             }
 
@@ -68,12 +74,15 @@ protected override void ProcessRecord()
             if (MyInvocation.BoundParameters.ContainsKey("OtpCode"))
             {
                 apiRequest.AddParameter("otp", OtpCode.ToString(), ParameterType.HttpHeader);
+                WriteVerbose("OTP Code added to request: " + OtpCode.ToString());
             }
 
             apiRequest.AddParameter("username", Username);
+            WriteVerbose("Username: " + Username);
             apiRequest.AddParameter("password", Password);
             apiRequest.AddParameter("grant_type", "password");
 
+            WriteVerbose("Performing the operation " + apiRequest.Method + " " + apiClient.BaseUrl);
             IRestResponse apiResponse = apiClient.Execute(apiRequest);
             WriteObject(apiResponse);
         }

diff --git a/src/functions/authentication/New-TssSession.ps1 b/src/functions/authentication/New-TssSession.ps1
@@ -130,7 +130,6 @@ function New-TssSession {
                 $newTokenParams = @{}
                 $newTokenParams.Uri = $outputTssSession.SecretServer.TrimEnd('/'), 'oauth2', 'token' -join '/'
 
-
                 Write-Verbose "Uri configured for OAuth2 request: $($newTokenParams.Uri)"
                 if ($newTssParams.ContainsKey('OtpCode')) {
                     Write-Verbose "OtpCode provided"
@@ -158,7 +157,7 @@ function New-TssSession {
                 }
 
                 if ($restResponse) {
-                    Write-Verbose "Adding values to TssSession object"
+                    Write-Verbose "Configuring TssSession object"
                     $outputTssSession.AccessToken = $restResponse.access_token
                     $outputTssSession.RefreshToken = $restResponse.refresh_token
                     $outputTssSession.ExpiresIn = $restResponse.expires_in
@@ -236,15 +235,19 @@ function New-TssSession {
             }
             $outputTssSession.StartTime = [datetime]::Now
             Write-Verbose "Setting start time for session: $($outputTssSession.StartTime)"
-            try {
-                Write-Verbose "Attempting to retrieve Secret Server host version"
-                $versionResponse = Get-TssVersion -TssSession $outputTssSession
-                $outputTssSession.SecretServerVersion = $versionResponse.Version
-                if ($outputTssSession.SecretServerVersion) {
-                    Write-Verbose "Version info received successfully: $($outputTssSession.SecretServerVersion)"
+            if ($ignoreVersion -or ((Test-Path variable:tss_ignoreversioncheck) -and $tss_ignoreversioncheck)) {
+                Write-Verbose "tss_ignoreversioncheck set to true, module will not perform Secret Server version check"
+            } else {
+                try {
+                    Write-Verbose "Attempting to retrieve Secret Server host version"
+                    $versionResponse = Get-TssVersion -TssSession $outputTssSession
+                    $outputTssSession.SecretServerVersion = $versionResponse.Version
+                    if ($outputTssSession.SecretServerVersion) {
+                        Write-Verbose "Version info received successfully: $($outputTssSession.SecretServerVersion)"
+                    }
+                } catch {
+                    Write-Warning "Issue reading version of [$SecretServer], this may be due to Hide Secret Server Version Numbers being disabled. Version support is limited in the module and may affect functionality of some functions."
                 }
-            } catch {
-                Write-Warning "Issue reading version of [$SecretServer], this may be due to Hide Secret Server Version Numbers being disabled. Version support is limited in the module and may affect functionality of some functions."
             }
             Write-Verbose "SecretServer host: $($outputTssSession.SecretServer)"
             Write-Verbose "ApiUrl: $($outputTssSession.ApiUrl)"

diff --git a/src/parts/CheckVersion.ps1 b/src/parts/CheckVersion.ps1
@@ -19,10 +19,12 @@ param(
     $Invocation
 )
 process {
-    $source = $Invocation.MyCommand
-    $currentVersion = $TssSession.SecretServerVersion
+    if (-not $ignoreVersion -or (Test-Path variable:tss_ignoreversioncheck -and -not $tss_ignoreversioncheck)) {
+        $source = $Invocation.MyCommand
+        $currentVersion = $TssSession.SecretServerVersion
 
-    if ($currentVersion -lt $MinimumSupported) {
-        Write-Verbose "[$source] is only supported on [$MinimumSupported]+ of Secret Server. Secret Server host [$($TssSession.SecretServer)] version: [$currentVersion]"
+        if ($currentVersion -lt $MinimumSupported) {
+            Write-Verbose "[$source] is only supported on [$MinimumSupported]+ of Secret Server. Secret Server host [$($TssSession.SecretServer)] version: [$currentVersion]"
+        }
     }
 }