GoogleApps-API-Module/GoogleApps.psm1 at master · ITMicaH/GoogleApps-API-Module · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
. "$PSScriptRoot\GoogleAppsClasses.ps1"
. "$PSScriptRoot\GoogleCalendar.ps1"
#region helper functions

# Get or refresh access token
function Get-GoogleAccessToken
{
    [CmdletBinding()]
    Param(
        # Google App to gain access to
        [Parameter(Mandatory=$true)]
        [GoogleApp]
        $App,

        # Refresh current token
        [switch]
        $Refresh
    )

    $ClientIDInfo = Get-ItemProperty -Path HKCU:\Software\GooglePoSH
    $TokenParams = @{
        client_id = $ClientIDInfo.client_id
        client_secret = $ClientIDInfo.client_secret
        grant_type = 'refresh_token';
    }
    If ($ClientIDInfo."$App`Token")
    {
        $BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR(($ClientIDInfo."$App`Token" | ConvertTo-SecureString))
        $TokenParams.Add('refresh_token',[System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR))
        [Runtime.InteropServices.Marshal]::ZeroFreeBSTR($BSTR)
    }
    else
    {
        $BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR(($ClientIDInfo."$App`Code" | ConvertTo-SecureString))
        $TokenParams.Add('code',[System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR))
        [Runtime.InteropServices.Marshal]::ZeroFreeBSTR($BSTR)
        $TokenParams.grant_type = 'authorization_code'
        $TokenParams.Add('redirect_uri',$ClientIDInfo.redirect_uris[0])
        Try
        {
            $Token = Invoke-WebRequest -Uri $ClientIDInfo.token_uri -Method POST -Body $TokenParams -ErrorAction Stop | ConvertFrom-Json
        }
        catch
        {
            Throw 'Unable to get authorization code. Please reset.'
        }
        $SecureToken = $Token.refresh_token | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString
        $null = New-ItemProperty -Path HKCU:\Software\GooglePoSH -Name "$App`Token" -Value $SecureToken
        $TokenParams.Add('refresh_token',$Token.refresh_token)
        $TokenParams.Remove('code')
        $TokenParams.Remove('redirect_uri')
        $TokenParams.grant_type = 'refresh_token'
    }
    $RefreshedToken = Invoke-WebRequest -Uri "https://accounts.google.com/o/oauth2/token" -Method POST -Body $TokenParams | ConvertFrom-Json
    New-Variable -Name "$App`Access" -Scope global -Value @{
        access_token = $RefreshedToken.access_token
        expires = (Get-Date).AddSeconds($RefreshedToken.expires_in)
    } -Force -PassThru | select -ExpandProperty Value
}

# Invoke a Google API request
function Invoke-GoogleAPI
{
    [CmdletBinding()]
    Param(
        # Google App to connect to
        [Parameter(Mandatory=$true)]
        [GoogleApp]
        $App,

        [Microsoft.PowerShell.Commands.WebRequestMethod]
        $Method = 'Default',

        [Parameter(Mandatory=$true)]
        [string]
        $Target,

        [hashtable]
        $Options,

        $Body
    )

    $ClientIDInfo = Get-ItemProperty -Path HKCU:\Software\GooglePoSH
    $AccessToken = Get-Variable -Name "$App`Access" -ValueOnly -ErrorAction SilentlyContinue
    If (!$AccessToken -or ($AccessToken.expires -le (Get-Date)))
    {
        Write-Verbose 'Getting new access token'
        $AccessToken = Get-GoogleAccessToken -App $App -ErrorAction Stop
        sleep -Milliseconds 500
    }

    $WRProperties = @{
        URI = "$($App.BaseURI)/$Target`?access_token=$($AccessToken.access_token)"
        Method = $Method
    }
    switch ($PsBoundParameters.Keys)
    {
        Body    {$WRProperties.Add('Body',$Body)}
        Options {$WRProperties.URI = $WRProperties.URI + '&' + ($Options.GetEnumerator().ForEach{"$($_.Key)=$($_.Value)"} -join '&')}
    }

    Invoke-WebRequest @WRProperties -ContentType 'application/json;charset=utf-8' | ConvertFrom-Json
}

# Set up a connection to the API of a Google app
function Connect-GoogleApp
{
    [CmdletBinding()]
    Param(
        # Google App to connect to
        [Parameter(Mandatory=$true)]
        [ValidateSet('Calendar')]
        [GoogleApp]
        $App,

        # Path to the json file with the client secret
        [Parameter(Mandatory=$false)]
        $File = "$env:OneDriveConsumer\Documenten\PoSH\Modules\GoogleApps\client_secret.json",

        # Reset and re-authorize the connection
        [switch]
        $Reset
    )
    $CodeName = "$App`Code"
    If ($ClientIDInfo = Get-ItemProperty -Path HKCU:\Software\GooglePoSH -ErrorAction SilentlyContinue)
    {
        If ($ClientIDInfo.$CodeName)
        {
            Write-Verbose "Retreiving authorization code [$CodeName] from registry..."
            $SecureCode = $ClientIDInfo.$CodeName
        }
    }
    elseif ($PSBoundParameters.File)
    {
        Write-Verbose "Creating new Authorization code using file [$File]"
        $ClientIDInfo = Get-Content $File -ErrorAction Stop | ConvertFrom-Json | select -ExpandProperty Installed

        $null = New-Item HKCU:\Software\GooglePoSH
        Set-ItemProperty -Path HKCU:\Software\GooglePoSH -Name client_id -Value $ClientIDInfo.client_id
        Set-ItemProperty -Path HKCU:\Software\GooglePoSH -Name client_secret -Value $ClientIDInfo.client_secret
        Set-ItemProperty -Path HKCU:\Software\GooglePoSH -Name auth_uri -Value $ClientIDInfo.auth_uri
        Set-ItemProperty -Path HKCU:\Software\GooglePoSH -Name token_uri -Value $ClientIDInfo.token_uri
        Set-ItemProperty -Path HKCU:\Software\GooglePoSH -Name redirect_uris -Type MultiString -Value $ClientIDInfo.redirect_uris
    }
    else
    {
        Write-Error "No cached authorization found. Please provide a file containing a client secret." -Category NotSpecified
        return
    }
    If (!$SecureCode -or $Reset)
    {
        $Scope = $App.Scope
        $URL = "$($ClientIDInfo.auth_uri)?client_id=$($ClientIDInfo.client_id)" +`
                "&redirect_uri=$($ClientIDInfo.redirect_uris[0])" +`
                "&scope=$Scope&response_type=code"
        Start-Process $URL
        $SecureCode = Read-Host "Please enter your authorization code" -AsSecureString |
            ConvertFrom-SecureString
        $null = New-ItemProperty -Path HKCU:\Software\GooglePoSH -Name $CodeName -Value $SecureCode -Force
        If ($ClientIDInfo."$App`Token")
        {
            Remove-ItemProperty -Path HKCU:\Software\GooglePoSH -Name "$App`Token"
        }
    }
    Get-GoogleAccessToken -App $App
}

#endregion helper functions