diff --git a/.gitignore b/.gitignore index 0c02585..701743e 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ test.ps1 -Output \ No newline at end of file +Output +Tests \ No newline at end of file diff --git a/DuoSecurity/Private/REST Handler/Invoke-DuoRequest.ps1 b/DuoSecurity/Private/REST Handler/Invoke-DuoRequest.ps1 index 6c17c98..461f716 100644 --- a/DuoSecurity/Private/REST Handler/Invoke-DuoRequest.ps1 +++ b/DuoSecurity/Private/REST Handler/Invoke-DuoRequest.ps1 @@ -173,6 +173,10 @@ function Invoke-DuoRequest { $Body = $Request Write-Verbose $Request } + if ($Method -eq 'PUT') { + $Headers.'Content-Type' = 'application/json' + Write-Verbose $Body + } if ($NoAuth) { $Headers = @{} diff --git a/DuoSecurity/Public/Accounts API/New-DuoAccount.ps1 b/DuoSecurity/Public/Accounts API/New-DuoAccount.ps1 index d7d0ea6..1800774 100644 --- a/DuoSecurity/Public/Accounts API/New-DuoAccount.ps1 +++ b/DuoSecurity/Public/Accounts API/New-DuoAccount.ps1 @@ -36,6 +36,11 @@ function New-DuoAccount { } if ($PSCmdlet.ShouldProcess($Name)) { - Invoke-DuoRequest @DuoRequest + $Response = Invoke-DuoRequest @DuoRequest + if ($Response.stat -eq 'OK') { + $Response.response + } else { + $Response + } } } diff --git a/DuoSecurity/Public/Accounts API/Select-DuoAccount.ps1 b/DuoSecurity/Public/Accounts API/Select-DuoAccount.ps1 index bff7359..404bdf8 100644 --- a/DuoSecurity/Public/Accounts API/Select-DuoAccount.ps1 +++ b/DuoSecurity/Public/Accounts API/Select-DuoAccount.ps1 @@ -26,7 +26,8 @@ function Select-DuoAccount { #> [CmdletBinding()] Param( - [Parameter(Mandatory = $true, ParameterSetName = 'AccountId')] + [Parameter(ValueFromPipelineByPropertyName = $true, Mandatory = $true, ParameterSetName = 'AccountId')] + [Alias('account_id')] [string]$AccountId, [Parameter(Mandatory = $true, ParameterSetName = 'AccountName')] diff --git a/DuoSecurity/Public/Accounts API/Set-DuoAccountEdition.ps1 b/DuoSecurity/Public/Accounts API/Set-DuoAccountEdition.ps1 index 79a8f99..b6e6855 100644 --- a/DuoSecurity/Public/Accounts API/Set-DuoAccountEdition.ps1 +++ b/DuoSecurity/Public/Accounts API/Set-DuoAccountEdition.ps1 @@ -37,7 +37,7 @@ function Set-DuoAccountEdition { Select-DuoAccount -AccountId $AccountId -Quiet $DuoRequest = @{ - Method = 'GET' + Method = 'POST' Path = '/admin/v1/billing/edition' Params = @{ edition = $Edition } } diff --git a/DuoSecurity/Public/Admin API/Policies/Get-DuoPolicies.ps1 b/DuoSecurity/Public/Admin API/Policies/Get-DuoPolicies.ps1 index 0a88cf0..0eca8b4 100644 --- a/DuoSecurity/Public/Admin API/Policies/Get-DuoPolicies.ps1 +++ b/DuoSecurity/Public/Admin API/Policies/Get-DuoPolicies.ps1 @@ -39,7 +39,7 @@ function Get-DuoPolicies { SignatureVersion = 5 } - if ($EndpointKey) { + if ($PolicyKey) { $Request = Invoke-DuoRequest @DuoRequest if ($Request.stat -ne 'OK') { $Request @@ -52,4 +52,4 @@ function Get-DuoPolicies { } } -Set-Alias -Name Get-DuoEndpoint -Value Get-DuoEndpoints +Set-Alias -Name Get-DuoPolicy -Value Get-DuoPolicies diff --git a/DuoSecurity/Public/Admin API/Policies/Update-DuoPolicies.ps1 b/DuoSecurity/Public/Admin API/Policies/Update-DuoPolicies.ps1 new file mode 100644 index 0000000..f917f45 --- /dev/null +++ b/DuoSecurity/Public/Admin API/Policies/Update-DuoPolicies.ps1 @@ -0,0 +1,67 @@ +function Update-DuoPolicies { + <# + .SYNOPSIS + Update policy + + .DESCRIPTION + Update policy section data for all policies or a set of specified policy_key values. Requires "Grant write resource" API permission. + + .PARAMETER policies_to_update + The list of policies to update. + + Key/Value + edit_all_policies + Is true if the changes should be applied to all policies (default). Otherwise false. + + edit_list + An array of policy keys to apply the changes to. Ignored if edit_all_policies is true. + + .PARAMETER policy_changes + The list of changes to apply to the policies specified in policies_to_update. + + Key/Value + sections + The list of policy sections to be updated, with associated keys/values for each section. See Policy Section Data for all sections and their keys/values. + + sections_to_delete + An array of section names to remove from the specified policies. Note that sections cannot be removed from the global policy. + + .EXAMPLE + Update-DuoPolicies -policy_changes @{sections = @{authentication_methods = @{blocked_auth_list = @('webauthn-roaming', 'webauthn-platform')}};sections_to_delete = @()} + + .LINK + https://duo.com/docs/adminapi#update-policies + + .NOTES + General notes + #> + [CmdletBinding(SupportsShouldProcess)] + Param( + [Parameter()] + [hashtable]$policies_to_update = @{edit_all_policies = $true }, + + [Parameter(mandatory = $true)] + [hashtable]$policy_changes + ) + + $Params = @{} + if ($policies_to_update) { $Params.policies_to_update = $policies_to_update } + if ($policy_changes) { $Params.policy_changes = $policy_changes } + + $DuoRequest = @{ + Method = 'PUT' + Path = '/admin/v2/policies/update' + SignatureVersion = 5 + Body = $Params | ConvertTo-Json -Depth 10 -Compress + } + if ($PSCmdlet.ShouldProcess($policies_to_update)) { + $Request = Invoke-DuoRequest @DuoRequest + if ($Request.stat -ne 'OK') { + $Request + } else { + $Request.response + } + } +} + +Set-Alias -Name Update-DuoPolicy -Value Update-DuoPolicies \ No newline at end of file