michaelkc · April 23, 2018 14:52
diff --git a/CallDlbrCommonLoginSecuredServiceWithToken.ps1 b/CallDlbrCommonLoginSecuredServiceWithToken.ps1
 $ErrorActionPreference = "Stop" 
 Set-StrictMode -Version Latest

 # config.json example contents:
 # {
 #    "Audience":  "<some service audience>",
 #    "Serviceurl":  "<some service url>",
 #    "Idp":  "idp.dlbr.dk",
 #    "Serviceaccountusername":  "<some service account username>",
 #    "Serviceaccountpassword":  "<some service account password>"
 #}
 $config = Get-Content ".\config.json" | ConvertFrom-Json

 Function Test-Sha256Sum([string]$file, [string]$expectedSha256Hash)
 {
    $normalizedExpectedSha256Hash = $expectedSha256Hash.ToLowerInvariant()
 	$sha256Hash = (Get-FileHash -Algorithm SHA256 -Path $file).Hash.ToLowerInvariant()    
 	if ($sha256Hash -eq $normalizedExpectedSha256Hash)
 	{
 		return $true
 	}
 	Write-Warning "File $file has unexpected sha256sum $sha256Hash"
 	return $false
 }
 Function Initialize-ExeFromUrl([string]$filename, [string]$url, [string]$expectedSha256Hash)
 {
    $workFolder = "$env:temp\$expectedSha256Hash"
    $outfile = "$workfolder\$filename"
    mkdir -force $workFolder | out-null
    if (Test-Path $outfile)
    {
        if (Test-Sha256Sum $outfile $expectedSha256Hash)
        {
            return $outfile
        }
        Remove-Item $outfile
    }
    Invoke-WebRequest -UseBasicParsing $url -Outfile $outfile
    if (Test-Sha256Sum $outfile $expectedSha256Hash)
    {
 		return $outfile
    }
 	throw ("Hash mismatch, expected $expectedSha256Hash")
 }


 Function Initialize-NugetExe
 {
    $url = "https://dist.nuget.org/win-x86-commandline/v4.6.2/nuget.exe"
    $expectedHash = "2c562c1a18d720d4885546083ec8eaad6773a6b80befb02564088cc1e55b304e"
    $nuget = Initialize-ExeFromUrl `
        -filename "nuget.exe" `
        -url $url `
        -expectedSha256Hash $expectedHash
    return $nuget
 }

 Function Initialize-NugetAssembly([string]$packagename, [string]$packageversion, [string]$assemblypath, [string]$expectedSha256Hash)
 {
 	$workFolder = "$($env:temp)\$($packagename)_$($packageversion)\"

 	$nuget = Initialize-NugetExe
 	Push-Location
 	try
 	{	
 		mkdir -Force $workFolder | Out-Null
 		Set-Location $workFolder
 		&$nuget install $packagename -Version $packageversion -Verbosity Quiet
 		$assembly = "$workfolder\$packagename.$packageversion$assemblypath"
 		if (Test-Sha256Sum $assembly $expectedSha256Hash)
 		{
 			[Void][Reflection.Assembly]::LoadFrom($assembly)
 		}
 		else 
 		{
 			throw ("Hash mismatch, expected $expectedSha256Hash")
 		}
 	}
 	finally
 	{
 		Pop-Location
 	}

 }

 function Initialize-IdentityModel()
 {
    Initialize-NugetAssembly `
        -packagename "Dlbr.CommonLogin.IdentityModel" `
        -packageversion "0.0.23" `
        -assemblypath "\lib\net45\Dlbr.CommonLogin.IdentityModel.dll" `
        -expectedSha256Hash "f6257bae208438aed6a6743f4b0ce4ed9abbaf40d33d0970e0c533e395bf737f"
 }

 function Get-Token($idp = $(throw "Specify IdP (e.g. si-idp.vfltest.dk)"),
                           $audience = $(throw "Specify audience"),
                           $username = $(throw "Specify Username"),
                           $password = $(throw "Specify password"))
 {
    Write-Host "Requesting token for $username at $audience / $idp"
    $wsTrustClient = New-Object Dlbr.CommonLogin.IdentityModel.WsTrustClient($idp)
    $token = $wsTrustClient.GetSecurityToken($audience, $username, $password)
    Write-Host "Issued token $($token.Id)"
    return $token
 }


 function Get-DeflatedToken($Token)
 {
    $tokenXml = $token.TokenXml.OuterXml
    $deflater = New-Object Dlbr.CommonLogin.IdentityModel.WebApi.DeflatedSamlTokenHeaderEncoder
    $blob = $deflater.Encode($tokenXml)
    return $blob
 }

 Initialize-IdentityModel 

 $token = Get-Token $config.Idp $config.Audience $config.Serviceaccountusername $config.Serviceaccountpassword
 $authzHeaderTokenBlob = Get-DeflatedToken $token
 $headers = @{}
 $headers.Authorization = "Bearer $authzHeaderTokenBlob"
 $contenttype = "application/json;charset=utf-8"
 $response = Invoke-WebRequest -Method Get -Headers $headers -ContentType $contenttype -UseBasicParsing -Uri $config.Serviceurl
 Write-Host "$($response.StatusCode) $response"
	$ErrorActionPreference = "Stop"
	Set-StrictMode -Version Latest

	# config.json example contents:
	# {
	# "Audience": "<some service audience>",
	# "Serviceurl": "<some service url>",
	# "Idp": "idp.dlbr.dk",
	# "Serviceaccountusername": "<some service account username>",
	# "Serviceaccountpassword": "<some service account password>"
	#}
	$config = Get-Content ".\config.json" \| ConvertFrom-Json

	Function Test-Sha256Sum([string]$file, [string]$expectedSha256Hash)
	{
	$normalizedExpectedSha256Hash = $expectedSha256Hash.ToLowerInvariant()
	$sha256Hash = (Get-FileHash -Algorithm SHA256 -Path $file).Hash.ToLowerInvariant()
	if ($sha256Hash -eq $normalizedExpectedSha256Hash)
	{
	return $true
	}
	Write-Warning "File $file has unexpected sha256sum $sha256Hash"
	return $false
	}
	Function Initialize-ExeFromUrl([string]$filename, [string]$url, [string]$expectedSha256Hash)
	{
	$workFolder = "$env:temp\$expectedSha256Hash"
	$outfile = "$workfolder\$filename"
	mkdir -force $workFolder \| out-null
	if (Test-Path $outfile)
	{
	if (Test-Sha256Sum $outfile $expectedSha256Hash)
	{
	return $outfile
	}
	Remove-Item $outfile
	}
	Invoke-WebRequest -UseBasicParsing $url -Outfile $outfile
	if (Test-Sha256Sum $outfile $expectedSha256Hash)
	{
	return $outfile
	}
	throw ("Hash mismatch, expected $expectedSha256Hash")
	}


	Function Initialize-NugetExe
	{
	$url = "https://dist.nuget.org/win-x86-commandline/v4.6.2/nuget.exe"
	$expectedHash = "2c562c1a18d720d4885546083ec8eaad6773a6b80befb02564088cc1e55b304e"
	$nuget = Initialize-ExeFromUrl `
	-filename "nuget.exe" `
	-url $url `
	-expectedSha256Hash $expectedHash
	return $nuget
	}

	Function Initialize-NugetAssembly([string]$packagename, [string]$packageversion, [string]$assemblypath, [string]$expectedSha256Hash)
	{
	$workFolder = "$($env:temp)\$($packagename)_$($packageversion)\"

	$nuget = Initialize-NugetExe
	Push-Location
	try
	{
	mkdir -Force $workFolder \| Out-Null
	Set-Location $workFolder
	&$nuget install $packagename -Version $packageversion -Verbosity Quiet
	$assembly = "$workfolder\$packagename.$packageversion$assemblypath"
	if (Test-Sha256Sum $assembly $expectedSha256Hash)
	{
	[Void][Reflection.Assembly]::LoadFrom($assembly)
	}
	else
	{
	throw ("Hash mismatch, expected $expectedSha256Hash")
	}
	}
	finally
	{
	Pop-Location
	}

	}

	function Initialize-IdentityModel()
	{
	Initialize-NugetAssembly `
	-packagename "Dlbr.CommonLogin.IdentityModel" `
	-packageversion "0.0.23" `
	-assemblypath "\lib\net45\Dlbr.CommonLogin.IdentityModel.dll" `
	-expectedSha256Hash "f6257bae208438aed6a6743f4b0ce4ed9abbaf40d33d0970e0c533e395bf737f"
	}

	function Get-Token($idp = $(throw "Specify IdP (e.g. si-idp.vfltest.dk)"),
	$audience = $(throw "Specify audience"),
	$username = $(throw "Specify Username"),
	$password = $(throw "Specify password"))
	{
	Write-Host "Requesting token for $username at $audience / $idp"
	$wsTrustClient = New-Object Dlbr.CommonLogin.IdentityModel.WsTrustClient($idp)
	$token = $wsTrustClient.GetSecurityToken($audience, $username, $password)
	Write-Host "Issued token $($token.Id)"
	return $token
	}


	function Get-DeflatedToken($Token)
	{
	$tokenXml = $token.TokenXml.OuterXml
	$deflater = New-Object Dlbr.CommonLogin.IdentityModel.WebApi.DeflatedSamlTokenHeaderEncoder
	$blob = $deflater.Encode($tokenXml)
	return $blob
	}

	Initialize-IdentityModel

	$token = Get-Token $config.Idp $config.Audience $config.Serviceaccountusername $config.Serviceaccountpassword
	$authzHeaderTokenBlob = Get-DeflatedToken $token
	$headers = @{}
	$headers.Authorization = "Bearer $authzHeaderTokenBlob"
	$contenttype = "application/json;charset=utf-8"
	$response = Invoke-WebRequest -Method Get -Headers $headers -ContentType $contenttype -UseBasicParsing -Uri $config.Serviceurl
	Write-Host "$($response.StatusCode) $response"